Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report 01_extracted.exe

Overview

General Information

Sample Name:01_extracted.exe
Analysis ID:483429
MD5:59f356092b9f54b4ee5563a2fb8a3255
SHA1:252ee78cd1597581b9dc14253a77526ef344af38
SHA256:2206669cc770b99bfdcc44079e5f218a3b4161c7c973f652d6a497a58031bf1d
Tags:exe
Infos:

Most interesting Screenshot:

Detection

Nanocore
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Found malware configuration
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Malicious sample detected (through community Yara rule)
Sigma detected: NanoCore
Yara detected Nanocore RAT
Detected Nanocore Rat
C2 URLs / IPs found in malware configuration
Hides that the sample has been downloaded from the Internet (zone.identifier)
Machine Learning detection for sample
Uses dynamic DNS services
.NET source code contains potential unpacker
Uses 32bit PE files
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Yara signature match
Antivirus or Machine Learning detection for unpacked file
May sleep (evasive loops) to hinder dynamic analysis
Detected TCP or UDP traffic on non-standard ports
Internet Provider seen in connection with other malware
Sample execution stops while process was sleeping (likely an evasion)
Contains long sleeps (>= 3 min)
Enables debug privileges

Classification

Process Tree

  • System is w10x64
  • 01_extracted.exe (PID: 2392 cmdline: 'C:\Users\user\Desktop\01_extracted.exe' MD5: 59F356092B9F54B4EE5563A2FB8A3255)
  • cleanup

Malware Configuration

Threatname: NanoCore

{"Version": "1.2.2.0", "Mutex": "af905a54-91e0-44a6-90a1-2d1125da", "Group": "septe123", "Domain1": "sunnysept.duckdns.org", "Domain2": "sunnysept.duckdns.org", "Port": 5500, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}

Yara Overview

Initial Sample

SourceRuleDescriptionAuthorStrings
01_extracted.exeNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
  • 0x1018d:$x1: NanoCore.ClientPluginHost
  • 0x101ca:$x2: IClientNetworkHost
  • 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
01_extracted.exeNanocore_RAT_Feb18_1Detects Nanocore RATFlorian Roth
  • 0xff05:$x1: NanoCore Client.exe
  • 0x1018d:$x2: NanoCore.ClientPluginHost
  • 0x117c6:$s1: PluginCommand
  • 0x117ba:$s2: FileCommand
  • 0x1266b:$s3: PipeExists
  • 0x18422:$s4: PipeCreated
  • 0x101b7:$s5: IClientLoggingHost
01_extracted.exeJoeSecurity_NanocoreYara detected Nanocore RATJoe Security
    01_extracted.exeNanoCoreunknown Kevin Breen <kevin@techanarchy.net>
    • 0xfef5:$a: NanoCore
    • 0xff05:$a: NanoCore
    • 0x10139:$a: NanoCore
    • 0x1014d:$a: NanoCore
    • 0x1018d:$a: NanoCore
    • 0xff54:$b: ClientPlugin
    • 0x10156:$b: ClientPlugin
    • 0x10196:$b: ClientPlugin
    • 0x1007b:$c: ProjectData
    • 0x10a82:$d: DESCrypto
    • 0x1844e:$e: KeepAlive
    • 0x1643c:$g: LogClientMessage
    • 0x12637:$i: get_Connected
    • 0x10db8:$j: #=q
    • 0x10de8:$j: #=q
    • 0x10e04:$j: #=q
    • 0x10e34:$j: #=q
    • 0x10e50:$j: #=q
    • 0x10e6c:$j: #=q
    • 0x10e9c:$j: #=q
    • 0x10eb8:$j: #=q

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmpNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
    • 0xff8d:$x1: NanoCore.ClientPluginHost
    • 0xffca:$x2: IClientNetworkHost
    • 0x13afd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
    00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmpJoeSecurity_NanocoreYara detected Nanocore RATJoe Security
      00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmpNanoCoreunknown Kevin Breen <kevin@techanarchy.net>
      • 0xfcf5:$a: NanoCore
      • 0xfd05:$a: NanoCore
      • 0xff39:$a: NanoCore
      • 0xff4d:$a: NanoCore
      • 0xff8d:$a: NanoCore
      • 0xfd54:$b: ClientPlugin
      • 0xff56:$b: ClientPlugin
      • 0xff96:$b: ClientPlugin
      • 0xfe7b:$c: ProjectData
      • 0x10882:$d: DESCrypto
      • 0x1824e:$e: KeepAlive
      • 0x1623c:$g: LogClientMessage
      • 0x12437:$i: get_Connected
      • 0x10bb8:$j: #=q
      • 0x10be8:$j: #=q
      • 0x10c04:$j: #=q
      • 0x10c34:$j: #=q
      • 0x10c50:$j: #=q
      • 0x10c6c:$j: #=q
      • 0x10c9c:$j: #=q
      • 0x10cb8:$j: #=q
      Process Memory Space: 01_extracted.exe PID: 2392Nanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
      • 0xb485:$x1: NanoCore.ClientPluginHost
      • 0xb4c2:$x2: IClientNetworkHost
      • 0xefb3:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
      • 0x1a039:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
      Process Memory Space: 01_extracted.exe PID: 2392JoeSecurity_NanocoreYara detected Nanocore RATJoe Security
        Click to see the 1 entries

        Unpacked PEs

        SourceRuleDescriptionAuthorStrings
        0.0.01_extracted.exe.260000.0.unpackNanocore_RAT_Gen_2Detetcs the Nanocore RATFlorian Roth
        • 0x1018d:$x1: NanoCore.ClientPluginHost
        • 0x101ca:$x2: IClientNetworkHost
        • 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
        0.0.01_extracted.exe.260000.0.unpackNanocore_RAT_Feb18_1Detects Nanocore RATFlorian Roth
        • 0xff05:$x1: NanoCore Client.exe
        • 0x1018d:$x2: NanoCore.ClientPluginHost
        • 0x117c6:$s1: PluginCommand
        • 0x117ba:$s2: FileCommand
        • 0x1266b:$s3: PipeExists
        • 0x18422:$s4: PipeCreated
        • 0x101b7:$s5: IClientLoggingHost
        0.0.01_extracted.exe.260000.0.unpackJoeSecurity_NanocoreYara detected Nanocore RATJoe Security
          0.0.01_extracted.exe.260000.0.unpackNanoCoreunknown Kevin Breen <kevin@techanarchy.net>
          • 0xfef5:$a: NanoCore
          • 0xff05:$a: NanoCore
          • 0x10139:$a: NanoCore
          • 0x1014d:$a: NanoCore
          • 0x1018d:$a: NanoCore
          • 0xff54:$b: ClientPlugin
          • 0x10156:$b: ClientPlugin
          • 0x10196:$b: ClientPlugin
          • 0x1007b:$c: ProjectData
          • 0x10a82:$d: DESCrypto
          • 0x1844e:$e: KeepAlive
          • 0x1643c:$g: LogClientMessage
          • 0x12637:$i: get_Connected
          • 0x10db8:$j: #=q
          • 0x10de8:$j: #=q
          • 0x10e04:$j: #=q
          • 0x10e34:$j: #=q
          • 0x10e50:$j: #=q
          • 0x10e6c:$j: #=q
          • 0x10e9c:$j: #=q
          • 0x10eb8:$j: #=q

          Sigma Overview

          AV Detection:

          barindex
          Sigma detected: NanoCoreShow sources
          Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\01_extracted.exe, ProcessId: 2392, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

          E-Banking Fraud:

          barindex
          Sigma detected: NanoCoreShow sources
          Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\01_extracted.exe, ProcessId: 2392, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

          Stealing of Sensitive Information:

          barindex
          Sigma detected: NanoCoreShow sources
          Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\01_extracted.exe, ProcessId: 2392, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

          Remote Access Functionality:

          barindex
          Sigma detected: NanoCoreShow sources
          Source: File createdAuthor: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\01_extracted.exe, ProcessId: 2392, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

          Jbx Signature Overview

          Click to jump to signature section

          Show All Signature Results

          AV Detection:

          barindex
          Antivirus / Scanner detection for submitted sampleShow sources
          Source: 01_extracted.exeAvira: detected
          Found malware configurationShow sources
          Source: 0.0.01_extracted.exe.260000.0.unpackMalware Configuration Extractor: NanoCore {"Version": "1.2.2.0", "Mutex": "af905a54-91e0-44a6-90a1-2d1125da", "Group": "septe123", "Domain1": "sunnysept.duckdns.org", "Domain2": "sunnysept.duckdns.org", "Port": 5500, "KeyboardLogging": "Enable", "RunOnStartup": "Disable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}
          Yara detected Nanocore RATShow sources
          Source: Yara matchFile source: 01_extracted.exe, type: SAMPLE
          Source: Yara matchFile source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTR
          Machine Learning detection for sampleShow sources
          Source: 01_extracted.exeJoe Sandbox ML: detected
          Source: 0.0.01_extracted.exe.260000.0.unpackAvira: Label: TR/Dropper.MSIL.Gen7
          Source: 01_extracted.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED
          Source: C:\Users\user\Desktop\01_extracted.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_d08c58b4442ba54f\MSVCR80.dllJump to behavior

          Networking:

          barindex
          Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49733 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49734 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49735 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49736 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49737 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49744 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49745 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49746 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49767 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49773 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49774 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49777 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49783 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49786 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49787 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49788 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49790 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49795 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49797 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49798 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49799 -> 194.147.140.14:5500
          Source: TrafficSnort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49800 -> 194.147.140.14:5500
          C2 URLs / IPs found in malware configurationShow sources
          Source: Malware configuration extractorURLs: sunnysept.duckdns.org
          Uses dynamic DNS servicesShow sources
          Source: unknownDNS query: name: sunnysept.duckdns.org
          Source: global trafficTCP traffic: 192.168.2.3:49733 -> 194.147.140.14:5500
          Source: Joe Sandbox ViewASN Name: PTPEU PTPEU
          Source: unknownDNS traffic detected: queries for: sunnysept.duckdns.org

          E-Banking Fraud:

          barindex
          Yara detected Nanocore RATShow sources
          Source: Yara matchFile source: 01_extracted.exe, type: SAMPLE
          Source: Yara matchFile source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTR

          System Summary:

          barindex
          Malicious sample detected (through community Yara rule)Show sources
          Source: 01_extracted.exe, type: SAMPLEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
          Source: 01_extracted.exe, type: SAMPLEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
          Source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPEMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
          Source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPEMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
          Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORYMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
          Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORYMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
          Source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTRMatched rule: Detetcs the Nanocore RAT Author: Florian Roth
          Source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTRMatched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
          Source: 01_extracted.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED
          Source: 01_extracted.exe, type: SAMPLEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
          Source: 01_extracted.exe, type: SAMPLEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
          Source: 01_extracted.exe, type: SAMPLEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
          Source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
          Source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPEMatched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
          Source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPEMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
          Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORYMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
          Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORYMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
          Source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTRMatched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
          Source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTRMatched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
          Source: 01_extracted.exeStatic PE information: Section: .rsrc ZLIB complexity 0.999732142857
          Source: C:\Users\user\Desktop\01_extracted.exeFile read: C:\Users\user\Desktop\01_extracted.exeJump to behavior
          Source: 01_extracted.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          Source: C:\Users\user\Desktop\01_extracted.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeSection loaded: C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9603718106bd57ecfbb18fefd769cab4\mscorlib.ni.dllJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeSection loaded: C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlpJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeSection loaded: C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlpJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32Jump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeMutant created: \Sessions\1\BaseNamedObjects\Global\{af905a54-91e0-44a6-90a1-2d1125da804b}
          Source: C:\Users\user\Desktop\01_extracted.exeMutant created: \Sessions\1\BaseNamedObjects\Global\.net clr networking
          Source: C:\Users\user\Desktop\01_extracted.exeFile created: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9AJump to behavior
          Source: classification engineClassification label: mal100.troj.evad.winEXE@1/2@22/1
          Source: 01_extracted.exe, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'CreateDecryptor'
          Source: 01_extracted.exe, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'TransformFinalBlock'
          Source: 01_extracted.exe, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csCryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'CreateDecryptor'
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqVxXNKnhAcArgJoGGYXiyyQu003du003d.csCryptographic APIs: 'TransformFinalBlock'
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csCryptographic APIs: 'TransformFinalBlock', 'CreateDecryptor'
          Source: 01_extracted.exe, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Security.Principal.WindowsIdentity System.Security.Principal.WindowsIdentity::GetCurrent()
          Source: 01_extracted.exe, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Boolean System.Security.Principal.WindowsPrincipal::IsInRole(System.Security.Principal.WindowsBuiltInRole)
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Security.Principal.WindowsIdentity System.Security.Principal.WindowsIdentity::GetCurrent()
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.csSecurity API names: System.Boolean System.Security.Principal.WindowsPrincipal::IsInRole(System.Security.Principal.WindowsBuiltInRole)
          Source: C:\Users\user\Desktop\01_extracted.exeFile opened: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dllJump to behavior
          Source: 01_extracted.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
          Source: C:\Users\user\Desktop\01_extracted.exeFile opened: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_d08c58b4442ba54f\MSVCR80.dllJump to behavior

          Data Obfuscation:

          barindex
          .NET source code contains potential unpackerShow sources
          Source: 01_extracted.exe, u0023u003dqxoz66kOqvxr21iYXZYXWiumy9eZGwFWaiX4C5X8aecUu003d.cs.Net Code: #=qKU0J1fiP8KA33eFK1owekQ== System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
          Source: 01_extracted.exe, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs.Net Code: #=q_FL69pQf17BUSAFbWYu1SStMAbdu$R1GJ8VY8UL5_EA= System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqxoz66kOqvxr21iYXZYXWiumy9eZGwFWaiX4C5X8aecUu003d.cs.Net Code: #=qKU0J1fiP8KA33eFK1owekQ== System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqjIje6jGWLd2EOkfZXKqBbgu003du003d.cs.Net Code: #=q_FL69pQf17BUSAFbWYu1SStMAbdu$R1GJ8VY8UL5_EA= System.Reflection.Assembly System.Reflection.Assembly::Load(System.Byte[])
          Source: 01_extracted.exe, u0023u003dqWrm21vQ8CBMZP_RBTwpusAu003du003d.csHigh entropy of concatenated method names: '#=qCgU$tDqtOAyz2b$RwfSF7UzBcCAr0rFJWxm16x7Lre0=', '#=qeD3MBfedCIuKIQf9V1u2N3YS4VXE_FOHqw_XAjWtZK8=', '#=q$mvEHEBkZud$AdHPWqsMQnw5Xm5sD4vBSSmqrKuXGOk=', '#=qZaN94n8dM6tBEf$qCdY2kbTZb5BOW8Z134$2tNv7EJs=', '#=qtlZnL8mho$rv1eTFz0Mw9UYFC_yCabEZ0xtVePn6wR5aSHE7ti3UfKg2l7D0_xk8', '#=qVS$QmQjvFfsXSqQAKGSl6HGbkse2SG0XCab4upVjtRJkvhTEk$oIS2I9Zja7id1Q', '#=qxJg7RxTW1v5mnt12xXeJiYJv_bcctbtL2BCD5MjDi45Hlz6t8vwDNTv1Rv7tgIct', '#=qp$ZVC1r9spi890l$D7IwEd3faoKeWHvv42mVq8wIIWM=', '#=qCoWHlVuoVRMkOzC7RZubJCslkxaEWn9yZiIydECf69$ktj0IPD5wAwC2H5Cc8C$L', '#=qqs1moO$mYaS72OXOWe0Z6GycslEb6e9Ipoy7ppW0O5abIp05ajv8doqdJZHlN3cK'
          Source: 01_extracted.exe, u0023u003dqJT4I5hOweIku0024xYFEeDszbikglXCuquUdu0024v9AXtyq2nsu003d.csHigh entropy of concatenated method names: '#=qBeOBlH6CwHFnQdZWWBgZ_pemudZ6CfCVcfOQtgpeG$Y=', '#=q5v5cLSMFBaxiTtOEjscx86gN2ozXlfytiL6UmXnyWtg=', '#=q_XA5h2lVGHLcY9dK754wKGrOjAm6aBbwPxcUJXgJThJUz83kMbCL53G5uuOLP6Rq', '#=qIFfr$DrKqIieRc688$vylAlBsEnx9Z3$TxvrDsPURfM=', '#=qejgvNXJQvgM2GomZsygLjreyguSPQ29pQHqjR_a0dWk=', '#=qCGokdf0OOxeMJLDkXSfc3NPmwygIQ29RjKQWj$wbNGB9C1pPgma_891QiNyTRXcA', '#=qDqyUVyJLXCtYqhZ0$opqkomqhUBn2WCeEEvGAXlNQ$I=', '#=qdImPAY1o3YhbLtukwCQ91cISaeIEWRKSYrGZ3dTVnkY=', '#=qza7O1AHrroJC7yRIJz4wINR_Sgo4hDpQrj_OYfIrlJE=', '#=q6Ct3QmvVLFC7my$dL1uEiHGmXJ5qCuK4WIhDwfhPTFs='
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqWrm21vQ8CBMZP_RBTwpusAu003du003d.csHigh entropy of concatenated method names: '#=qCgU$tDqtOAyz2b$RwfSF7UzBcCAr0rFJWxm16x7Lre0=', '#=qeD3MBfedCIuKIQf9V1u2N3YS4VXE_FOHqw_XAjWtZK8=', '#=q$mvEHEBkZud$AdHPWqsMQnw5Xm5sD4vBSSmqrKuXGOk=', '#=qZaN94n8dM6tBEf$qCdY2kbTZb5BOW8Z134$2tNv7EJs=', '#=qtlZnL8mho$rv1eTFz0Mw9UYFC_yCabEZ0xtVePn6wR5aSHE7ti3UfKg2l7D0_xk8', '#=qVS$QmQjvFfsXSqQAKGSl6HGbkse2SG0XCab4upVjtRJkvhTEk$oIS2I9Zja7id1Q', '#=qxJg7RxTW1v5mnt12xXeJiYJv_bcctbtL2BCD5MjDi45Hlz6t8vwDNTv1Rv7tgIct', '#=qp$ZVC1r9spi890l$D7IwEd3faoKeWHvv42mVq8wIIWM=', '#=qCoWHlVuoVRMkOzC7RZubJCslkxaEWn9yZiIydECf69$ktj0IPD5wAwC2H5Cc8C$L', '#=qqs1moO$mYaS72OXOWe0Z6GycslEb6e9Ipoy7ppW0O5abIp05ajv8doqdJZHlN3cK'
          Source: 0.0.01_extracted.exe.260000.0.unpack, u0023u003dqJT4I5hOweIku0024xYFEeDszbikglXCuquUdu0024v9AXtyq2nsu003d.csHigh entropy of concatenated method names: '#=qBeOBlH6CwHFnQdZWWBgZ_pemudZ6CfCVcfOQtgpeG$Y=', '#=q5v5cLSMFBaxiTtOEjscx86gN2ozXlfytiL6UmXnyWtg=', '#=q_XA5h2lVGHLcY9dK754wKGrOjAm6aBbwPxcUJXgJThJUz83kMbCL53G5uuOLP6Rq', '#=qIFfr$DrKqIieRc688$vylAlBsEnx9Z3$TxvrDsPURfM=', '#=qejgvNXJQvgM2GomZsygLjreyguSPQ29pQHqjR_a0dWk=', '#=qCGokdf0OOxeMJLDkXSfc3NPmwygIQ29RjKQWj$wbNGB9C1pPgma_891QiNyTRXcA', '#=qDqyUVyJLXCtYqhZ0$opqkomqhUBn2WCeEEvGAXlNQ$I=', '#=qdImPAY1o3YhbLtukwCQ91cISaeIEWRKSYrGZ3dTVnkY=', '#=qza7O1AHrroJC7yRIJz4wINR_Sgo4hDpQrj_OYfIrlJE=', '#=q6Ct3QmvVLFC7my$dL1uEiHGmXJ5qCuK4WIhDwfhPTFs='

          Hooking and other Techniques for Hiding and Protection:

          barindex
          Hides that the sample has been downloaded from the Internet (zone.identifier)Show sources
          Source: C:\Users\user\Desktop\01_extracted.exeFile opened: C:\Users\user\Desktop\01_extracted.exe:Zone.Identifier read attributes | deleteJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeWindow / User API: threadDelayed 364Jump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeWindow / User API: foregroundWindowGot 1016Jump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exe TID: 1536Thread sleep time: -1844674407370954s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exe TID: 5380Thread sleep time: -32000s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exe TID: 1836Thread sleep time: -40000s >= -30000sJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeLast function: Thread delayed
          Source: C:\Users\user\Desktop\01_extracted.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeMemory allocated: page read and write | page guardJump to behavior
          Source: C:\Users\user\Desktop\01_extracted.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Stealing of Sensitive Information:

          barindex
          Yara detected Nanocore RATShow sources
          Source: Yara matchFile source: 01_extracted.exe, type: SAMPLE
          Source: Yara matchFile source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTR

          Remote Access Functionality:

          barindex
          Yara detected Nanocore RATShow sources
          Source: Yara matchFile source: 01_extracted.exe, type: SAMPLE
          Source: Yara matchFile source: 0.0.01_extracted.exe.260000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: 01_extracted.exe PID: 2392, type: MEMORYSTR
          Detected Nanocore RatShow sources
          Source: 01_extracted.exe, 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmpString found in binary or memory: NanoCore.ClientPluginHost
          Source: 01_extracted.exeString found in binary or memory: NanoCore.ClientPluginHost

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionMasquerading1OS Credential DumpingProcess Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumNon-Standard Port1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsDisable or Modify Tools1LSASS MemoryVirtualization/Sandbox Evasion21Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothRemote Access Software1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Virtualization/Sandbox Evasion21Security Account ManagerApplication Window Discovery1SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Deobfuscate/Decode Files or Information1NTDSSystem Information Discovery2Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol21SIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptHidden Files and Directories1LSA SecretsRemote System DiscoverySSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.commonSoftware Packing12Cached Domain CredentialsSystem Owner/User DiscoveryVNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          01_extracted.exe100%AviraTR/Dropper.MSIL.Gen7
          01_extracted.exe100%Joe Sandbox ML

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          0.0.01_extracted.exe.260000.0.unpack100%AviraTR/Dropper.MSIL.Gen7Download File

          Domains

          SourceDetectionScannerLabelLink
          sunnysept.duckdns.org2%VirustotalBrowse

          URLs

          SourceDetectionScannerLabelLink
          sunnysept.duckdns.org2%VirustotalBrowse
          sunnysept.duckdns.org0%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          sunnysept.duckdns.org
          		194.147.140.14
          		truetrueunknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          sunnysept.duckdns.orgtrue
          • 2%, Virustotal, Browse
          • Avira URL Cloud: safe
          		unknown

          Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public

          IPDomainCountryFlagASNASN NameMalicious
          194.147.140.14
          		sunnysept.duckdns.orgunknown
          		47285PTPEUtrue

          General Information

          Joe Sandbox Version:33.0.0 White Diamond
          Analysis ID:483429
          Start date:15.09.2021
          Start time:00:26:08
          Joe Sandbox Product:CloudBasic
          Overall analysis duration:0h 5m 15s
          Hypervisor based Inspection enabled:false
          Report type:full
          Sample file name:01_extracted.exe
          Cookbook file name:default.jbs
          Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
          Number of analysed new started processes analysed:23
          Number of new started drivers analysed:0
          Number of existing processes analysed:0
          Number of existing drivers analysed:0
          Number of injected processes analysed:0
          Technologies:
          • HCA enabled
          • EGA enabled
          • HDC enabled
          • AMSI enabled
          Analysis Mode:default
          Analysis stop reason:Timeout
          Detection:MAL
          Classification:mal100.troj.evad.winEXE@1/2@22/1
          EGA Information:Failed
          HDC Information:Failed
          HCA Information:
          • Successful, ratio: 100%
          • Number of executed functions: 0
          • Number of non-executed functions: 0
          Cookbook Comments:
          • Adjust boot time
          • Enable AMSI
          • Found application associated with file extension: .exe
          Warnings:
          Show All
          • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
          • Exclude process from analysis (whitelisted): taskhostw.exe, MpCmdRun.exe, BackgroundTransferHost.exe, UpdateNotificationMgr.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe
          • Excluded IPs from analysis (whitelisted): 23.211.6.115, 23.211.4.86, 20.82.209.183, 40.112.88.60, 20.82.210.154, 80.67.82.235, 80.67.82.211, 23.203.80.193, 51.104.136.2, 20.50.102.62
          • Excluded domains from analysis (whitelisted): iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, fs.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, store-images.s-microsoft.com-c.edgekey.net, e1723.g.akamaiedge.net, settings-win.data.microsoft.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, arc.msn.com, settingsfd-geo.trafficmanager.net, ris.api.iris.microsoft.com, e11290.dspg.akamaiedge.net, e12564.dspb.akamaiedge.net, go.microsoft.com, store-images.s-microsoft.com, go.microsoft.com.edgekey.net, arc.trafficmanager.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net
          • Not all processes where analyzed, report is missing behavior information
          • Report size getting too big, too many NtAllocateVirtualMemory calls found.

          Simulations

          Behavior and APIs

          TimeTypeDescription
          00:27:00API Interceptor1046x Sleep call for process: 01_extracted.exe modified

          Joe Sandbox View / Context

          IPs

          No context

          Domains

          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
          sunnysept.duckdns.org83736354Invoicereceipt.vbsGet hashmaliciousBrowse
          • 198.23.251.21

          ASN

          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
          PTPEUB4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exeGet hashmaliciousBrowse
          • 194.147.140.8
          18-ITEMS-RECEIPT.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          7-Items-receipt.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          9 ITEMS INVOICE RECEIPT.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          15 Items Receipt.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          14 Items receipt.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          16 Items receipt.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          SPT DRINGENDE BESTELLUNG _876453,pdf.exeGet hashmaliciousBrowse
          • 194.147.140.9
          41-Items-invoice.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          Confirmaci#U00f3n del pedido- No HD10103,pdf.exeGet hashmaliciousBrowse
          • 194.147.140.9
          SPT DRINGENDE BESTELLUNG _8764,pdf.exeGet hashmaliciousBrowse
          • 194.147.140.9
          8 Items invoice.vbsGet hashmaliciousBrowse
          • 194.147.140.20
          heimatec RFQ 4556_ DRINGEND,pdf.exeGet hashmaliciousBrowse
          • 194.147.140.9
          Confirmarea comenzii noi-4019,pdf.exeGet hashmaliciousBrowse
          • 194.147.140.9
          vuaXoDsazgGet hashmaliciousBrowse
          • 194.147.142.145
          dsMBH5SmxLGet hashmaliciousBrowse
          • 194.147.142.145
          YIupXk5F7bGet hashmaliciousBrowse
          • 194.147.142.145
          pvbuEVYCUBGet hashmaliciousBrowse
          • 194.147.142.145
          1jTsJsy5b8Get hashmaliciousBrowse
          • 194.147.142.145
          fpAHzxlGRnGet hashmaliciousBrowse
          • 194.147.142.145

          JA3 Fingerprints

          No context

          Dropped Files

          No context

          Created / dropped Files

          C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\catalog.dat
          Process:C:\Users\user\Desktop\01_extracted.exe
          File Type:data
          Category:dropped
          Size (bytes):1160
          Entropy (8bit):7.089541637477408
          Encrypted:false
          SSDEEP:24:IQnybgC4jh+dQnybgC4jh+dQnybgC4jh+dQnybgC4jh+dQnybgC4jh+K:IknjhUknjhUknjhUknjhUknjhL
          MD5:7BEBBE1F1511163A3243CD8E0C75CC69
          SHA1:216B3AB5D802FA037A6EC5348B189398D8980B3C
          SHA-256:79A130865E9EFFFAA6C2E453942CE87F652681BCD76AAF987318300CAF5E3778
          SHA-512:4DCCB32411DEF72C938022B8675DA50B2DC4CD2C051B1C0377F63D6AAC42FC3D128B0ED580FB88954AB04A9E9EC8D272EBCCF74EB3F136BEF41ADBB845A1A530
          Malicious:false
          Reputation:moderate, very likely benign file
          Preview: Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.... S....}FF.2...h.M+....L.#.X..+......*....~f.G0^..;....W2.=...K.~.L..&f...p............:7rH}..../H......L...?...A.K...J.=8x!....+.2e'..E?.G......[.&Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.... S....}FF.2...h.M+....L.#.X..+......*....~f.G0^..;....W2.=...K.~.L..&f...p............:7rH}..../H......L...?...A.K...J.=8x!....+.2e'..E?.G......[.&Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.... S....}FF.2...h.M+....L.#.X..+......*....~f.G0^..;....W2.=...K.~.L..&f...p............:7rH}..../H......L...?...A.K...J.=8x!....+.2e'..E?.G......[.&Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.... S....}FF.2...h.M+....L.#.X..+......*....~f.G0^..;....W2.=...K.~.L..&f...p............:7rH}..../H......L...?...A.K...J.=8x!....+.2e'..E?.G......[.&Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.
          C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat
          Process:C:\Users\user\Desktop\01_extracted.exe
          File Type:data
          Category:dropped
          Size (bytes):8
          Entropy (8bit):3.0
          Encrypted:false
          SSDEEP:3:c:c
          MD5:315CCD3669C58A3177FFB7D0189A1EEF
          SHA1:678EF06864D26881E2DB1B9511A32B56CF988F3A
          SHA-256:FFA8198F332474004817F0E82E3C209AF881FCDF52F51F30497A6AE6BFB37866
          SHA-512:D9FD615BE3D8AFEC18151D0CE055602C346F1525FD8ECBCA47B6D204FAC13DCD821B385B46DFC39CE5B3BDEFB23D7E75DB6F583505A31CC412F473B1C05E7E4E
          Malicious:true
          Reputation:low
          Preview: .)5.x.H

          Static File Info

          General

          File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
          Entropy (8bit):7.446133348432718
          TrID:
          • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
          • Win32 Executable (generic) a (10002005/4) 49.78%
          • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
          • Generic Win/DOS Executable (2004/3) 0.01%
          • DOS Executable Generic (2002/1) 0.01%
          File name:01_extracted.exe
          File size:207360
          MD5:59f356092b9f54b4ee5563a2fb8a3255
          SHA1:252ee78cd1597581b9dc14253a77526ef344af38
          SHA256:2206669cc770b99bfdcc44079e5f218a3b4161c7c973f652d6a497a58031bf1d
          SHA512:7043f238357ef4d13c4ebd4c21371173157332547ccf0777594fcdcc566f78f865850a28fabb43ee23f24b26bbf03ed3ee0ea03b299c1565313db623ccbfc128
          SSDEEP:6144:gLV6Bta6dtJmakIM5wq+HjVCuSj2OjrtJrIOXu:gLV6BtpmkNq+DVcH85
          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....'.T.....................`........... ........@.. .....................................................................

          File Icon

          Icon Hash:00828e8e8686b000

          Static PE Info

          General

          Entrypoint:0x41e792
          Entrypoint Section:.text
          Digitally signed:false
          Imagebase:0x400000
          Subsystem:windows gui
          Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED
          DLL Characteristics:
          Time Stamp:0x54E927A1 [Sun Feb 22 00:49:37 2015 UTC]
          TLS Callbacks:
          CLR (.Net) Version:v2.0.50727
          OS Version Major:4
          OS Version Minor:0
          File Version Major:4
          File Version Minor:0
          Subsystem Version Major:4
          Subsystem Version Minor:0
          Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

          Entrypoint Preview

          Instruction
          jmp dword ptr [00402000h]
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al
          add byte ptr [eax], al

          Data Directories

          NameVirtual AddressVirtual Size Is in Section
          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
          IMAGE_DIRECTORY_ENTRY_IMPORT0x1e7380x57.text
          IMAGE_DIRECTORY_ENTRY_RESOURCE0x220000x15d90.rsrc
          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
          IMAGE_DIRECTORY_ENTRY_BASERELOC0x200000xc.reloc
          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
          IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

          Sections

          NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
          .text0x20000x1c7980x1c800False0.594503837719data6.5980706265IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          .reloc0x200000xc0x200False0.044921875data0.101910425663IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
          .rsrc0x220000x15d900x15e00False0.999732142857data7.99777392121IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

          Resources

          NameRVASizeTypeLanguageCountry
          RT_RCDATA0x220580x15d38TIM image, (48492,12466)

          Imports

          DLLImport
          mscoree.dll_CorExeMain

          Network Behavior

          Snort IDS Alerts

          TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
          09/15/21-00:27:02.076627UDP254DNS SPOOF query response with TTL of 1 min. and no authority53502008.8.8.8192.168.2.3
          09/15/21-00:27:02.354546TCP2025019ET TROJAN Possible NanoCore C2 60B497335500192.168.2.3194.147.140.14
          09/15/21-00:27:07.400195UDP254DNS SPOOF query response with TTL of 1 min. and no authority53512818.8.8.8192.168.2.3
          09/15/21-00:27:07.631437TCP2025019ET TROJAN Possible NanoCore C2 60B497345500192.168.2.3194.147.140.14
          09/15/21-00:27:12.383586UDP254DNS SPOOF query response with TTL of 1 min. and no authority53491998.8.8.8192.168.2.3
          09/15/21-00:27:12.611541TCP2025019ET TROJAN Possible NanoCore C2 60B497355500192.168.2.3194.147.140.14
          09/15/21-00:27:17.744080TCP2025019ET TROJAN Possible NanoCore C2 60B497365500192.168.2.3194.147.140.14
          09/15/21-00:27:23.140472TCP2025019ET TROJAN Possible NanoCore C2 60B497375500192.168.2.3194.147.140.14
          09/15/21-00:27:28.739254TCP2025019ET TROJAN Possible NanoCore C2 60B497445500192.168.2.3194.147.140.14
          09/15/21-00:27:34.478410TCP2025019ET TROJAN Possible NanoCore C2 60B497455500192.168.2.3194.147.140.14
          09/15/21-00:27:39.773403UDP254DNS SPOOF query response with TTL of 1 min. and no authority53651108.8.8.8192.168.2.3
          09/15/21-00:27:39.998463TCP2025019ET TROJAN Possible NanoCore C2 60B497465500192.168.2.3194.147.140.14
          09/15/21-00:27:45.423084TCP2025019ET TROJAN Possible NanoCore C2 60B497675500192.168.2.3194.147.140.14
          09/15/21-00:27:50.997919TCP2025019ET TROJAN Possible NanoCore C2 60B497735500192.168.2.3194.147.140.14
          09/15/21-00:27:56.021163TCP2025019ET TROJAN Possible NanoCore C2 60B497745500192.168.2.3194.147.140.14
          09/15/21-00:28:02.027049TCP2025019ET TROJAN Possible NanoCore C2 60B497775500192.168.2.3194.147.140.14
          09/15/21-00:28:07.677320UDP254DNS SPOOF query response with TTL of 1 min. and no authority53495638.8.8.8192.168.2.3
          09/15/21-00:28:08.684677TCP2025019ET TROJAN Possible NanoCore C2 60B497835500192.168.2.3194.147.140.14
          09/15/21-00:28:15.052658TCP2025019ET TROJAN Possible NanoCore C2 60B497865500192.168.2.3194.147.140.14
          09/15/21-00:28:21.468840TCP2025019ET TROJAN Possible NanoCore C2 60B497875500192.168.2.3194.147.140.14
          09/15/21-00:28:28.077642UDP254DNS SPOOF query response with TTL of 1 min. and no authority53570848.8.8.8192.168.2.3
          09/15/21-00:28:28.305043TCP2025019ET TROJAN Possible NanoCore C2 60B497885500192.168.2.3194.147.140.14
          09/15/21-00:28:35.011567UDP254DNS SPOOF query response with TTL of 1 min. and no authority53575688.8.8.8192.168.2.3
          09/15/21-00:28:35.239451TCP2025019ET TROJAN Possible NanoCore C2 60B497905500192.168.2.3194.147.140.14
          09/15/21-00:28:41.718002TCP2025019ET TROJAN Possible NanoCore C2 60B497955500192.168.2.3194.147.140.14
          09/15/21-00:28:48.005439UDP254DNS SPOOF query response with TTL of 1 min. and no authority53554358.8.8.8192.168.2.3
          09/15/21-00:28:48.231608TCP2025019ET TROJAN Possible NanoCore C2 60B497975500192.168.2.3194.147.140.14
          09/15/21-00:28:54.654295TCP2025019ET TROJAN Possible NanoCore C2 60B497985500192.168.2.3194.147.140.14
          09/15/21-00:29:00.711953UDP254DNS SPOOF query response with TTL of 1 min. and no authority53561328.8.8.8192.168.2.3
          09/15/21-00:29:00.938829TCP2025019ET TROJAN Possible NanoCore C2 60B497995500192.168.2.3194.147.140.14
          09/15/21-00:29:07.032341TCP2025019ET TROJAN Possible NanoCore C2 60B498005500192.168.2.3194.147.140.14

          Network Port Distribution

          TCP Packets

          TimestampSource PortDest PortSource IPDest IP
          Sep 15, 2021 00:27:02.087652922 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:02.312653065 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:02.312792063 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:02.354546070 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:02.632098913 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:02.632209063 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:02.835180044 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:02.835506916 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:02.914844990 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:02.915138006 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:03.021835089 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:03.059214115 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:03.059271097 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:03.194070101 CEST550049733194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:03.194232941 CEST497335500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:07.404175043 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:07.630057096 CEST550049734194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:07.630222082 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:07.631437063 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:07.898245096 CEST550049734194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:07.898408890 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:08.021995068 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:08.166990995 CEST550049734194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:08.167257071 CEST497345500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:12.386518955 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:12.610210896 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:12.610375881 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:12.611541033 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:12.897222996 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:12.897310019 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:13.069019079 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:13.069168091 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:13.179615021 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:13.180906057 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:13.240910053 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:13.292944908 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:13.294959068 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:13.460134983 CEST550049735194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:13.460298061 CEST497355500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:17.519107103 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:17.742636919 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:17.742877960 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:17.744080067 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.022598028 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.022763968 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.303188086 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.303390026 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.306282997 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.306436062 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.528666019 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.528908968 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.584222078 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.741544008 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:18.752623081 CEST550049736194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:18.752809048 CEST497365500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:22.913896084 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.137590885 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:23.139857054 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.140471935 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.412609100 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:23.413749933 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.696033001 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:23.696188927 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.737236023 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:23.737422943 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:23.960838079 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:23.961071968 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:24.100568056 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:24.100753069 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:24.240279913 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:24.240411043 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:24.304337025 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:24.324481010 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:24.324642897 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:24.521557093 CEST550049737194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:24.521682024 CEST497375500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:28.514481068 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:28.738651037 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:28.738778114 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:28.739253998 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.022232056 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.022490025 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.234245062 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.234370947 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.287017107 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.290369987 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.513585091 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.514445066 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.518325090 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.569633961 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.738221884 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:29.738471031 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:29.898152113 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:30.023263931 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:30.026415110 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:30.029808044 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:30.029836893 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:30.029861927 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:30.029885054 CEST550049744194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:30.029921055 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:30.029977083 CEST497445500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:34.251983881 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:34.477664948 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:34.477802992 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:34.478410006 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:34.756129026 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:34.758852005 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:35.037781000 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:35.037875891 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:35.041951895 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:35.087317944 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:35.261090994 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:35.262763023 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:35.463027954 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:35.486222029 CEST550049745194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:35.486280918 CEST497455500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:39.774439096 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:39.997792006 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:39.997940063 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:39.998462915 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.287087917 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.287353992 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.500714064 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.501406908 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.568922997 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.569073915 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.773298979 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.773358107 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.773416996 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.820580959 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.851381063 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.851500988 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.961822987 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:40.996881962 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:40.996974945 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:41.131593943 CEST550049746194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:41.131692886 CEST497465500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:45.198723078 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:45.421967983 CEST550049767194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:45.422111034 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:45.423084021 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:45.708916903 CEST550049767194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:45.709029913 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:45.983611107 CEST550049767194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:45.983731031 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:46.207953930 CEST550049767194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:46.208173037 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:46.430907965 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:46.433439970 CEST550049767194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:46.433527946 CEST497675500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:50.772717953 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:50.996829987 CEST550049773194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:50.996937037 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:50.997919083 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:51.287838936 CEST550049773194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:51.287997007 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:51.288305044 CEST550049773194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:51.336942911 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:51.502216101 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:51.512721062 CEST550049773194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:51.512839079 CEST497735500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:55.796912909 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.020030022 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.020190001 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.021162987 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.302578926 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.302834988 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.513561010 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.513863087 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.585140944 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.585278034 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.803273916 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.803427935 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:56.809946060 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:56.853560925 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.084465981 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.084604979 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.133650064 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.181293964 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.366038084 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.367028952 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.369596958 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.409466982 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.409661055 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.409740925 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.409859896 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.409883022 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.409934998 CEST550049774194.147.140.14192.168.2.3
          Sep 15, 2021 00:27:57.410006046 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:27:57.410021067 CEST497745500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:01.802747965 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.026079893 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.026289940 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.027049065 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.297368050 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.297502995 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.569041967 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.569768906 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.663475037 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.681468964 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.850085974 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.850171089 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:02.904966116 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:02.945839882 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:03.132560968 CEST550049777194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:03.132658958 CEST497775500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:08.428544998 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:08.661370993 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:08.661672115 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:08.684676886 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:08.958945990 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:08.959026098 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:09.035727024 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:09.035810947 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:09.240695000 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:09.240793943 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:09.318581104 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:09.465130091 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:09.465986967 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:09.758136034 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:09.762042046 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.037533045 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.038062096 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.061600924 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.061635017 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.061765909 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.062114000 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.062134027 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.062215090 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288316011 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288373947 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288419008 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288430929 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288460016 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288465023 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288476944 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288536072 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288562059 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288621902 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.288702011 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.288758993 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.289041996 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.289098024 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.289113998 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.289149046 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.464308977 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.513179064 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.513202906 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.513326883 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.513475895 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.513760090 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.513782978 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.513828993 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.513854980 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.513993025 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.514338017 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.514357090 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.514395952 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.514434099 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.514703035 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.514775991 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.514833927 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.514974117 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.515321970 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.515386105 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.515441895 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.515484095 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.515522003 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.515957117 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.515978098 CEST550049783194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:10.516015053 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:10.516041994 CEST497835500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:14.825504065 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.049786091 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:15.050023079 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.052658081 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.320491076 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:15.320681095 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.601540089 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:15.601710081 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.654616117 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:15.654727936 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:15.878046989 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:15.878175974 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.102058887 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.102221012 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.397814035 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.400144100 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.668320894 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.669804096 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.738369942 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.738599062 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.738785028 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.738857031 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.739237070 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.739347935 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.739567041 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.739628077 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.933801889 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.944740057 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.944904089 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.963995934 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964342117 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964382887 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964644909 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.964656115 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964704990 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964792013 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964824915 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.964831114 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.964948893 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:16.964982033 CEST550049786194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:16.965585947 CEST497865500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:21.241826057 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:21.467549086 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:21.467752934 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:21.468839884 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:21.740968943 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:21.741162062 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:21.921854973 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:21.922051907 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.021564007 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.021738052 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.212501049 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.212584972 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.245282888 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.245357990 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.468703985 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.468863010 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.740969896 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.741058111 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.766596079 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.766690969 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.766712904 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.766746998 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.767155886 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.767211914 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.767368078 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.767410040 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.995529890 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.995567083 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.995718956 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.995857000 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.995879889 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.996005058 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.996383905 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.996408939 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.996459007 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.996510029 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:22.996774912 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.996795893 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:22.996850967 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.219022989 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.219198942 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.219391108 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.219474077 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.223683119 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223714113 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223733902 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223757982 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223779917 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223800898 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223820925 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223841906 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223861933 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223874092 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.223885059 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223905087 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223928928 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223948956 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.223949909 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223970890 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.223980904 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.224004030 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.224039078 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.267638922 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.449234962 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.450587034 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.450628996 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.450643063 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.450747013 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.450848103 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.450859070 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.456237078 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456307888 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456389904 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456409931 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456428051 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456444979 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456511021 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456527948 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456548929 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456568003 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456629038 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456646919 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456664085 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456717968 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456736088 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456793070 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456810951 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456825018 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456841946 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456859112 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456880093 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.456943035 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.457004070 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.457221031 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.457241058 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.457299948 CEST550049787194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:23.479852915 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.479871035 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.479875088 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:23.479877949 CEST497875500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:28.079173088 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:28.303431034 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:28.303797960 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:28.305042982 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:28.584526062 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:28.584611893 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:28.853620052 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:28.853802919 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.131704092 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.131824017 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.355716944 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.356091022 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.630850077 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.631231070 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.912175894 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.912405014 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.935741901 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.935811043 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.935976028 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.936028004 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.936284065 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.936352968 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:29.936554909 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:29.936621904 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.161844969 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.161879063 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.161901951 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.162703037 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.162729025 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.162969112 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.163001060 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.163021088 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.163028955 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.163045883 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.163047075 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.163068056 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.163086891 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.163134098 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.163192034 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.169011116 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.387262106 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387284040 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387295961 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387347937 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.387377977 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.387595892 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387721062 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.387841940 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387900114 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.387927055 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.387954950 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.388149023 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.388201952 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.388322115 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.388370037 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.388412952 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.388478041 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.388706923 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.388856888 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.388971090 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.388997078 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.389061928 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.389194012 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.389246941 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.389379025 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.389440060 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.389547110 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.389622927 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:30.389754057 CEST550049788194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:30.389811039 CEST497885500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.013226986 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.236493111 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:35.236722946 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.239450932 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.506594896 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:35.506665945 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.584022045 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:35.584155083 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.787172079 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:35.787323952 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:35.865825891 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.010984898 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.011106014 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.287774086 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.287909985 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.568890095 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.569530010 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.590475082 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.590531111 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.590647936 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.590702057 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.590733051 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.590984106 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.591048002 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.816948891 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.817018986 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.817122936 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.817209959 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.817276955 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.817460060 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.817521095 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.817770004 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.817830086 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.818542957 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.818608046 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.818623066 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.818654060 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:36.818813086 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:36.818866968 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.041363955 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.041426897 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.041517019 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.042088985 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.042155981 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.042402029 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.042443991 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.042726040 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.042769909 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.042834997 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.042882919 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.043000937 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.043045998 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.043303013 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.043386936 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.043693066 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.043803930 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.043940067 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.044291019 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.044348001 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.044671059 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.044785023 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.044826031 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.044889927 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.044964075 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.045002937 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.045352936 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.046072960 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.046132088 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.144326925 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.266706944 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.266736984 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.266760111 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.266783953 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.267035007 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.267110109 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.281574965 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.285320997 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290400982 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290446997 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290467024 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290482998 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290498018 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290507078 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.290519953 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.290528059 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290561914 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290566921 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.290574074 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.290611982 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290633917 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290647984 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290653944 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.290663004 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290677071 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290705919 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290735006 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290760994 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290783882 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290810108 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290833950 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290858030 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290882111 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290905952 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290929079 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290952921 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.290976048 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.291002035 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.295418978 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.295432091 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.295433998 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:37.298732042 CEST550049790194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:37.313709974 CEST497905500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:41.494010925 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:41.717355013 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:41.717559099 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:41.718002081 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:42.006436110 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:42.006699085 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:42.100558996 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:42.154014111 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:42.288116932 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:42.291141987 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:42.515203953 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:42.515309095 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:42.787930012 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:42.788213968 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.070039988 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.070111990 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.093301058 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.093375921 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.097692013 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.097762108 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.097887993 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.097954988 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.098067999 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.098134041 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.316979885 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.317043066 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.317092896 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.317142963 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.321491003 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.321676016 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.321806908 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.322078943 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.322154999 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.322248936 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.322424889 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.322657108 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.322766066 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.540898085 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.541007042 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.541088104 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.541122913 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.541409016 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.541476965 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.545499086 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.545598984 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.545646906 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.545686007 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.546087027 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.546355963 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.546401978 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.546431065 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.546586037 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.546688080 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.546732903 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.546753883 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.546839952 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.546933889 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.547076941 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.547137022 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.547148943 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.547203064 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.547415018 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.547493935 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.547683001 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.547835112 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.547966957 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.560879946 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.764781952 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.764837980 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.764942884 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.764976978 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765078068 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.765163898 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765199900 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.765260935 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765423059 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.765517950 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765559912 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.765639067 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765809059 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.765937090 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.765964031 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.766048908 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.769481897 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.769685030 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.770747900 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.771270990 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.771775007 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.771883965 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.771912098 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772020102 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.772061110 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772156000 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.772284985 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772371054 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.772397995 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772488117 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.772578001 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772664070 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.772830009 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.772927046 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.773034096 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.773119926 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.773226976 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.773308992 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.773380995 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.773499012 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.773622036 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.773686886 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.773818970 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.773885965 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.774015903 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.774079084 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.774317980 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.774403095 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.774502993 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.774581909 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.774764061 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.774849892 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.774976969 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.775196075 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.775197983 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.775319099 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.775363922 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.775556087 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.775610924 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.775633097 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.775772095 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.775851965 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.775948048 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.776021957 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:43.776207924 CEST550049795194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:43.776294947 CEST497955500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.006985903 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.230206966 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:48.230463982 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.231607914 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.507673025 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:48.507843018 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.548239946 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:48.591999054 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:48.787309885 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:48.787440062 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.011533976 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.011744976 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.289068937 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.289124966 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.568589926 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.568727970 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.606211901 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.606319904 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.606745005 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.606761932 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.606829882 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.606849909 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.607198000 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.607291937 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.830383062 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.830467939 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.830487013 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.830552101 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.830610037 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.830683947 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.830765009 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.830826044 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.830862045 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.830926895 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.831088066 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.831171036 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.832299948 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.832393885 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:49.832609892 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:49.832710981 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.054999113 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.055275917 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.055293083 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.055357933 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.055728912 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.055850029 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.055968046 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.055985928 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056056976 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.056139946 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056232929 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.056344986 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056457043 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.056616068 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056699038 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.056752920 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056827068 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.056899071 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.056958914 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.057143927 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.057209969 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.057282925 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.057332993 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.057507038 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.057564020 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.057738066 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.057795048 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.058515072 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.058552980 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.058612108 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.058628082 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.061722994 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.281239033 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.281465054 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.282166004 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.282234907 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.282294035 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.282315016 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.282419920 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.283353090 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.283473969 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.283493042 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.283607960 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.283797979 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.283992052 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.284061909 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.284140110 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.284295082 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.284451008 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.285214901 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285274029 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285329103 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285372972 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.285383940 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285440922 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285495996 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285501957 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.285521984 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.285638094 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.285705090 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.285815001 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.286031961 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.286143064 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.286206961 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.286309958 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.287623882 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.287715912 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.287832022 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.287890911 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.289921045 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.289980888 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290019989 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290026903 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290035963 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290067911 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290085077 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290124893 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290139914 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290175915 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290194988 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290222883 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290224075 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290266037 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290359974 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290371895 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290381908 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290416956 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290504932 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290543079 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290580988 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290596962 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290608883 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290632963 CEST550049797194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:50.290644884 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:50.290688038 CEST497975500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:54.429140091 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:54.652642012 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:54.652813911 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:54.654294968 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:54.928622007 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:54.928771019 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:55.211982965 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:55.212080956 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:55.277159929 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:55.326947927 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:55.490755081 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:55.490844011 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:55.716051102 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:55.718092918 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.006568909 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.006786108 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.293081999 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.293343067 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.377676964 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.377759933 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.377917051 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.378021955 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.378072977 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.378173113 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.378264904 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.531989098 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.568857908 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.568964958 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.602456093 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.602555037 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.602597952 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.602627993 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.602889061 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.602977037 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.603604078 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.603791952 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.604089022 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.604108095 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.604163885 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.604255915 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.604258060 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.604445934 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:28:56.604526997 CEST550049798194.147.140.14192.168.2.3
          Sep 15, 2021 00:28:56.604592085 CEST497985500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:00.714360952 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:00.937860012 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:00.938009977 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:00.938828945 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:01.216667891 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:01.216779947 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:01.233666897 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:01.233792067 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:01.457175016 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:01.457298040 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:01.681252003 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:01.681472063 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:01.963170052 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:01.963344097 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.240447044 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.240643024 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.256932020 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.256987095 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.257133007 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.257158041 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.257234097 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.257328033 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.257427931 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.480942011 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.481090069 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.481101036 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.481148958 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.481432915 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.481486082 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.481686115 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.481736898 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.481950998 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.482012033 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.482187033 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.482245922 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.482518911 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.482578039 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.482844114 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.482908010 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.705951929 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.706011057 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.706085920 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.706136942 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.706235886 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.706298113 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.706518888 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.706604958 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.706777096 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.706837893 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.706979036 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.707035065 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.707220078 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.707278967 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.707505941 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.707565069 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.707763910 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.707819939 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.708014011 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.708071947 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.708877087 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.708901882 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.708940983 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.708961010 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.710669041 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.710731983 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.711159945 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.711229086 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.711329937 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.711445093 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.711905956 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.711963892 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.766182899 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.931418896 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.931478977 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.931619883 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.932095051 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.932275057 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.932346106 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.932399035 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.932585001 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.932693005 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.932773113 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.932846069 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.933140993 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.933223963 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.933330059 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.933402061 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.933984041 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.934058905 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.934583902 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.934665918 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.934999943 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.935074091 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.935210943 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.935292006 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.935483932 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.935569048 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.935664892 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.935777903 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.935967922 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.936069012 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.936208010 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.936315060 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.936420918 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.936522961 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.936613083 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.936738014 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.936939001 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.937026978 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.937077999 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.937303066 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.937514067 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.937676907 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.938102007 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.938182116 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.938373089 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.938492060 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938524008 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938529015 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938534975 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938539028 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938544035 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938548088 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938678980 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.938774109 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.938978910 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.939145088 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.939301014 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.939306974 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.939337969 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.939397097 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.939547062 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.939651012 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.939796925 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.939888000 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:02.940181017 CEST550049799194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:02.940269947 CEST497995500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:06.808574915 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.031862020 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.031992912 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.032341003 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.311343908 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.311507940 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.535439014 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.536214113 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.818856955 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.840214014 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.840250015 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.840526104 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:07.842170954 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.842202902 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:07.842247963 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.064007998 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.064044952 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.064157963 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.064263105 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.064374924 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.064471960 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.065265894 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.065440893 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.065581083 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.065624952 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.065839052 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.065911055 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.293814898 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.293874025 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.293915033 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294029951 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.294032097 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294092894 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.294162989 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294403076 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294465065 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.294631004 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294888020 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.294951916 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.295344114 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.295577049 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.295638084 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.295800924 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.295959949 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.296010017 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.296201944 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.296344995 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.296406984 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.296595097 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.296715975 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.296941042 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.519330978 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.519468069 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.519572973 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.519670963 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.520595074 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.521532059 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.521627903 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.521707058 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.521909952 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.521994114 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.522217989 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.522471905 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.522552013 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.522608042 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523001909 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523087025 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.523358107 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523401976 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523478985 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.523526907 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523796082 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523880005 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.523906946 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.523976088 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.524070978 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.524290085 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.524364948 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.524490118 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.524636030 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.524710894 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.524817944 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.524976969 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525222063 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525362015 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.525371075 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525506973 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525578976 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.525603056 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525679111 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.525760889 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.525928020 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.526014090 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.526119947 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.526253939 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.526319981 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.526397943 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.526572943 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.526653051 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.743068933 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.743293047 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.743360043 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.743369102 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.743571043 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.743663073 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.745686054 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.745722055 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.745801926 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.746608019 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.746665001 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.746704102 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.746731043 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.747534037 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.747608900 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.748037100 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.748076916 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.748145103 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.748617887 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.748660088 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.748725891 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.749202967 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.749536991 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.749614000 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.749685049 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.749882936 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.749969006 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.750236034 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.750355959 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.750544071 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.750617027 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.750961065 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751010895 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751137018 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.751168013 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751270056 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.751379967 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751549959 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751627922 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.751811028 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751852989 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.751933098 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.752358913 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.752548933 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.752621889 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.752729893 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.752995014 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753048897 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753098965 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.753128052 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753216982 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.753340960 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753550053 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753637075 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.753786087 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.753937960 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754117966 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754203081 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.754517078 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754620075 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754661083 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.754801035 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754842997 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.754884958 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.755073071 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.755151987 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.758939981 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.758985996 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.759035110 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.759073019 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.759078026 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.759146929 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.759191990 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.759222984 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.759313107 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.966908932 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.967160940 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.967190981 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.967255116 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.967382908 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.967453003 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.968971968 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.969343901 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.969443083 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.969641924 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.969976902 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.970060110 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.970727921 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.970845938 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.971002102 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.971357107 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.972383022 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.972475052 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.973287106 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.973350048 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.973464012 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.973675013 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.973726988 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.973773956 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.973810911 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.973896980 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.974173069 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.975033045 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.975877047 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.976079941 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.976316929 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.976825953 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.977011919 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.977332115 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978020906 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978193045 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978308916 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.978399992 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978667021 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978743076 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.978846073 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.978946924 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.979020119 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.979198933 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.979341030 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.979449987 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.979588032 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.979674101 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.979899883 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.980187893 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.980410099 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.980412006 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.980676889 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.980753899 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.980902910 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.980998993 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.981087923 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.981213093 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.981364965 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.981482029 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.981642008 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.981836081 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.981893063 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.982610941 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.982752085 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.982820988 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.982871056 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.982914925 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.983007908 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.983225107 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.984008074 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.984088898 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:08.984097958 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.984180927 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:08.984348059 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.190690041 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.190840960 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.191046953 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.191133976 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.191283941 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.191950083 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.192307949 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.192519903 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.192591906 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.193759918 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.194202900 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.194428921 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.194447041 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.194586992 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.195072889 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.195267916 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.195507050 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.195581913 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.196516991 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.197262049 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.197348118 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.197369099 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.197580099 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.197670937 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.197871923 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.198043108 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.198168993 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.199708939 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.200516939 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.200567007 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.200582981 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.200611115 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.200671911 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.201793909 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.202425957 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.202490091 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.202826977 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.203058004 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.203125954 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.203315973 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.203649044 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.203716993 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.206103086 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.206145048 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.206207037 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.207109928 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.207191944 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.207231045 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.207263947 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.207272053 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.207343102 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.207818985 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.208070993 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.208129883 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.208547115 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.220976114 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221110106 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221206903 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.221286058 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221357107 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.221473932 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221632004 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221716881 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.221879959 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.221997976 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.222064018 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.222181082 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.222426891 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.222491980 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.222625017 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.222912073 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.223186970 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.223258972 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.223639965 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.223714113 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.415079117 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.415402889 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.415461063 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.415786028 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.415852070 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.415905952 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.416012049 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.416301012 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.416357040 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.416613102 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.416732073 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.416779995 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.416893005 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.417824030 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.417877913 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.417902946 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.417970896 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.418015957 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.418524027 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.418776989 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.418827057 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.418893099 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.419142008 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.419190884 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.419538975 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.419620991 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.419672966 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.419830084 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.420058966 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.420104980 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.420619965 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.420979023 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.421030998 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.421178102 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.421457052 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.421504974 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.421916008 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.421977043 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.422028065 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.422276974 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.422517061 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.422568083 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.422600985 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.422792912 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.422852993 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.423079014 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.423634052 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.423686981 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.423733950 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.423937082 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.423990965 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.424235106 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.424474001 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.424530029 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.424633980 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.424793959 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.424863100 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.426971912 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427046061 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427098036 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.427150011 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427278042 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427300930 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427354097 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.427387953 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427444935 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.427479982 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427917957 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.427951097 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.428059101 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.428086042 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.428143978 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.430856943 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431004047 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431057930 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.431092024 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431152105 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431217909 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.431267977 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431329966 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431381941 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.431435108 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431519032 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431550980 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431560993 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.431765079 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.431817055 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.431957960 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.432123899 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.432177067 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.432374001 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.432615995 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.432670116 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.432848930 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.432967901 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.433018923 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.445425034 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.445589066 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.445775032 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.607773066 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:09.880897045 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:09.997312069 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:10.015161037 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:10.240964890 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:10.247435093 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:10.475486040 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:10.475641966 CEST498005500192.168.2.3194.147.140.14
          Sep 15, 2021 00:29:10.700081110 CEST550049800194.147.140.14192.168.2.3
          Sep 15, 2021 00:29:10.701426983 CEST498005500192.168.2.3194.147.140.14

          UDP Packets

          TimestampSource PortDest PortSource IPDest IP
          Sep 15, 2021 00:26:54.170667887 CEST6098553192.168.2.38.8.8.8
          Sep 15, 2021 00:26:54.207604885 CEST53609858.8.8.8192.168.2.3
          Sep 15, 2021 00:27:01.947751045 CEST5020053192.168.2.38.8.8.8
          Sep 15, 2021 00:27:02.076627016 CEST53502008.8.8.8192.168.2.3
          Sep 15, 2021 00:27:07.272417068 CEST5128153192.168.2.38.8.8.8
          Sep 15, 2021 00:27:07.400194883 CEST53512818.8.8.8192.168.2.3
          Sep 15, 2021 00:27:12.254900932 CEST4919953192.168.2.38.8.8.8
          Sep 15, 2021 00:27:12.383585930 CEST53491998.8.8.8192.168.2.3
          Sep 15, 2021 00:27:17.482837915 CEST5062053192.168.2.38.8.8.8
          Sep 15, 2021 00:27:17.516397953 CEST53506208.8.8.8192.168.2.3
          Sep 15, 2021 00:27:22.885296106 CEST6493853192.168.2.38.8.8.8
          Sep 15, 2021 00:27:22.912415028 CEST53649388.8.8.8192.168.2.3
          Sep 15, 2021 00:27:25.565556049 CEST6015253192.168.2.38.8.8.8
          Sep 15, 2021 00:27:25.609678984 CEST53601528.8.8.8192.168.2.3
          Sep 15, 2021 00:27:25.988378048 CEST5754453192.168.2.38.8.8.8
          Sep 15, 2021 00:27:26.024219036 CEST53575448.8.8.8192.168.2.3
          Sep 15, 2021 00:27:28.477812052 CEST5598453192.168.2.38.8.8.8
          Sep 15, 2021 00:27:28.513227940 CEST53559848.8.8.8192.168.2.3
          Sep 15, 2021 00:27:34.172791004 CEST6418553192.168.2.38.8.8.8
          Sep 15, 2021 00:27:34.251058102 CEST53641858.8.8.8192.168.2.3
          Sep 15, 2021 00:27:39.649972916 CEST6511053192.168.2.38.8.8.8
          Sep 15, 2021 00:27:39.773402929 CEST53651108.8.8.8192.168.2.3
          Sep 15, 2021 00:27:40.543015003 CEST5836153192.168.2.38.8.8.8
          Sep 15, 2021 00:27:40.586541891 CEST53583618.8.8.8192.168.2.3
          Sep 15, 2021 00:27:45.167210102 CEST6349253192.168.2.38.8.8.8
          Sep 15, 2021 00:27:45.197247028 CEST53634928.8.8.8192.168.2.3
          Sep 15, 2021 00:27:50.734563112 CEST6083153192.168.2.38.8.8.8
          Sep 15, 2021 00:27:50.770559072 CEST53608318.8.8.8192.168.2.3
          Sep 15, 2021 00:27:55.767343998 CEST6010053192.168.2.38.8.8.8
          Sep 15, 2021 00:27:55.794513941 CEST53601008.8.8.8192.168.2.3
          Sep 15, 2021 00:28:01.209887981 CEST5319553192.168.2.38.8.8.8
          Sep 15, 2021 00:28:01.254210949 CEST53531958.8.8.8192.168.2.3
          Sep 15, 2021 00:28:01.768517017 CEST5014153192.168.2.38.8.8.8
          Sep 15, 2021 00:28:01.800992966 CEST53501418.8.8.8192.168.2.3
          Sep 15, 2021 00:28:04.530802011 CEST5302353192.168.2.38.8.8.8
          Sep 15, 2021 00:28:04.567562103 CEST53530238.8.8.8192.168.2.3
          Sep 15, 2021 00:28:07.552164078 CEST4956353192.168.2.38.8.8.8
          Sep 15, 2021 00:28:07.677320004 CEST53495638.8.8.8192.168.2.3
          Sep 15, 2021 00:28:14.785747051 CEST5135253192.168.2.38.8.8.8
          Sep 15, 2021 00:28:14.822325945 CEST53513528.8.8.8192.168.2.3
          Sep 15, 2021 00:28:21.204571962 CEST5934953192.168.2.38.8.8.8
          Sep 15, 2021 00:28:21.239867926 CEST53593498.8.8.8192.168.2.3
          Sep 15, 2021 00:28:27.949857950 CEST5708453192.168.2.38.8.8.8
          Sep 15, 2021 00:28:28.077641964 CEST53570848.8.8.8192.168.2.3
          Sep 15, 2021 00:28:34.182403088 CEST5882353192.168.2.38.8.8.8
          Sep 15, 2021 00:28:34.260754108 CEST53588238.8.8.8192.168.2.3
          Sep 15, 2021 00:28:34.886750937 CEST5756853192.168.2.38.8.8.8
          Sep 15, 2021 00:28:35.011567116 CEST53575688.8.8.8192.168.2.3
          Sep 15, 2021 00:28:35.031457901 CEST5054053192.168.2.38.8.8.8
          Sep 15, 2021 00:28:35.067050934 CEST53505408.8.8.8192.168.2.3
          Sep 15, 2021 00:28:39.408174992 CEST5436653192.168.2.38.8.8.8
          Sep 15, 2021 00:28:39.448267937 CEST53543668.8.8.8192.168.2.3
          Sep 15, 2021 00:28:41.205141068 CEST5303453192.168.2.38.8.8.8
          Sep 15, 2021 00:28:41.248573065 CEST53530348.8.8.8192.168.2.3
          Sep 15, 2021 00:28:41.456763029 CEST5776253192.168.2.38.8.8.8
          Sep 15, 2021 00:28:41.491748095 CEST53577628.8.8.8192.168.2.3
          Sep 15, 2021 00:28:47.879156113 CEST5543553192.168.2.38.8.8.8
          Sep 15, 2021 00:28:48.005439043 CEST53554358.8.8.8192.168.2.3
          Sep 15, 2021 00:28:54.399796963 CEST5071353192.168.2.38.8.8.8
          Sep 15, 2021 00:28:54.427526951 CEST53507138.8.8.8192.168.2.3
          Sep 15, 2021 00:29:00.587172031 CEST5613253192.168.2.38.8.8.8
          Sep 15, 2021 00:29:00.711952925 CEST53561328.8.8.8192.168.2.3
          Sep 15, 2021 00:29:06.781688929 CEST5898753192.168.2.38.8.8.8
          Sep 15, 2021 00:29:06.808100939 CEST53589878.8.8.8192.168.2.3

          DNS Queries

          TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
          Sep 15, 2021 00:27:01.947751045 CEST192.168.2.38.8.8.80x369fStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:07.272417068 CEST192.168.2.38.8.8.80x673Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:12.254900932 CEST192.168.2.38.8.8.80x55cfStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:17.482837915 CEST192.168.2.38.8.8.80x3be6Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:22.885296106 CEST192.168.2.38.8.8.80x18e9Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:28.477812052 CEST192.168.2.38.8.8.80xc3fbStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:34.172791004 CEST192.168.2.38.8.8.80xd60bStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:39.649972916 CEST192.168.2.38.8.8.80xd20Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:45.167210102 CEST192.168.2.38.8.8.80x7879Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:50.734563112 CEST192.168.2.38.8.8.80x7d4fStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:27:55.767343998 CEST192.168.2.38.8.8.80x7772Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:01.768517017 CEST192.168.2.38.8.8.80x5cc8Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:07.552164078 CEST192.168.2.38.8.8.80x12e5Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:14.785747051 CEST192.168.2.38.8.8.80xfdc0Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:21.204571962 CEST192.168.2.38.8.8.80x114aStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:27.949857950 CEST192.168.2.38.8.8.80xe839Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:34.886750937 CEST192.168.2.38.8.8.80x10c6Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:41.456763029 CEST192.168.2.38.8.8.80x3859Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:47.879156113 CEST192.168.2.38.8.8.80x36fbStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:28:54.399796963 CEST192.168.2.38.8.8.80xd1d0Standard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:29:00.587172031 CEST192.168.2.38.8.8.80x1acfStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)
          Sep 15, 2021 00:29:06.781688929 CEST192.168.2.38.8.8.80x4c4dStandard query (0)sunnysept.duckdns.orgA (IP address)IN (0x0001)

          DNS Answers

          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
          Sep 15, 2021 00:27:02.076627016 CEST8.8.8.8192.168.2.30x369fNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:07.400194883 CEST8.8.8.8192.168.2.30x673No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:12.383585930 CEST8.8.8.8192.168.2.30x55cfNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:17.516397953 CEST8.8.8.8192.168.2.30x3be6No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:22.912415028 CEST8.8.8.8192.168.2.30x18e9No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:28.513227940 CEST8.8.8.8192.168.2.30xc3fbNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:34.251058102 CEST8.8.8.8192.168.2.30xd60bNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:39.773402929 CEST8.8.8.8192.168.2.30xd20No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:45.197247028 CEST8.8.8.8192.168.2.30x7879No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:50.770559072 CEST8.8.8.8192.168.2.30x7d4fNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:27:55.794513941 CEST8.8.8.8192.168.2.30x7772No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:01.800992966 CEST8.8.8.8192.168.2.30x5cc8No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:07.677320004 CEST8.8.8.8192.168.2.30x12e5No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:14.822325945 CEST8.8.8.8192.168.2.30xfdc0No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:21.239867926 CEST8.8.8.8192.168.2.30x114aNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:28.077641964 CEST8.8.8.8192.168.2.30xe839No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:35.011567116 CEST8.8.8.8192.168.2.30x10c6No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:41.491748095 CEST8.8.8.8192.168.2.30x3859No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:48.005439043 CEST8.8.8.8192.168.2.30x36fbNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:28:54.427526951 CEST8.8.8.8192.168.2.30xd1d0No error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:29:00.711952925 CEST8.8.8.8192.168.2.30x1acfNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)
          Sep 15, 2021 00:29:06.808100939 CEST8.8.8.8192.168.2.30x4c4dNo error (0)sunnysept.duckdns.org194.147.140.14A (IP address)IN (0x0001)

          Code Manipulations

          Statistics

          CPU Usage

          Click to jump to process

          Memory Usage

          Click to jump to process

          High Level Behavior Distribution

          Click to dive into process behavior distribution

          System Behavior

          Analysis Process: 01_extracted.exe PID: 2392 Parent PID: 5692

          General

          Start time:00:26:59
          Start date:15/09/2021
          Path:C:\Users\user\Desktop\01_extracted.exe
          Wow64 process (32bit):true
          Commandline:'C:\Users\user\Desktop\01_extracted.exe'
          Imagebase:0x260000
          File size:207360 bytes
          MD5 hash:59F356092B9F54B4EE5563A2FB8A3255
          Has elevated privileges:true
          Has administrator privileges:true
          Programmed in:.Net C# or VB.NET
          Yara matches:
          • Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, Author: Florian Roth
          • Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, Author: Joe Security
          • Rule: NanoCore, Description: unknown, Source: 00000000.00000000.210003414.0000000000262000.00000002.00020000.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
          Reputation:low

          Chronological Activities

          Disassembly

          Code Analysis

          Reset < >