Edit tour
Windows
Analysis Report
IDR-500000000.pdf
Overview
General Information
| Sample name: | IDR-500000000.pdf |
| Analysis ID: | 1505478 |
| MD5: | 1e6049adf927614a5ea1d585ac10f8e6 |
| SHA1: | bfe64a6bf0f2567e8c1d2211194ea16d5f8fab90 |
| SHA256: | 03775e62a1365c52d7c3df5ca2e76a213ed1b20a3b2312ea1a323edf93e496c6 |
| Tags: | dropperpayloadpdf |
| Infos: | |
 | |
Detection
| Score: | 52 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
AI detected landing page (webpage, office document or email)
Detected non-DNS traffic on DNS port
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
Acrobat.exe (PID: 7564 cmdline: "C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\I DR-5000000 00.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) 
AcroCEF.exe (PID: 7768 cmdline: "C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7976 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 16 --field -trial-han dle=1348,i ,687544225 0273393431 ,116200174 2728594539 6,131072 - -disable-f eatures=Ba ckForwardC ache,Calcu lateNative WinOcclusi on,WinUseB rowserSpel lChecker / prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
chrome.exe (PID: 4144 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "https ://etehads hipping.co m/IN/PO/ID R-50000000 0.scr.xz" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92) - chrome.exe (PID: 7716 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2116 --fi eld-trial- handle=206 8,i,398621 1830860752 182,141713 6658935252 2847,26214 4 /prefetc h:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | Virustotal: | Perma Link | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | TCP traffic: | ||
| Source: | HTTP traffic detected: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | JA3 fingerprint: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Classification label: | ||
| Source: | Initial sample: | ||
| Source: | Initial sample: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Virustotal: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | LNK file: | ||
| Source: | Window detected: | ||
| Source: | Initial sample: | ||
| Source: | Initial sample: | ||
| Source: | Initial sample: | ||
Persistence and Installation Behavior | |
|---|
| Source: | LLM: | ||
| Source: | LLM: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Registry Run Keys / Startup Folder | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 5% | ReversingLabs | Document-PDF.Dropper.Heuristic | ||
| 7% | Virustotal | Browse |
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Virustotal | Browse | ||
| 0% | Virustotal | Browse | ||
| 4% | Virustotal | Browse |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| bg.microsoft.map.fastly.net | 199.232.210.172 | true | false |
| unknown |
| www.google.com | 172.217.18.100 | true | false |
| unknown |
| etehadshipping.com | 5.144.130.41 | true | false |
| unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 5.144.130.41 | etehadshipping.com | Iran (ISLAMIC Republic Of) | 59441 | HOSTIRAN-NETWORKIR | false | |
| 23.47.168.24 | unknown | United States | 16625 | AKAMAI-ASUS | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 18.207.85.246 | unknown | United States | 14618 | AMAZON-AESUS | false | |
| 142.250.184.228 | unknown | United States | 15169 | GOOGLEUS | false | |
| 172.217.18.100 | www.google.com | United States | 15169 | GOOGLEUS | false |
| IP |
|---|
| 192.168.2.8 |
| 192.168.2.7 |
| 192.168.2.9 |
| 192.168.2.23 |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1505478 |
| Start date and time: | 2024-09-06 09:52:48 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 11m 34s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultwindowspdfcookbook.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 21 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Sample name: | IDR-500000000.pdf |
| Detection: | MAL |
| Classification: | mal52.winPDF@47/55@6/10 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Max analysis timeout: 600s exceeded, the analysis took too long
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, VSSVC.exe, svchost.exe, UsoClient.exe
- Excluded IPs from analysis (whitelisted): 40.126.32.136, 20.190.160.22, 20.190.160.20, 20.190.160.14, 40.126.32.138, 40.126.32.74, 40.126.32.134, 40.126.32.76, 184.28.88.176, 54.227.187.23, 23.22.254.206, 52.202.204.11, 52.5.13.197, 162.159.61.3, 172.64.41.3, 2.16.202.123, 95.101.54.195, 199.232.210.172, 2.19.126.149, 2.19.126.143, 192.229.221.95, 142.250.184.227, 142.250.185.174, 64.233.184.84, 34.104.35.123, 216.58.206.42, 142.250.186.138, 216.58.212.138, 142.250.185.74, 142.250.185.106, 142.250.186.42, 172.217.18.10, 216.58.206.74, 142.250.74.202, 142.250.186.170, 172.217.16.202, 142.250.186.106, 216.58.212.170, 142.250.185.138, 172.217.18.106, 142.250.184.202, 216.58.206.35, 142.250.184.206
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, slscr.update.microsoft.com, clientservices.googleapis.com, acroipm2.adobe.com, a1952.dscq.akamai.net, clients2.google.com, ocsp.digicert.com, login.live.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, apps.identrust.com, wu-b-net.trafficmanager.net, optimizationguide-pa.googleapis.com, www.bing.com, clients1.google.com, prdv4a.aadg.msidentity.com, fs.microsoft.com, identrust.edgesuite.net, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, acroipm2.adobe.com.edgesuite.net, self.events.data.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, settings-win.data.microsoft.com, ctldl.windowsupdate.com, p13n.adobe.io, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com, geo2.adobe.com, www.tm.lg.prod.aadmsa.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
| Time | Type | Description |
|---|---|---|
| 03:53:48 | API Interceptor | |
| 08:53:32 | Task Scheduler |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 5.144.130.41 | Get hash | malicious | AgentTesla | Browse | ||
| Get hash | malicious | AgentTesla | Browse | |||
| 23.47.168.24 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| 239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | FormBook | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Stealc | Browse | |||
| 18.207.85.246 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | LummaC Stealer | Browse | |||
| Get hash | malicious | LummaC Stealer | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| etehadshipping.com | Get hash | malicious | AgentTesla | Browse |
| |
| Get hash | malicious | AgentTesla | Browse |
| ||
| bg.microsoft.map.fastly.net | Get hash | malicious | GuLoader | Browse |
| |
| Get hash | malicious | Caesium Obfuscator, STRRAT | Browse |
| ||
| Get hash | malicious | GuLoader, Remcos | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| HOSTIRAN-NETWORKIR | Get hash | malicious | FormBook | Browse |
| |
| Get hash | malicious | FormBook | Browse |
| ||
| Get hash | malicious | FormBook | Browse |
| ||
| Get hash | malicious | AgentTesla | Browse |
| ||
| Get hash | malicious | FormBook | Browse |
| ||
| Get hash | malicious | AgentTesla | Browse |
| ||
| Get hash | malicious | FormBook, GuLoader | Browse |
| ||
| Get hash | malicious | FormBook, GuLoader | Browse |
| ||
| Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
| Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
| AKAMAI-ASUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 1138de370e523e824bbca92d049a3777 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| 28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Stealc | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| a0e9f5d64349fb13191bc781f81f42e1 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
| Get hash | malicious | LummaC, PureLog Stealer, RedLine, Socks5Systemz, Stealc, Vidar, Xmrig | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | LummaC, Vidar | Browse |
| ||
| Get hash | malicious | LummaC, Stealc, Vidar | Browse |
| ||
| Get hash | malicious | LummaC, Vidar | Browse |
| ||
| Get hash | malicious | LummaC, Stealc, Vidar | Browse |
| ||
| Get hash | malicious | LummaC, Vidar | Browse |
| ||
| Get hash | malicious | LummaC Stealer | Browse |
|
⊘No context
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 290 |
| Entropy (8bit): | 5.214642881739844 |
| Encrypted: | false |
| SSDEEP: | 6:PhY4q2PqLTwi2nKuAl9OmbnIFUt82hXA53JZmw+2hXA53DkwOqLTwi2nKuAl9Omt:PhHv8wZHAahFUt82hQ5Z/+2hQ5z5TwZC |
| MD5: | 73BFEC8B138F86E0DBF1A0A273DB66BC |
| SHA1: | 5842815B175C80462A845846BE6EAD0E42F498FB |
| SHA-256: | A40F982A85E65D37E04D07224AB721A3C2F201FDC856E4C13E7BC29F207F1BF7 |
| SHA-512: | 8929BD9C9E81E5B91E09504C46262215E75D3D8FFCACC550EC4493865A7F2760594A938A08ECA97A8571B5AD78B6B1EBDFFF2EE93B31DEC3961D9D6CF22B9020 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 290 |
| Entropy (8bit): | 5.214642881739844 |
| Encrypted: | false |
| SSDEEP: | 6:PhY4q2PqLTwi2nKuAl9OmbnIFUt82hXA53JZmw+2hXA53DkwOqLTwi2nKuAl9Omt:PhHv8wZHAahFUt82hQ5Z/+2hQ5z5TwZC |
| MD5: | 73BFEC8B138F86E0DBF1A0A273DB66BC |
| SHA1: | 5842815B175C80462A845846BE6EAD0E42F498FB |
| SHA-256: | A40F982A85E65D37E04D07224AB721A3C2F201FDC856E4C13E7BC29F207F1BF7 |
| SHA-512: | 8929BD9C9E81E5B91E09504C46262215E75D3D8FFCACC550EC4493865A7F2760594A938A08ECA97A8571B5AD78B6B1EBDFFF2EE93B31DEC3961D9D6CF22B9020 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 334 |
| Entropy (8bit): | 5.21243049037178 |
| Encrypted: | false |
| SSDEEP: | 6:Ph7W+q2PqLTwi2nKuAl9Ombzo2jMGIFUt82hFsZmw+2hFsVkwOqLTwi2nKuAl9OU:Ph7W+v8wZHAa8uFUt82hFs/+2hFsV5Tn |
| MD5: | B93ABB0607F12663FE2BF7D112A5A8BF |
| SHA1: | 346838A9B744E508CBB7F6362DF6D285C2278654 |
| SHA-256: | 6ECF43C623AA6FCD065FA4AE69EF4DB7BFDCAAD8DDD87353FF9642DDAB619DA9 |
| SHA-512: | 30451376C6A4F5A255B5156B645368A8FA9661ADE31AE91241B079E20DE2EE6C56E8FD023D4B26F94E992449A6E54E044E57784F26F8442CE3307D8EA07D3DBB |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 334 |
| Entropy (8bit): | 5.21243049037178 |
| Encrypted: | false |
| SSDEEP: | 6:Ph7W+q2PqLTwi2nKuAl9Ombzo2jMGIFUt82hFsZmw+2hFsVkwOqLTwi2nKuAl9OU:Ph7W+v8wZHAa8uFUt82hFs/+2hFsV5Tn |
| MD5: | B93ABB0607F12663FE2BF7D112A5A8BF |
| SHA1: | 346838A9B744E508CBB7F6362DF6D285C2278654 |
| SHA-256: | 6ECF43C623AA6FCD065FA4AE69EF4DB7BFDCAAD8DDD87353FF9642DDAB619DA9 |
| SHA-512: | 30451376C6A4F5A255B5156B645368A8FA9661ADE31AE91241B079E20DE2EE6C56E8FD023D4B26F94E992449A6E54E044E57784F26F8442CE3307D8EA07D3DBB |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\874e6b73-6ec5-47a7-a9d7-20a42915e323.tmp
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 475 |
| Entropy (8bit): | 4.960864601022068 |
| Encrypted: | false |
| SSDEEP: | 12:YH/um3RA8sqosBdOg2HRAcaq3QYiub5P7E4T3y:Y2sRds0dMHRr3QYhbt7nby |
| MD5: | 72235FCB3C0938EEADB2C510189BD0FE |
| SHA1: | AA269489A8564E168F140771D0732202B043B991 |
| SHA-256: | 66F2FFBDA49B659C45BD29918BE168C1A6717B99F16E64E8F87A765F73E628FC |
| SHA-512: | 882D78D19BEC136B2222D70BFFD5B0719A457711CC785B127244CA23574D8552E4326F8625FCC51C136F08756F51E1EC52143CC621B5B508FC380AA45975BB61 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 475 |
| Entropy (8bit): | 4.960864601022068 |
| Encrypted: | false |
| SSDEEP: | 12:YH/um3RA8sqosBdOg2HRAcaq3QYiub5P7E4T3y:Y2sRds0dMHRr3QYhbt7nby |
| MD5: | 72235FCB3C0938EEADB2C510189BD0FE |
| SHA1: | AA269489A8564E168F140771D0732202B043B991 |
| SHA-256: | 66F2FFBDA49B659C45BD29918BE168C1A6717B99F16E64E8F87A765F73E628FC |
| SHA-512: | 882D78D19BEC136B2222D70BFFD5B0719A457711CC785B127244CA23574D8552E4326F8625FCC51C136F08756F51E1EC52143CC621B5B508FC380AA45975BB61 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4288 |
| Entropy (8bit): | 5.215218812201437 |
| Encrypted: | false |
| SSDEEP: | 96:GICD8SBCmPAi8j0/8qbGNSwPgGYPx8xRqhm068Ozs5PT7JxiT82Z:1CDLCmPj8j0/8qKgwPHYPx8xemT8OzsE |
| MD5: | F3F0BC8971099D85E0F80BBE2AFDDF86 |
| SHA1: | 6DC139AA3E259FBD6FDC7AB24F8834CF5E56E4AD |
| SHA-256: | EA3E8871A696D735A54B01798D84EE3FA1A11D6AF10355FEDA2BA8368FF272CA |
| SHA-512: | 46C77FEE5C813E97005C549A4C16D27BD11B4F484BE214CDE75C9C1897B0CA542E8FB6EE73F56F7F5C46A315B177A3416709FCC566150D85CCD9CFC6A2BFE824 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 322 |
| Entropy (8bit): | 5.257271226534739 |
| Encrypted: | false |
| SSDEEP: | 6:Ph9J+q2PqLTwi2nKuAl9OmbzNMxIFUt82hpZmw+2hvVkwOqLTwi2nKuAl9OmbzNq:Ph9J+v8wZHAa8jFUt82hp/+2hvV5TwZv |
| MD5: | EFE6A263699F689BEA007E3752C2AED4 |
| SHA1: | 4BA230F2D31FCE5A3A19F2DE0B0AAD8DAB15369E |
| SHA-256: | 2666A666A7E795536320DC1523C531E4FA25714905CD68040DB052C3200E42AE |
| SHA-512: | 6E913534C630BEF76530CE83861402A0BDB427B111F528E2C94B3A9C8C7D629DCDC581BAE535486843A5163C228C608FC9ACF622EE6B13BCF028CB5A8FE1F0B1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 322 |
| Entropy (8bit): | 5.257271226534739 |
| Encrypted: | false |
| SSDEEP: | 6:Ph9J+q2PqLTwi2nKuAl9OmbzNMxIFUt82hpZmw+2hvVkwOqLTwi2nKuAl9OmbzNq:Ph9J+v8wZHAa8jFUt82hp/+2hvV5TwZv |
| MD5: | EFE6A263699F689BEA007E3752C2AED4 |
| SHA1: | 4BA230F2D31FCE5A3A19F2DE0B0AAD8DAB15369E |
| SHA-256: | 2666A666A7E795536320DC1523C531E4FA25714905CD68040DB052C3200E42AE |
| SHA-512: | 6E913534C630BEF76530CE83861402A0BDB427B111F528E2C94B3A9C8C7D629DCDC581BAE535486843A5163C228C608FC9ACF622EE6B13BCF028CB5A8FE1F0B1 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-240906075346Z-176.bmp
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 65110 |
| Entropy (8bit): | 1.4646191975652882 |
| Encrypted: | false |
| SSDEEP: | 96:PnuQl2CTdF/KEjNuBrrmgrrrri4nXF9GD9tmg2B2wURPCRhl4YIESfn6qMe+kVMI:PnPZBBorrfrrrtggfGI2nBrM0EEIN2 |
| MD5: | 379FA0E0E0DC1BFC910DD06B4C927D0C |
| SHA1: | 6BC7787DA840219C110A42938A50DCE1DCCE5F71 |
| SHA-256: | 95B294F1EAD8C3B5EFC554FC9F9321CC11D12C0DAE5B10B65036F8C8F5C8D049 |
| SHA-512: | D073AFEAF4679AB11037152E15207B441A4AE5C3CB7C57F582E5513936FAF32F66CE380C0EC8539D50C694B175BBB2C67911C86398CC31E489AA7DEEBAE62112 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 86016 |
| Entropy (8bit): | 4.438717517678962 |
| Encrypted: | false |
| SSDEEP: | 384:ye+ci5GhiBA7vEmzKNURFXoD1NC1SK0gkzPlrFzqFK/WY+lUTTcKqZ5bEmzVz:pturVgazUpUTTGt |
| MD5: | 014A445F58AA7BA073EC9D04721DBE08 |
| SHA1: | 4A91BAAFD187639E5F75A0BE5A2D318D2A78E6FA |
| SHA-256: | 6799A9D0B8D0292EEDE8E291C79C04BA2385393C0907355FEB7DB0B5800DAEDB |
| SHA-512: | 5985B9654A1AB43121D0EF770483A4C951543D4FB98C0EAC0AB4E54FC72B4ED77F4E3301F01746891C1F6D6E7E5D6EF0E1A49FC5CFF0494479228FE5BAA1C7F3 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8720 |
| Entropy (8bit): | 3.7691217386844724 |
| Encrypted: | false |
| SSDEEP: | 48:7MnJioyV5sioye5oy1C7oy16oy1YdKOioy1noy1AYoy1Wioy1oioykioyBoy1noL:7AJuWcXXjBiSb9IVXEBodRBkH |
| MD5: | BB6699F606138D9C6609A64701317D90 |
| SHA1: | 469FCDB58C8109E83D5729188E2580AD7A5168B3 |
| SHA-256: | 41CA3FAA4869F3107FE4D7502BE4AA6947CEA100C2A9991335CB33FCA5C3F758 |
| SHA-512: | D3CAC50F5F6D96622BCEC14F44DE1BF10E6A963BF57AE2CDBAFDB137EFE606EBC1CE4324C3170D967B43D67BC3B78C37A40269C467BE2D0067C5B8D1D3BA9E82 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506 
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 71954 |
| Entropy (8bit): | 7.996617769952133 |
| Encrypted: | true |
| SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
| MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
| SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
| SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
| SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 893 |
| Entropy (8bit): | 7.366016576663508 |
| Encrypted: | false |
| SSDEEP: | 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x |
| MD5: | D4AE187B4574036C2D76B6DF8A8C1A30 |
| SHA1: | B06F409FA14BAB33CBAF4A37811B8740B624D9E5 |
| SHA-256: | A2CE3A0FA7D2A833D1801E01EC48E35B70D84F3467CC9F8FAB370386E13879C7 |
| SHA-512: | 1F44A360E8BB8ADA22BC5BFE001F1BABB4E72005A46BC2A94C33C4BD149FF256CCE6F35D65CA4F7FC2A5B9E15494155449830D2809C8CF218D0B9196EC646B0C |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 328 |
| Entropy (8bit): | 3.2097549127822127 |
| Encrypted: | false |
| SSDEEP: | 6:kKQ9UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:zDImsLNkPlE99SNxAhUe/3 |
| MD5: | F11CD916F087F5DCC032B06B3E3C7401 |
| SHA1: | 9DF72CFB2FF8C86408A812198E01382422949AFC |
| SHA-256: | 3654F397E870029A7E0603415210202B07C7826526F21BD895ACF5CE773B5C87 |
| SHA-512: | 6D1D9C7AD5976BEFFF2E2C40126C7517BF62FD94ECC92037E52FAD557343F1D134622327C8487550AB6B21AB371948A3E3F7BC6A65410EEA11D11CF9821B5922 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 252 |
| Entropy (8bit): | 2.988892319473363 |
| Encrypted: | false |
| SSDEEP: | 3:kkFkloClfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7lnklc:kKXClxliBAIdQZV7I7kc3 |
| MD5: | 05FBA80556BA58D4E2AC47729F0A6F72 |
| SHA1: | F33B34E186FA0B86BAA0D74F5F58688A0F2FC2EC |
| SHA-256: | 131ACC403A8CDAFB08BC3A201AA905174740BCF7B23842E58544F2A3F896F99F |
| SHA-512: | 9359DE7D5A70B7A858A1995393E4FFF464A6E2E7B8720813C2CF287EDFCF8116C1D5F480A610108C48AD20658126ED415B7FF658D357DBBB774A0F49EE8BCBEA |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 185099 |
| Entropy (8bit): | 5.182478651346149 |
| Encrypted: | false |
| SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
| MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
| SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
| SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
| SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 185099 |
| Entropy (8bit): | 5.182478651346149 |
| Encrypted: | false |
| SSDEEP: | 1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC |
| MD5: | 94185C5850C26B3C6FC24ABC385CDA58 |
| SHA1: | 42F042285037B0C35BC4226D387F88C770AB5CAA |
| SHA-256: | 1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808 |
| SHA-512: | 652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 227002 |
| Entropy (8bit): | 3.392780893644728 |
| Encrypted: | false |
| SSDEEP: | 1536:WKPC4iyzDtrh1cK3XEiv07VK/3AYvYwgF/rRoL+sn:DPCaL/3AYvYwglFoL+sn |
| MD5: | 11F2FC7F8C64BEAE994575ECEF93CFFF |
| SHA1: | 75014E1BF55814F00BDD25BB8D290A2FFE881A3A |
| SHA-256: | 962CBFB11B6666C900037518E4F69ACA3B2633A3A522D2BFB830A4868EA366CB |
| SHA-512: | ECE2F0B04DB5A01316ED75FFD2AB381EC035636B758A20E58C355AEEB4E5032102A279EB97FBC0CC8617BCC47DBF7ECBB3BE15994342CC5B56B4C56999956975 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 295 |
| Entropy (8bit): | 5.333007406894071 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJM3g98kUwPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGMbLUkee9 |
| MD5: | 4C447BE361CED3F8E3A52A165683AF9F |
| SHA1: | 84089C16A34AE6A8C37E20DD091F1D26B5341E89 |
| SHA-256: | BE7DCA4F5DAD3AB4F1B54A5DDD685935FBD8CF9188B72AB94BD7EA17B16FE319 |
| SHA-512: | 051E6BFEA098C40D0D6576E1D1C1F7594103C4CD3B31BE6827825854E362D66B1EA9CD3A972E8B3C33A1ADC91E432C708CC5984B7F336E737BB80AB427D185C2 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 294 |
| Entropy (8bit): | 5.281463114599979 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfBoTfXpnrPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGWTfXcUkee9 |
| MD5: | FF39400AD91734FF898D679D81A519E0 |
| SHA1: | 79FD1F3AAF41D3D6282C16713A72FFE8FFCEBAB9 |
| SHA-256: | 13DD83D20D18F126FDC2D15897660E5506AA41201EE41C4BC3E235FDD0E5BA76 |
| SHA-512: | EC5D25D8260BBF5107D2EEEF91A209EC9A6AD10B156F392549CD8B972EB1F17CC06F52CBC8E427D08E0F51DF3C3CE06108802C36C607632A6308FA737A887B12 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 294 |
| Entropy (8bit): | 5.260284189645578 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfBD2G6UpnrPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGR22cUkee9 |
| MD5: | C97FD01EBF6553DDB4918B60BD6DECCE |
| SHA1: | 7DF82BDADF851CE634389249101F77BBB9A50C99 |
| SHA-256: | 6F7156D16C4D603E4D18DA21D2D85A5AB2ED627CE42A777CD740277872DE54A4 |
| SHA-512: | D814BF1C9057E1A209EE9318BF76E8E259575D2B44E1143F04AF551351E1623CFE0EEA2C58728AD62CDF6E5589AE516CF145FA85ABD4F3090B4E3348A63301BF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 285 |
| Entropy (8bit): | 5.312944317367791 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfPmwrPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGH56Ukee9 |
| MD5: | 391229E53D4D4D5DD07E35417309E6E0 |
| SHA1: | 54A23A5F0544F388F9DDF78DD6DE4A280FF02F9B |
| SHA-256: | C91A75BEE806CF2688B1FD1B484A7219F41C75738415FAAA008B19EDA279CE6D |
| SHA-512: | 6AE722AFF94657EE3B085C5CE15477CC609FF531B806412981D094B1E8A3F4DB0FCA69A9194355A628A8EA0C4E2DDEA55B23FF7AC0D5714D3EA1C4B017E37FAE |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1063 |
| Entropy (8bit): | 5.673044364468584 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIs+pLgEFqciGennl0RCmK8czOCY4w27A:Yvp+57XchgLtaAh8cvYv3 |
| MD5: | 4B2CC0E01D6E26AD0E2B52BDCE41F5B7 |
| SHA1: | 48F2A5AABBECF21D8EDC5FEB87E1A65BA81F4CAE |
| SHA-256: | 710BBE3D08CE3972DB05BCEC22959CFA184669B700E5ED4E4DE57167DE2C1FC4 |
| SHA-512: | A6A77A85C5A16D5E5B72663F3E94C6DA6D245358B6404AE9936DD3554ECBA6B55B1CBF6411AC623D105AD2CFB30BB9493D551981A3EE98DDB3BF61F2DA16288F |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1050 |
| Entropy (8bit): | 5.663247393743027 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIsoVLgEF0c7sbnl0RCmK8czOCYHflEpwiV7A:Yvp+57XWFg6sGAh8cvYHWpwd |
| MD5: | 66A86D59F9FC9065610290208CE4CFAE |
| SHA1: | 26275F142D678904D282814E804448312098FA2F |
| SHA-256: | EFE70DFB181CD830B209A5061B3419928C08B930014AFC6F01CC8DD5FEF028F2 |
| SHA-512: | FA92F915A6B3DA0700DC499AE4105F3E9A92784BF3B0583E74FA75269B53F8A5F941B4977D21F4D78FBAE41566480E6D3538DA820B1F8D469CFCE4B71600A531 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 292 |
| Entropy (8bit): | 5.277379628855321 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfQ1rPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGY16Ukee9 |
| MD5: | B97D2A7F1951F396FF3E6FF32AFAFAE7 |
| SHA1: | 0E449D011F1FF608CE494C588BCA0DB33F9D081D |
| SHA-256: | 6ECAE86D958163F19EDADCF74CEADE965E524D99C1B6EF25FA9D70EC3879BF9D |
| SHA-512: | FFAF88B1DF09E43F64BAD4800364E030476D8ADFF1DE3805E0BB1857A998D4020273943B26F106558A7084A868A798B348BD99D8E73A4014330E34EFB59CDEFF |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1038 |
| Entropy (8bit): | 5.655976548055895 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIst2LgEF7cciAXs0nl0RCmK8czOCAPtciB7A:Yvp+57XDogc8hAh8cvAq |
| MD5: | 8C29B04F55FF4CD4B3E6CADE3136BE76 |
| SHA1: | 01ED9F73C2605893B3B8148B7A7E058FBFB9C906 |
| SHA-256: | D321745A9E0E871B0C06F6AE7B4FF52D31F5E5477FE4395B4A411F5DD0277D71 |
| SHA-512: | E3119B2870CAD6068DF109A64A37FDE1A2044A99B7661E98BDA1E65A5F25F119ABE607A291D29573CF00D7B5100DADAB94F1AB29AD442EE13F42A7BCC0C17565 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1164 |
| Entropy (8bit): | 5.703736110293048 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIsFKLgEfIcZVSkpsn264rS514ZjBrwloJTmcVIsrSK57A:Yvp+57XPEgqprtrS5OZjSlwTmAfSK2 |
| MD5: | FF330A54F4B08AB229E57A6D75681822 |
| SHA1: | D2310E8123040BAE43CDEE7DC3994694124B5EA3 |
| SHA-256: | 31A3A8250923E1009C8B0D3C79E08C1F87172F07214F0AFACA211D2376342627 |
| SHA-512: | 97239DE8C3FBF59C60D2D548C85A6306EB70FE979445E417681BE690357E2F865E988F7A657531FD5D2B9609E78D19AC655A258CA53C4CD2E9EDE32196DF42FC |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 289 |
| Entropy (8bit): | 5.29231629520542 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfYdPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGg8Ukee9 |
| MD5: | 028C08E304459E9D7F0F365E471B6395 |
| SHA1: | E33EA70254D3C6565F6E48BA30B4CF856AEA7A68 |
| SHA-256: | 296EEA4A44868D740F8DDDC52B6D0007D81F15FD480870376CBAE8E7240222CE |
| SHA-512: | 8E5AF4478E57C542A517B12FDBD8733D9BBED9BB484EA3244F5B7347F5A7D1280C828AD26F2DF3E8EC61B984CFAD9FCECFE1A99507651707AF34D2ABBC5B81C3 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1395 |
| Entropy (8bit): | 5.776108908716778 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIs4rLgEGOc93W2JeFmaR7CQzttgBcu141CjrWpHfRzVCV9FJNjA:Yvp+57XSHgDv3W2aYQfgB5OUupHrQ9F8 |
| MD5: | 58E83F8BAC0F0B72303F8FAF70D878C1 |
| SHA1: | 4D3E4A38D66D079129DFFC8AFB4001D207EFAD4E |
| SHA-256: | 00181D8A292C9FFCBE250D74C0DEC0B19F6D7583964AD7373E01A52B22EEFED6 |
| SHA-512: | 099BD229AB4D22D355D339D1235106EF0829D8F6270C23490CF8C9BE9B3F2C709CDBE377F05E468F68121781E6BC85EA6296FDBDAE7310A49B3CE7B1083E7AE0 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 291 |
| Entropy (8bit): | 5.275916201846945 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfbPtdPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGDV8Ukee9 |
| MD5: | B161D90C7D74DC60755F19A5524A7FF1 |
| SHA1: | F37649F78A0F7F785D42DC42FAE28D3FC9AD4E66 |
| SHA-256: | 4398B6E066BFDC38F5C8DF244BA6DAA766D14D140F62DC64C38887F88DE36A00 |
| SHA-512: | 43FC9C36CC81BB67536F5A24CAFD74436E608B5A9022C1BA2C237501CC93FDFF900A53B954DEA18EBE7E412F46383157F290F035B621ECE6BAB6DEFDD8396386 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 287 |
| Entropy (8bit): | 5.268180021611064 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJf21rPeUkwRe9:YvXKXTMAR5BT5LjIP0ZG+16Ukee9 |
| MD5: | 5BDFD69B672A3206E68F79E8F54BAE7B |
| SHA1: | 950EC11458F83FE3DFF8ADDB9D42CEA74A1A97D8 |
| SHA-256: | 204C21C0EE60ADC99B17173D516E75184485CE552E8C702F43C57DC936351885 |
| SHA-512: | A822288EE6A9ED974570BFF5DC296F674E2447BCE2F72804B26029885E01048908DC83DE99AFE67BFFE270021C0E44DB15168ED8A7AC9B7BF01DE69A055AABBA |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1058 |
| Entropy (8bit): | 5.666463720204754 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIsiamXayLgEFRcONaqnl0RCmK8czOC+w2E+tg8B7A:Yvp+57XuBguOAh8cv+NKf |
| MD5: | 28861D8D2B132C496FD1E047E083A52A |
| SHA1: | 3DAF6005D9000E77DEBA203E9F0220FC90542694 |
| SHA-256: | 6E36AAC247913BC62FD48BFD7DF822A83071162BC2C584E234952B19C99CBF47 |
| SHA-512: | C89DE78EFA4168A6BDE1D4CE7184F67C9E3479A9586404108F0A844F1F83DD3DCDD6492997F9928543B677293D4A5AC29BE406A65D1C03EBB792C681286F4827 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 286 |
| Entropy (8bit): | 5.244164766574197 |
| Encrypted: | false |
| SSDEEP: | 6:YEQXJ2HXDciHsAR5pYmSg1c2LjcWkHvR0YQqoAvJfshHHrPeUkwRe9:YvXKXTMAR5BT5LjIP0ZGUUUkee9 |
| MD5: | 3FD6E4C4B1FA080087108B28A1129580 |
| SHA1: | 4A6E0A988744135FFC03DBB80027DF29C58CB10E |
| SHA-256: | F22B9BD4795B707425EFEBE7A56555822B489569AF04563EDAB2BE75FF9F794F |
| SHA-512: | 252A8B182264427A4241E28247D5629795AAB98377B08337D69BDF346532DFA55C0442EF303F4E55A8758BADF6854F0666B2ECF701454F37A8DBF2F4BC4AC50F |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 782 |
| Entropy (8bit): | 5.367610981167745 |
| Encrypted: | false |
| SSDEEP: | 24:Yv6XTM+5BT5XIs1168CgEXX5kcIfANhkA:Yvp+57X388Cgs5Fvd |
| MD5: | 047E411B978A94AD74979387B69EB611 |
| SHA1: | FFA2321244DCF8719940FF1DE9EE0B67CB110ED7 |
| SHA-256: | 3FA564AEE90BEBB9BA954C6463FFA05277544E9A1EBA9458EA4FED3238DCE394 |
| SHA-512: | 9923CF3EACDD3C6B8BBE812009D6A4E0DDC4A77D3E748119BE7B3D843DB27CF2BA70A78960418A27B57403D4A5B7F32B965FD5219E18A1012CBCC13A924E6D21 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4 |
| Entropy (8bit): | 0.8112781244591328 |
| Encrypted: | false |
| SSDEEP: | 3:e:e |
| MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
| SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
| SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
| SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2818 |
| Entropy (8bit): | 5.128532808284074 |
| Encrypted: | false |
| SSDEEP: | 24:YKZWqL2pWGaZxt3ayxWJrTW67WRCOrWG8V7zWJiaZWfKWRxWPjfj0SLWfnsB/2WZ:Y6PnU89tg6iaJr6BQp6plM1VCE7979 |
| MD5: | 101BAE166A3307DF840AA4E1CEC0B339 |
| SHA1: | 0A9DCE349119290C7218DF54A759553DF43FF7C7 |
| SHA-256: | ADD3A01CDBB09CD98B79AB99C8646EC2252B0D46527BF07DBDFC0A19C6A76C2E |
| SHA-512: | 947DB9CF3AD63E5FBBD765C7B484772E23E175F66587703B32DD31573D00AF5E5463F7F610CF25EA3100D06BEB42114E30F610291A7F102A8557956A09A2D49E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 12288 |
| Entropy (8bit): | 1.36621953100739 |
| Encrypted: | false |
| SSDEEP: | 24:TLBx/XYKQvGJF7urs9S6bqyKn6ylSTofcNqDuAd6PXKdqEKfS8EKfM1ba4d6PF:Tll2GL7msMcKTlS8fcsuAd6EfI4d6d |
| MD5: | BEC39A5A40489D007366AD0BE3BF4B44 |
| SHA1: | 43C2E5B0FA53372B8BDC1E50C014C27BF7299EAC |
| SHA-256: | 231FA886C314A16E52FE687FC285DD5C555021C53ADB605B0605FD20B27FC415 |
| SHA-512: | 43997FED62C2C5A485FC4B45BF65D20B7ACB7C969707A7BB004BFB4AE05EDDB64AA3DC52C87536D22EB19005E8539768E037BDC647220953DCB7E45C14F508DE |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 8720 |
| Entropy (8bit): | 1.843426054139733 |
| Encrypted: | false |
| SSDEEP: | 24:7+t9Z6bqyKn6ylSTofcNqDuAd6P+KdqEKfS8EKfM1banbqvqLKufx/XYKQvGJF77:7MvcKTlS8fcsuAd6dfIqqGufl2GL7ms3 |
| MD5: | 798CF2F87C056E16D61A948714F609C6 |
| SHA1: | C57D104BDAA7C02ED324AAEF6617DEB845E16B0D |
| SHA-256: | A10A090D76588EF837ECD4DA8989F40E42A0EB63D7C55BD6E8F565C3930B90EA |
| SHA-512: | 417AC79B5F66A6E723F219645D8D37440C3579B2BAE86E957280688495C0CA7700BB5335C866C19FDCCDF10BC731552877C5E39AE39E3D08BC3483F5B58D7323 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 246 |
| Entropy (8bit): | 3.5553319929546836 |
| Encrypted: | false |
| SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K88Uow:Qw946cPbiOxDlbYnuRK8t |
| MD5: | 485D78C82F9067BD9C1AB4DAF39AB48B |
| SHA1: | 10680CDB30C5735011B34EDEB6D85E9765F4C7E4 |
| SHA-256: | 06A22F22A6E699A06A5F2E5B5246037DB65456CEA13A641611068DDF0A3A1B89 |
| SHA-512: | 572552C46D32010440DB63D7BA62B2037E065ACDC61C9D841C32DB4FC50645066EAF4F4FD05D7C4605C78B974C9553B0D70B2EA339DED79681498440B27E4B86 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-09-06 03-53-43-686.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 16525 |
| Entropy (8bit): | 5.330589339471305 |
| Encrypted: | false |
| SSDEEP: | 384:usQfQQjZyDzISMjg0svDBjA49Y0/sQHpMVhrSWD0Wny6WxIWd44mJmtaEKHvMMwh:Ink |
| MD5: | 5BC0A308794F062FEC40F3016568DF9F |
| SHA1: | 14149448191AB45E99011CBBEF39F2A9A03A0D15 |
| SHA-256: | 00D910C49F2885F6810F4019A916EFA52F12881CBF1525853D0C184E1B796473 |
| SHA-512: | CF12E0787C1C2A129BE61C4572CF8A28FC48039B2ADFD1816E58078D8DD900771442F210C545AD9B3F4EAEC23F6F1480F7BBF262B6A631160B20D0785BC17242 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 15114 |
| Entropy (8bit): | 5.357507771771891 |
| Encrypted: | false |
| SSDEEP: | 384:dFJg5JEoe4bjSFt2V3zFbABxS5AYzAYFk3nlD7FjSFrTZBBE0fb3qBqrSZ3aqV17:Avo |
| MD5: | 914708DCB091AEDD6ACE855319287C2F |
| SHA1: | AB3FAAAEAD830DC0C566A14F5BABA6283D299C5F |
| SHA-256: | 7719CF36EC47FD7C9797FC445CF09C3D4F3911D2910FF330C9039AE489117C78 |
| SHA-512: | 4DE595AAEE64CBF51EBED671CA44590E1E97C656AEEC03853570F5FD52EC60E2733B688527360C4509FA2C4A32097209219ED3E16BE7083C6ACDE5DB66CA6D67 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 29752 |
| Entropy (8bit): | 5.398079356000369 |
| Encrypted: | false |
| SSDEEP: | 192:icbENIn5cbqlcbgIpLcbJcb4I5jcbKcbQIrxcbmrcb0ISCcbZ:8qnXopZ50reSR |
| MD5: | CB1276FE5A03DC05A328E8E1F89B0D1E |
| SHA1: | D564E90ABFC2D352EB8550BC617BF7451C07C5D7 |
| SHA-256: | 8FD6DFC5CCC467BEB79429C1884D12B2A2B9FCD5ACCCB319C68759D74780A63D |
| SHA-512: | 8272351356CB27FE2E26DCE0F7F74A2686123E71F84CC5B6FE118265A80146722C1A893F0FA6C9489B9B4EE4F02CB8016FAAC16449171C84A1A0F5164E150485 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1419751 |
| Entropy (8bit): | 7.976496077007677 |
| Encrypted: | false |
| SSDEEP: | 24576:/gWL07okZwYIGNPUGZfPdpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:4WLxkZwZG6GZn3mlind9i4ufFXpAXkru |
| MD5: | ACB1B27818CEB36D0750207A9585D1DE |
| SHA1: | 6F8E0D68875083DD83681391CE1C8304D0CF8C29 |
| SHA-256: | BAB1F04D2DB8ADF240CFE93D51DFDA5CABE1D1DA91DCC807D2ABD93E030926D6 |
| SHA-512: | AFE11C5D4A50430BE73E2D82081C6C02DB93A8368999C9139863A5A2DD0780066E020A5D2FDC94612E808862C8FB0CF90CA92E7CEAAAFEB4C3EA59703229B4AA |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1407294 |
| Entropy (8bit): | 7.97605879016224 |
| Encrypted: | false |
| SSDEEP: | 24576:/xA7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R07/WLaGZL4YIGNPJe:JVB3mlind9i4ufFXpAXkrfUs0jWLaGZo |
| MD5: | 9F39E726C0EA0FB425C69A21F30C0EED |
| SHA1: | 9B2B079D2F9A4F53A981F1518F11D4BEB50FABC4 |
| SHA-256: | 52F1F422A8A01FD89E8EB051F2EED7015C66DD3EBAB64F72C3A0AAD781E95748 |
| SHA-512: | 5BAF313AE82677BA101CE70092B1CDDBD679C9A04614087E5CE091246A30A7AD235E20F3809E4B7FB1BC608DC2C42781BB9BD03D5837D9DC16EBBC5CD6D725D8 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 386528 |
| Entropy (8bit): | 7.9736851559892425 |
| Encrypted: | false |
| SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
| MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
| SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
| SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
| SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 758601 |
| Entropy (8bit): | 7.98639316555857 |
| Encrypted: | false |
| SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9U0:O3Pjegf121YS8lkipdjMMNB1DofjgJJg |
| MD5: | 3A49135134665364308390AC398006F1 |
| SHA1: | 28EF4CE5690BF8A9E048AF7D30688120DAC6F126 |
| SHA-256: | D1858851B2DC86BA23C0710FE8526292F0F69E100CEBFA7F260890BD41F5F42B |
| SHA-512: | BE2C3C39CA57425B28DC36E669DA33B5FF6C7184509756B62832B5E2BFBCE46C9E62EAA88274187F7EE45474DCA98CD8084257EA2EBE6AB36932E28B857743E5 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2673 |
| Entropy (8bit): | 3.978584130449546 |
| Encrypted: | false |
| SSDEEP: | 48:8Z9dHTAaHeidAKZdA1P4ehwiZUklqehgy+3:89MvO/y |
| MD5: | 0EAD480933A51159091F78CFD47E7103 |
| SHA1: | 50772C23EFD1944EE83FC2BD18DD42D21F100751 |
| SHA-256: | C974FB8E650A872B02DEAF9F56707C066BF444261872A1150866D26C5CEDACAA |
| SHA-512: | 69D7321B318A1CE6AAA2665A7482A24C07D0F94575784992549AEBBDF024516E1F52B2915A90D46531211274BF939D7CB317F7E17DA867BA5C29BE7DA00988BD |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2675 |
| Entropy (8bit): | 3.994811795582665 |
| Encrypted: | false |
| SSDEEP: | 48:8sN9dHTAaHeidAKZdA1+4eh/iZUkAQkqehvy+2:8sZMeF9QWy |
| MD5: | FFF128EE24705ABCFD0DA48491B4ABEB |
| SHA1: | DAD41F4B0FFC203311B258A8EB477FFA317659E1 |
| SHA-256: | E1FA0DBA20A169EEDABF9DC3210944B71BD0997E8ACBDD4C8D2BAE9E26727356 |
| SHA-512: | CA1885FC8153A54E31BDFD3DD326E7F601B98BDA10040B0C72D35D0CEAB7C6B83D30C83AA4A0F36FB0A99736D9BE7AF53EE2B51DF233535598B4845AF3F54186 |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2689 |
| Entropy (8bit): | 4.006635958000923 |
| Encrypted: | false |
| SSDEEP: | 48:8V9dHTAVHeidAKZdA1404eh7sFiZUkmgqeh7sly+BX:8xMGInLy |
| MD5: | AF4F50563E83296280645A275A019013 |
| SHA1: | 6B3E4EEF503BBE3F6DBC5637833655757D3C1548 |
| SHA-256: | FC7FABE2DEFAFB491148D0F1F3560C5AD42ED25CADDD03C5C3ADE2782C220DCE |
| SHA-512: | 227FDAEE9DFE5F11860E517400C3CA3E80691B8DB13D0531C009402DF5F2A6B2A722F4598C553C5D239B0451B7A947F5F91B26C9F90C1279D470F31B0EF4738D |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.991567765820453 |
| Encrypted: | false |
| SSDEEP: | 48:8M9dHTAaHeidAKZdA1p4ehDiZUkwqehTy+R:8AMJ5Ny |
| MD5: | B1A1A63279923837CBD402B780E7C631 |
| SHA1: | FCC0CEAF6D8620DC378310D8D2FE6B73FD010C1A |
| SHA-256: | 3620CF7568B631473F4402C43B8A86DEB1400E99974AB51317C3C2C3B3648F45 |
| SHA-512: | E994B6E147F9C00751DD662863F20D6B5EF4F2804F016A6BB4E163B0B70A2002192722D9F3FDBE5F2FEC05DC63B1E435F7F33739BF8F229C4C56DE6ADEF98E1B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2677 |
| Entropy (8bit): | 3.980015008731886 |
| Encrypted: | false |
| SSDEEP: | 48:8e9dHTAaHeidAKZdA1X4ehBiZUk1W1qehBy+C:8eM3b9hy |
| MD5: | C35418198FE2500DE4462AC27202F4EF |
| SHA1: | 1F16232A298DF70AF42C81C9AF2328031EF6ABC5 |
| SHA-256: | 6CAF0ACAE7F1957D21BA30005AF7A1F44296DFC0A6260A820DA8318AF42E0124 |
| SHA-512: | 713EB5E73C564116031102F83A47A0D7EC818F2D1D5BFFD27733FDD1E0CBBA098E71AC4439F6AB839E9801106C3C42E933FD4A3AD25DC3196974ADAA31001C8B |
| Malicious: | false |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2679 |
| Entropy (8bit): | 3.9887367486596665 |
| Encrypted: | false |
| SSDEEP: | 48:8k9dHTAaHeidAKZdA1duTc4ehOuTbbiZUk5OjqehOuTbLy+yT+:8IMwTcJTbxWOvTbLy7T |
| MD5: | 94FE33097CC870C10CADDC0832D613C7 |
| SHA1: | EAC1816740C5DC14690EE3326D2BF4BC23A3A3B2 |
| SHA-256: | 60AE1C2A0AC59C500037310FC99ED1CD72CB64F4CAF17482CB8BB55C0F62780D |
| SHA-512: | C40B59A0D7B71B4B5D6085AA4F2AF1ED4E17E93E1628B32E2BA9372F69350EF4A22E978ACEF0321BC6E62EE47764D1BFF262C52667B33DC55D42C073DDF8FAED |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1327584 |
| Entropy (8bit): | 7.99987159653479 |
| Encrypted: | true |
| SSDEEP: | 24576:O5vlz2FB+t99s8H657jtNjTgMvOSDhBsGKWfBxZkJaLd1FeKU4i27+fh3k7/VSe:Op2BaNaVhNZW4hPb7EaLVZyZk7t |
| MD5: | 25570231E0AFF080FB5B024A28222C3C |
| SHA1: | 8E69355AC7D7138FB5E07CCFE5DC5C9B4C4FF99A |
| SHA-256: | D40EF0236512B096B2F06774466196FAA97A8B435D4E297945F4DF7330E69664 |
| SHA-512: | 113B850E2CD09F4190AA51EA8E0649081E497B8F800073AAA9EE44D5926D2A415718D86975FF7413470E7611CF0AA18C2DB27D24F13F129B0B7AEC31B1D3871D |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1327584 |
| Entropy (8bit): | 7.99987159653479 |
| Encrypted: | true |
| SSDEEP: | 24576:O5vlz2FB+t99s8H657jtNjTgMvOSDhBsGKWfBxZkJaLd1FeKU4i27+fh3k7/VSe:Op2BaNaVhNZW4hPb7EaLVZyZk7t |
| MD5: | 25570231E0AFF080FB5B024A28222C3C |
| SHA1: | 8E69355AC7D7138FB5E07CCFE5DC5C9B4C4FF99A |
| SHA-256: | D40EF0236512B096B2F06774466196FAA97A8B435D4E297945F4DF7330E69664 |
| SHA-512: | 113B850E2CD09F4190AA51EA8E0649081E497B8F800073AAA9EE44D5926D2A415718D86975FF7413470E7611CF0AA18C2DB27D24F13F129B0B7AEC31B1D3871D |
| Malicious: | false |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.974129277959889 |
| TrID: |
|
| File name: | IDR-500000000.pdf |
| File size: | 68'648 bytes |
| MD5: | 1e6049adf927614a5ea1d585ac10f8e6 |
| SHA1: | bfe64a6bf0f2567e8c1d2211194ea16d5f8fab90 |
| SHA256: | 03775e62a1365c52d7c3df5ca2e76a213ed1b20a3b2312ea1a323edf93e496c6 |
| SHA512: | 03ebc12f94ed890ee9afdef9edaf9391ce1e0afc5a350a85889d9d7eb561e0d1594ba2771506e3a05c35542c8b7b24adefc7729cd3fdcf8fd15ebdb03e2d68c9 |
| SSDEEP: | 1536:RtsdoQoCgFI8+9F1hTKMqi0moxuBHUobrU65bzHQdTo:RtsdhCI8c19KMH0mgSUobAM/Qds |
| TLSH: | 5F63F298A75F802ADC516F3436A432059B3C7873B551553D2E2433918D41EB633EADAF |
| File Content Preview: | %PDF-1.7.%.....7 0 obj.<</A 8 0 R/Border[0 0 0]/F 4/P 4 0 R/Rect[36 370.24 186 410.24]/Subtype/Link>>.endobj.5 0 obj.<</Filter/FlateDecode/Length 451>>stream.x..SMo. ...+..H..6x..T.T..........v.o.._..&J..X....{o>.D....U-..C.B...-..\....<.N..sO..+.j..RP..n |
 | |
| Icon Hash: | 62cc8caeb29e8ae0 |
General | |
|---|---|
| Header: | %PDF-1.7 |
| Total Entropy: | 7.974129 |
| Total Bytes: | 68648 |
| Stream Entropy: | 7.978134 |
| Stream Bytes: | 66609 |
| Entropy outside Streams: | 5.307776 |
| Bytes outside Streams: | 2039 |
| Number of EOF found: | 1 |
| Bytes after EOF: | |
| Name | Count |
|---|---|
| obj | 11 |
| endobj | 11 |
| stream | 4 |
| endstream | 4 |
| xref | 1 |
| trailer | 1 |
| startxref | 1 |
| /Page | 1 |
| /Encrypt | 0 |
| /ObjStm | 0 |
| /URI | 2 |
| /JS | 0 |
| /JavaScript | 0 |
| /AA | 0 |
| /OpenAction | 0 |
| /AcroForm | 0 |
| /JBIG2Decode | 0 |
| /RichMedia | 0 |
| /Launch | 0 |
| /EmbeddedFile | 0 |
Image Streams |
|---|
| ID | DHASH | MD5 | Preview |
|---|---|---|---|
| 9 | 0000000000000000 | 4fab45281028490234dce6a9bbc26362 |  |
| 11 | d480a2a2a2a280d4 | 07d8fe624485c3865addd74268d842ea |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Sep 6, 2024 09:53:37.907917976 CEST | 49677 | 443 | 192.168.2.9 | 20.189.173.11 |
| Sep 6, 2024 09:53:38.918132067 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:38.918167114 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:38.918251991 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:38.918510914 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:38.918525934 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.709927082 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.710122108 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:39.713285923 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:39.713314056 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.713582993 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.728023052 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:39.728111029 CEST | 443 | 49710 | 20.73.194.208 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.728182077 CEST | 49710 | 443 | 192.168.2.9 | 20.73.194.208 |
| Sep 6, 2024 09:53:39.780659914 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:39.780688047 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:39.780818939 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:39.781049967 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:39.781061888 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.560739994 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.561157942 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.562464952 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.562477112 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.562776089 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.564088106 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.564126015 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.564273119 CEST | 443 | 49711 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.564527988 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.564958096 CEST | 49711 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.590621948 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.590672970 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:40.590739012 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.591016054 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:40.591028929 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.534954071 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.535028934 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.536550999 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.536566973 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.536843061 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.538125038 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.538167953 CEST | 443 | 49712 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.538217068 CEST | 49712 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.575365067 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.575409889 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:41.575490952 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.575804949 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:41.575819016 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:42.599677086 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:42.599807024 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:42.653584003 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:42.653606892 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:42.653901100 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:42.655018091 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:42.655059099 CEST | 443 | 49713 | 4.231.128.59 | 192.168.2.9 |
| Sep 6, 2024 09:53:42.655117035 CEST | 49713 | 443 | 192.168.2.9 | 4.231.128.59 |
| Sep 6, 2024 09:53:42.720334053 CEST | 49677 | 443 | 192.168.2.9 | 20.189.173.11 |
| Sep 6, 2024 09:53:43.923413992 CEST | 49673 | 443 | 192.168.2.9 | 204.79.197.203 |
| Sep 6, 2024 09:53:44.907253027 CEST | 49676 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:44.907279015 CEST | 49675 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:45.208709002 CEST | 49674 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:47.161891937 CEST | 443 | 49704 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:47.162010908 CEST | 49704 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:47.162662029 CEST | 443 | 49704 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:47.162751913 CEST | 49704 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:48.425069094 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:48.425123930 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:48.425242901 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:48.427947044 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:48.427959919 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.068011045 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.068079948 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.074357033 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.074378967 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.074661970 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.128931999 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.129076958 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.176498890 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.337538958 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.337598085 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.337802887 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.338905096 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.338921070 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.338963985 CEST | 49721 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.338969946 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.407840967 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.407880068 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.408054113 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.410975933 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:49.410990000 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.445929050 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:49.445971012 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:49.446022034 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:49.446218967 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:49.446233034 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.005669117 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.006042004 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.006056070 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.007128954 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.007195950 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.007201910 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.007247925 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.007589102 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.007652044 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.008008003 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.008022070 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.053380013 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.053453922 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.054836035 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.054847956 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.055114031 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.055862904 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.056265116 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.096506119 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.166625977 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.166655064 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.166690111 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.166712999 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.166718960 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.166764975 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.170042038 CEST | 49725 | 443 | 192.168.2.9 | 18.207.85.246 |
| Sep 6, 2024 09:53:50.170061111 CEST | 443 | 49725 | 18.207.85.246 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.331327915 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.331417084 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.331464052 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.338236094 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.338267088 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:50.338278055 CEST | 49724 | 443 | 192.168.2.9 | 184.28.90.27 |
| Sep 6, 2024 09:53:50.338284969 CEST | 443 | 49724 | 184.28.90.27 | 192.168.2.9 |
| Sep 6, 2024 09:53:52.336504936 CEST | 49677 | 443 | 192.168.2.9 | 20.189.173.11 |
| Sep 6, 2024 09:53:54.312644005 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:54.312684059 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:54.312809944 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:54.313095093 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:54.313106060 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.087357044 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.087694883 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.087712049 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.088852882 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.088926077 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.133972883 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.134145975 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.134179115 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.180499077 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.181953907 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.181961060 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.228857040 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.229798079 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.229876995 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.229989052 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.230356932 CEST | 49727 | 443 | 192.168.2.9 | 23.47.168.24 |
| Sep 6, 2024 09:53:55.230377913 CEST | 443 | 49727 | 23.47.168.24 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.294437885 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:55.294469118 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:55.294539928 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:55.295600891 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:55.295613050 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.060260057 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.060379028 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.067406893 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.067435980 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.067890882 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.119478941 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.168072939 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.212502003 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420133114 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420161009 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420169115 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420197010 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420207977 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420218945 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420233011 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.420249939 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420312881 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.420312881 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.420784950 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420886040 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.420892954 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.420954943 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.421008110 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.438851118 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.438868999 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.438908100 CEST | 49728 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:53:56.438915014 CEST | 443 | 49728 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.587569952 CEST | 49704 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:56.587888956 CEST | 49704 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:56.588577032 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:56.588618994 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.588689089 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:56.589267015 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:53:56.589278936 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.592411041 CEST | 443 | 49704 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:56.592622995 CEST | 443 | 49704 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:57.179860115 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:53:57.179936886 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:07.563498020 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:07.563534975 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:07.563608885 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:07.564336061 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:07.564352036 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:11.814343929 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:11.814398050 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:11.814459085 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:11.814789057 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:11.814805031 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.336273909 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.336910009 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:13.336937904 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.337940931 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.338004112 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:13.338905096 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:13.338979006 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.382742882 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:13.382769108 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:13.428436995 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:16.335345984 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:54:16.336153984 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:17.407731056 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.407963991 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:17.407985926 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.408991098 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.409044027 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:17.410135984 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:17.410187006 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.410588026 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:17.410593033 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.458241940 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:17.875876904 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:17.926631927 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.050662041 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050673962 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050726891 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050751925 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050767899 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.050780058 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050796032 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.050801039 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.050822973 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.050853014 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.095834970 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.095848083 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.095875978 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.095971107 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.095978975 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.096039057 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.223591089 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.223613024 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.223687887 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.223711967 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.223754883 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.256876945 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.256895065 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.257097960 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.257110119 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.257150888 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.288918018 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.288940907 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.288992882 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.289011955 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.289032936 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.289057970 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.317176104 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.317198038 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.317276955 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.317298889 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.317338943 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.394752979 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.394776106 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.394819975 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.394830942 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.394854069 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.394875050 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.417737007 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.417756081 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.417826891 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.417834044 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.417874098 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.437427998 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.437447071 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.437623024 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.437633038 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.437674999 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.452267885 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.452286959 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.452367067 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.452373981 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.452413082 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.468590975 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.468607903 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.468660116 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.468666077 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.468698978 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.482430935 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.482448101 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.482525110 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.482531071 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.482546091 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.482558012 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.494904041 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.494923115 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.495002031 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.495012045 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.495047092 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.557080030 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.557112932 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.557270050 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.557315111 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.557363033 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.565570116 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.565587997 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.565711021 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.565725088 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.565793037 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.577070951 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.577089071 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.577157974 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.577186108 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.577229977 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.589262962 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.589284897 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.589396000 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.589410067 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.589456081 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.597533941 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.597552061 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.597676039 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.597683907 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.597728968 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.607215881 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.607239962 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.607367039 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.607393980 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.607436895 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.614211082 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.614228964 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.614343882 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.614362955 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.614408016 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.623644114 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.623658895 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.623759985 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.623781919 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.623821974 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.646245956 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.646264076 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.646385908 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.646414042 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.646456003 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.658807039 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.658828020 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.658950090 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.658986092 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.659029961 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.674400091 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.674427032 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.674529076 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.674556017 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.674597979 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.679102898 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.679126978 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.679227114 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.679244041 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.679280996 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.690874100 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.690903902 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.690994024 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.691016912 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.691061020 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.698271990 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.698291063 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.698338032 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.698345900 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.698385000 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.717871904 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.717895031 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.717946053 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.717957020 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.717968941 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.717998028 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.723310947 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.723326921 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.723378897 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.723387957 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.723423004 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.740025043 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.740046024 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.740138054 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.740160942 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.740323067 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.751744986 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.751765966 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.751863003 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.751878977 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.751929045 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.763741970 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.763762951 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.763837099 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.763845921 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.763885975 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.771101952 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.771128893 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.771264076 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.771271944 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.771310091 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.784594059 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.784614086 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.784663916 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.784673929 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.784723043 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.790800095 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.790819883 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.790869951 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.790899038 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.790945053 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.813805103 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.813829899 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.813891888 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.813899994 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.813940048 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.816375971 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.816395998 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.816469908 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.816469908 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.816492081 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.816529036 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.832350969 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.832369089 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.832412958 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.832425117 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.832463980 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.832473040 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.846349955 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.846370935 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.846436977 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.846455097 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.846472979 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.846497059 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.856251001 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.856271982 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.856321096 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.856337070 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.856368065 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.856380939 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.863547087 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.863567114 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.863607883 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.863621950 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.863646984 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.863662958 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.876852036 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.876869917 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.876923084 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.876935005 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.876955032 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.876972914 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.883558035 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.883577108 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.883630037 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.883641005 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.883678913 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.887645006 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.887665987 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.887780905 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.887804031 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.887859106 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.908154964 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.908178091 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.908237934 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.908252954 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.908293009 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.920984030 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.921004057 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.921209097 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.921216011 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.921262980 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.933343887 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.933372021 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.933429956 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.933449030 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.933484077 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.944432974 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.944451094 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.944504976 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.944521904 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.944566011 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.952991009 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.953007936 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.953049898 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.953063011 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.953098059 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.953116894 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.964766979 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.964783907 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.964838982 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.964848995 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.964884043 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.975377083 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.975394964 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.975445986 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.975462914 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.975497961 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.979329109 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.979347944 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.979392052 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:18.979401112 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:18.979434967 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.001913071 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.001931906 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.001988888 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.002001047 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.002036095 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.013232946 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.013248920 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.013298988 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.013309956 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.013339996 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.013356924 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.025806904 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.025820017 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.025928974 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.025938988 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.025981903 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.036791086 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.036803961 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.036875010 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.036884069 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.036931038 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.045433044 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.045445919 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.045526028 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.045533895 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.045573950 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.057141066 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.057157040 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.057213068 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.057234049 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.057276964 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.067598104 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.067625999 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.067670107 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.067676067 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.067733049 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.071722031 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.071748018 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.071795940 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.071801901 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.071836948 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.096205950 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.096226931 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.096424103 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.096429110 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.096544027 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.105904102 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.105923891 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.106055021 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.106060028 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.106240988 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.118504047 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.118520975 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.118674040 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.118683100 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.118791103 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.129959106 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.129991055 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.130091906 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.130091906 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.130098104 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.130137920 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.137882948 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.137901068 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.137995005 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.138000011 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.138044119 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.149688005 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.149705887 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.149777889 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.149781942 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.149833918 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.160223961 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.160240889 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.160437107 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.160442114 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.160682917 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.164216995 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.164232969 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.164307117 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.164311886 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.164350986 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.188700914 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.188740969 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.188873053 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.188879967 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.189059019 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.198359966 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.198384047 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.198436022 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.198442936 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.198473930 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.210876942 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.210907936 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.210961103 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.210968971 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.211136103 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.222184896 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.222219944 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.222313881 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.222318888 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.222532988 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.230515003 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.230532885 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.230583906 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.230598927 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.230740070 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.242388964 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.242419004 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.242522955 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.242542982 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.242731094 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.252723932 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.252746105 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.252851963 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.252857924 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.252942085 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.256747007 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.256762981 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.256819010 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.256824970 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.256860018 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.281207085 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.281233072 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.281351089 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.281358004 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.281572104 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.290776968 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.290796041 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.290958881 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.290966034 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.291060925 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.303293943 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.303309917 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.303498030 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.303503990 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.303590059 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.314730883 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.314749002 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.314851046 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.314858913 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.315064907 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.323208094 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.323221922 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.323295116 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.323312998 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.323318005 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.323354959 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:19.323503017 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.323707104 CEST | 49734 | 443 | 192.168.2.9 | 5.144.130.41 |
| Sep 6, 2024 09:54:19.323719978 CEST | 443 | 49734 | 5.144.130.41 | 192.168.2.9 |
| Sep 6, 2024 09:54:22.366552114 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:22.366727114 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:22.366826057 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:22.515475035 CEST | 49737 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:54:22.515496016 CEST | 443 | 49737 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.928376913 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:25.928409100 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.928427935 CEST | 49730 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:25.928435087 CEST | 443 | 49730 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.928847075 CEST | 49747 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:25.928884983 CEST | 443 | 49747 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.928936958 CEST | 49747 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:25.929588079 CEST | 49747 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:25.929619074 CEST | 443 | 49747 | 23.206.229.209 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.929667950 CEST | 49747 | 443 | 192.168.2.9 | 23.206.229.209 |
| Sep 6, 2024 09:54:31.785893917 CEST | 49705 | 80 | 192.168.2.9 | 199.232.214.172 |
| Sep 6, 2024 09:54:31.791080952 CEST | 80 | 49705 | 199.232.214.172 | 192.168.2.9 |
| Sep 6, 2024 09:54:31.791212082 CEST | 49705 | 80 | 192.168.2.9 | 199.232.214.172 |
| Sep 6, 2024 09:54:32.711996078 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:32.712033987 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:32.712101936 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:32.712519884 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:32.712531090 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.469691038 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.469819069 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.471124887 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.471138000 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.471394062 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.472574949 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.516510963 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.788347960 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.788378000 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.788393021 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.788497925 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.788513899 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.788558960 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.789088011 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.789127111 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.789149046 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.789155960 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.789177895 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.789798021 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.789845943 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.791347027 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.791364908 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:54:33.791378975 CEST | 49748 | 443 | 192.168.2.9 | 40.127.169.103 |
| Sep 6, 2024 09:54:33.791384935 CEST | 443 | 49748 | 40.127.169.103 | 192.168.2.9 |
| Sep 6, 2024 09:55:11.864818096 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:11.864876032 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:11.864964008 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:11.865221977 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:11.865236998 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:12.506656885 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:12.507016897 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:12.507062912 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:12.507392883 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:12.507677078 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:12.507735014 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:12.550673962 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:22.406929016 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:22.407004118 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:22.407068968 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:23.695426941 CEST | 49750 | 443 | 192.168.2.9 | 172.217.18.100 |
| Sep 6, 2024 09:55:23.695462942 CEST | 443 | 49750 | 172.217.18.100 | 192.168.2.9 |
| Sep 6, 2024 09:55:35.295989990 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:35.303360939 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:35.303462982 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:35.303553104 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:35.303566933 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:35.310847044 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:35.310861111 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.698375940 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.698609114 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:36.699641943 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.699698925 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:36.700212955 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.700253963 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:36.700457096 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.700505972 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:55:36.707259893 CEST | 53 | 49751 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:36.707365036 CEST | 49751 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:56:11.935893059 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:11.935941935 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:11.936070919 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:11.936290026 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:11.936301947 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:12.583511114 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:12.584258080 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:12.584289074 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:12.584661961 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:12.585547924 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:12.585625887 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:12.629339933 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:22.485579014 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:22.485651970 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:56:22.485786915 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:23.695228100 CEST | 49753 | 443 | 192.168.2.9 | 142.250.184.228 |
| Sep 6, 2024 09:56:23.695274115 CEST | 443 | 49753 | 142.250.184.228 | 192.168.2.9 |
| Sep 6, 2024 09:58:27.031933069 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:27.031979084 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:27.032201052 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:27.032746077 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:27.032757044 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.376530886 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.376606941 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.394294024 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.394316912 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.394588947 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.394944906 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.395657063 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.395698071 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.395747900 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.618397951 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.618550062 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Sep 6, 2024 09:58:28.618557930 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.618769884 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.619324923 CEST | 49754 | 443 | 192.168.2.9 | 20.189.173.9 |
| Sep 6, 2024 09:58:28.619337082 CEST | 443 | 49754 | 20.189.173.9 | 192.168.2.9 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Sep 6, 2024 09:54:07.520116091 CEST | 50433 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:54:07.520572901 CEST | 58857 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:54:07.526477098 CEST | 53 | 62982 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:07.550240993 CEST | 53 | 61005 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:07.562455893 CEST | 53 | 58857 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:07.563011885 CEST | 53 | 50433 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:08.611438990 CEST | 53 | 59997 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:11.606794119 CEST | 53 | 64328 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:11.805726051 CEST | 52322 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:54:11.806149960 CEST | 64844 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:54:11.812793970 CEST | 53 | 52322 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:11.813354015 CEST | 53 | 64844 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:25.668042898 CEST | 53 | 65369 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:54:32.808676958 CEST | 138 | 138 | 192.168.2.9 | 192.168.2.255 |
| Sep 6, 2024 09:54:44.746089935 CEST | 53 | 56996 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:06.954500914 CEST | 53 | 49464 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:07.373153925 CEST | 53 | 55427 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:55:35.295464039 CEST | 53 | 53468 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:56:11.927741051 CEST | 53905 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:56:11.927879095 CEST | 58491 | 53 | 192.168.2.9 | 1.1.1.1 |
| Sep 6, 2024 09:56:11.934560061 CEST | 53 | 53905 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:56:11.934616089 CEST | 53 | 58491 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:56:19.248290062 CEST | 53 | 60443 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:57:33.420196056 CEST | 53 | 51551 | 1.1.1.1 | 192.168.2.9 |
| Sep 6, 2024 09:58:30.700440884 CEST | 138 | 138 | 192.168.2.9 | 192.168.2.255 |
| Sep 6, 2024 09:59:51.076174974 CEST | 53 | 53426 | 1.1.1.1 | 192.168.2.9 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Sep 6, 2024 09:54:07.520116091 CEST | 192.168.2.9 | 1.1.1.1 | 0xff0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Sep 6, 2024 09:54:07.520572901 CEST | 192.168.2.9 | 1.1.1.1 | 0x7f4e | Standard query (0) | 65 | IN (0x0001) | false | |
| Sep 6, 2024 09:54:11.805726051 CEST | 192.168.2.9 | 1.1.1.1 | 0x1a8c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Sep 6, 2024 09:54:11.806149960 CEST | 192.168.2.9 | 1.1.1.1 | 0x3ba6 | Standard query (0) | 65 | IN (0x0001) | false | |
| Sep 6, 2024 09:56:11.927741051 CEST | 192.168.2.9 | 1.1.1.1 | 0x144a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Sep 6, 2024 09:56:11.927879095 CEST | 192.168.2.9 | 1.1.1.1 | 0x2a0e | Standard query (0) | 65 | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Sep 6, 2024 09:53:49.745639086 CEST | 1.1.1.1 | 192.168.2.9 | 0x7481 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
| Sep 6, 2024 09:53:49.745639086 CEST | 1.1.1.1 | 192.168.2.9 | 0x7481 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
| Sep 6, 2024 09:54:07.563011885 CEST | 1.1.1.1 | 192.168.2.9 | 0xff0 | No error (0) | 5.144.130.41 | A (IP address) | IN (0x0001) | false | ||
| Sep 6, 2024 09:54:11.812793970 CEST | 1.1.1.1 | 192.168.2.9 | 0x1a8c | No error (0) | 172.217.18.100 | A (IP address) | IN (0x0001) | false | ||
| Sep 6, 2024 09:54:11.813354015 CEST | 1.1.1.1 | 192.168.2.9 | 0x3ba6 | No error (0) | 65 | IN (0x0001) | false | |||
| Sep 6, 2024 09:56:11.934560061 CEST | 1.1.1.1 | 192.168.2.9 | 0x144a | No error (0) | 142.250.184.228 | A (IP address) | IN (0x0001) | false | ||
| Sep 6, 2024 09:56:11.934616089 CEST | 1.1.1.1 | 192.168.2.9 | 0x2a0e | No error (0) | 65 | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.9 | 49721 | 184.28.90.27 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:53:49 UTC | 161 | OUT | |
| 2024-09-06 07:53:49 UTC | 466 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.9 | 49725 | 18.207.85.246 | 443 | 7976 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:53:50 UTC | 1473 | OUT | |
| 2024-09-06 07:53:50 UTC | 608 | IN | |
| 2024-09-06 07:53:50 UTC | 6301 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.9 | 49724 | 184.28.90.27 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:53:50 UTC | 239 | OUT | |
| 2024-09-06 07:53:50 UTC | 514 | IN | |
| 2024-09-06 07:53:50 UTC | 55 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.9 | 49727 | 23.47.168.24 | 443 | 7976 | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:53:55 UTC | 475 | OUT | |
| 2024-09-06 07:53:55 UTC | 198 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.9 | 49728 | 40.127.169.103 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:53:56 UTC | 306 | OUT | |
| 2024-09-06 07:53:56 UTC | 560 | IN | |
| 2024-09-06 07:53:56 UTC | 15824 | IN | |
| 2024-09-06 07:53:56 UTC | 8666 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.9 | 49734 | 5.144.130.41 | 443 | 7716 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:54:17 UTC | 687 | OUT | |
| 2024-09-06 07:54:17 UTC | 378 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN | |
| 2024-09-06 07:54:18 UTC | 16384 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.9 | 49748 | 40.127.169.103 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:54:33 UTC | 306 | OUT | |
| 2024-09-06 07:54:33 UTC | 560 | IN | |
| 2024-09-06 07:54:33 UTC | 15824 | IN | |
| 2024-09-06 07:54:33 UTC | 14181 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 7 | 192.168.2.9 | 49754 | 20.189.173.9 | 443 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-09-06 07:58:28 UTC | 828 | OUT | |
| 2024-09-06 07:58:28 UTC | 7976 | OUT | |
| 2024-09-06 07:58:28 UTC | 25 | IN | |
| 2024-09-06 07:58:28 UTC | 443 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 03:53:40 |
| Start date: | 06/09/2024 |
| Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6153b0000 |
| File size: | 5'641'176 bytes |
| MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 2 |
| Start time: | 03:53:41 |
| Start date: | 06/09/2024 |
| Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff61f300000 |
| File size: | 3'581'912 bytes |
| MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 4 |
| Start time: | 03:53:41 |
| Start date: | 06/09/2024 |
| Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff61f300000 |
| File size: | 3'581'912 bytes |
| MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 12 |
| Start time: | 03:54:05 |
| Start date: | 06/09/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6b2cb0000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 13 |
| Start time: | 03:54:05 |
| Start date: | 06/09/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff6b2cb0000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 5BBFA6CBDF4C254EB368D534F9E23C92 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
⊘No disassembly