Edit tour
Windows
Analysis Report
pPLwX9wSrD.exe
Overview
General Information
Sample name: | pPLwX9wSrD.exerenamed because original name is a hash value |
Original sample name: | 8ee7bb70506574eb0ba1bffc0bafd993c707d01e54385ca83fb3f731521a9298.exe |
Analysis ID: | 1573894 |
MD5: | 1492e1506afedad20933ae244cf658d1 |
SHA1: | db68cd234205c628ebf3a8329246baf3cdc10ead |
SHA256: | 8ee7bb70506574eb0ba1bffc0bafd993c707d01e54385ca83fb3f731521a9298 |
Tags: | 181-131-217-244exeuser-JAMESWT_MHT |
Infos: | |
Detection
Score: | 92 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
.NET source code contains method to dynamically call methods (often used by packers)
.NET source code contains potential unpacker
.NET source code contains very large array initializations
AI detected suspicious sample
Allocates memory in foreign processes
Contains functionality to prevent local Windows debugging
Drops large PE files
Injects a PE file into a foreign processes
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Writes to foreign memory regions
Yara detected Costura Assembly Loader
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Compiles C# or VB.Net code
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to delete services
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query locales information (e.g. system language)
Contains functionality to retrieve information about pressed keystrokes
Contains long sleeps (>= 3 min)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Launches processes in debugging mode, may be used to hinder debugging
May sleep (evasive loops) to hinder dynamic analysis
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- pPLwX9wSrD.exe (PID: 5732 cmdline:
"C:\Users\ user\Deskt op\pPLwX9w SrD.exe" MD5: 1492E1506AFEDAD20933AE244CF658D1) - csc.exe (PID: 2604 cmdline:
"C:\Window s\Microsof t.NET\Fram ework\v4.0 .30319\csc .exe" MD5: EB80BB1CA9B9C7F516FF69AFCFD75B7D)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security | ||
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security | ||
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security | ||
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security | ||
JoeSecurity_CosturaAssemblyLoader | Yara detected Costura Assembly Loader | Joe Security |
System Summary |
---|
Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): |
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: |
Source: | Integrated Neural Analysis Model: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Source: | TCP traffic: |
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00411810 |
System Summary |
---|
Source: | Large array initialization: |
Source: | File dump: | Jump to dropped file |
Source: | Code function: | 0_2_0046DEE0 |
Source: | Code function: | 0_2_004572FB | |
Source: | Code function: | 0_2_00458283 | |
Source: | Code function: | 0_2_0045494A | |
Source: | Code function: | 0_2_00457AD4 | |
Source: | Code function: | 0_2_00457A9C | |
Source: | Code function: | 0_2_00457B5D | |
Source: | Code function: | 0_2_00460B10 | |
Source: | Code function: | 0_2_00458B21 | |
Source: | Code function: | 0_2_00462C20 | |
Source: | Code function: | 0_2_00457DBD | |
Source: | Code function: | 0_2_00458E12 | |
Source: | Code function: | 0_2_00457E2D | |
Source: | Code function: | 3_2_06E17148 | |
Source: | Code function: | 3_2_06E17158 | |
Source: | Code function: | 3_2_06E11BC0 | |
Source: | Code function: | 3_2_06E11BB0 | |
Source: | Code function: | 3_2_06E14868 | |
Source: | Code function: | 3_2_0986073F | |
Source: | Code function: | 3_2_09860A77 | |
Source: | Code function: | 3_2_098617E8 | |
Source: | Code function: | 3_2_09878AE8 | |
Source: | Code function: | 3_2_0987258B | |
Source: | Code function: | 3_2_09878117 | |
Source: | Code function: | 3_2_09878128 | |
Source: | Code function: | 3_2_09878AD9 | |
Source: | Code function: | 3_2_09878D3A | |
Source: | Code function: | 3_2_09873474 | |
Source: | Code function: | 3_2_09AA5938 | |
Source: | Code function: | 3_2_09AAAA00 | |
Source: | Code function: | 3_2_09AA6DD8 | |
Source: | Code function: | 3_2_09AA0DD8 | |
Source: | Code function: | 3_2_09AA2758 | |
Source: | Code function: | 3_2_09AA7620 | |
Source: | Code function: | 3_2_09AAC9E3 | |
Source: | Code function: | 3_2_09AAA9F1 | |
Source: | Code function: | 3_2_09AACBBB | |
Source: | Code function: | 3_2_09AACBF2 | |
Source: | Code function: | 3_2_09AACAEE | |
Source: | Code function: | 3_2_09AAAA00 | |
Source: | Code function: | 3_2_09AA6DC8 | |
Source: | Code function: | 3_2_09AA7111 | |
Source: | Code function: | 3_2_09AA5068 | |
Source: | Code function: | 3_2_09AAA4B0 | |
Source: | Code function: | 3_2_09AA2748 | |
Source: | Code function: | 3_2_09AA7612 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: |
Source: | Task registration methods: | ||
Source: | Task registration methods: | ||
Source: | Task registration methods: | ||
Source: | Task registration methods: |
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: |
Source: | Classification label: |
Source: | Code function: | 0_2_0046DE70 |
Source: | Code function: | 0_2_004A143E |
Source: | Code function: | 0_2_0046DF40 |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | WMI Queries: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Static file information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_0047F5E4 | |
Source: | Code function: | 0_2_0047F60C | |
Source: | Code function: | 0_2_00484777 | |
Source: | Code function: | 0_2_00483EA2 | |
Source: | Code function: | 3_2_06E14590 | |
Source: | Code function: | 3_2_06E143C0 | |
Source: | Code function: | 3_2_0986FD52 | |
Source: | Code function: | 3_2_0987180D | |
Source: | Code function: | 3_2_0987BAD7 | |
Source: | Code function: | 3_2_0987CFF9 | |
Source: | Code function: | 3_2_09870690 | |
Source: | Code function: | 3_2_0987CF09 | |
Source: | Code function: | 3_2_09AA0159 | |
Source: | Code function: | 3_2_09AAD5E5 | |
Source: | Code function: | 3_2_09AAD639 | |
Source: | Code function: | 3_2_09BC31AB | |
Source: | Code function: | 3_2_09BC3998 | |
Source: | Code function: | 3_2_09BC21CD | |
Source: | Code function: | 3_2_09BC2133 | |
Source: | Code function: | 3_2_09BC3323 | |
Source: | Code function: | 3_2_09BC3176 | |
Source: | Code function: | 3_2_09BC2B4E | |
Source: | Code function: | 3_2_09BC42CA |
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: |
Source: | File created: | Jump to dropped file |
Source: | Registry value created or modified: | Jump to behavior | ||
Source: | Registry value created or modified: | Jump to behavior |
Source: | Code function: | 0_2_00412630 | |
Source: | Code function: | 0_2_00478ECF |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | API coverage: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | WMI Queries: |
Source: | WMI Queries: |
Source: | Code function: | 0_2_0045E300 |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: |
Source: | Code function: | 3_2_09AA2B32 |
Source: | Code function: | 0_2_0045ECD0 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 0_2_0045ECD0 | |
Source: | Code function: | 0_2_0045EED0 |
Source: | Memory written: | Jump to behavior |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
Source: | Code function: | 0_2_00412430 | |
Source: | Code function: | 0_2_00490D7C |
Source: | Queries volume information: | Jump to behavior |
Source: | Code function: | 0_2_0045F0B0 |
Source: | Code function: | 0_2_0045E300 |
Source: | Code function: | 0_2_004830CF |
Source: | Key value queried: | Jump to behavior |
Source: | Binary or memory string: |
Source: | WMI Queries: |
Source: | Code function: | 0_2_00462680 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 131 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 11 Disable or Modify Tools | 11 Input Capture | 1 System Time Discovery | Remote Services | 11 Archive Collected Data | 1 Ingress Tool Transfer | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 1 Scheduled Task/Job | 12 Windows Service | 12 Windows Service | 11 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 11 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | 11 Service Execution | 1 Scheduled Task/Job | 41 Process Injection | 2 Obfuscated Files or Information | Security Account Manager | 136 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | 1 Registry Run Keys / Startup Folder | 1 Scheduled Task/Job | 2 Software Packing | NTDS | 141 Security Software Discovery | Distributed Component Object Model | Input Capture | 2 Non-Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 1 Registry Run Keys / Startup Folder | 1 DLL Side-Loading | LSA Secrets | 141 Virtualization/Sandbox Evasion | SSH | Keylogging | 3 Application Layer Protocol | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Masquerading | Cached Domain Credentials | 11 Application Window Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 141 Virtualization/Sandbox Evasion | DCSync | 1 System Owner/User Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 41 Process Injection | Proc Filesystem | System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
39% | ReversingLabs | Win32.Ransomware.Generic |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bitbucket.org | 185.166.143.50 | true | false | high | |
navegacionseguracol24vip.org | 181.131.217.244 | true | false | unknown | |
s-part-0035.t-0009.t-msedge.net | 13.107.246.63 | true | false | high | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
181.131.217.244 | navegacionseguracol24vip.org | Colombia | 13489 | EPMTelecomunicacionesSAESPCO | false | |
185.166.143.50 | bitbucket.org | Germany | 16509 | AMAZON-02US | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1573894 |
Start date and time: | 2024-12-12 17:28:31 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 8m 40s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 5 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | pPLwX9wSrD.exerenamed because original name is a hash value |
Original Sample Name: | 8ee7bb70506574eb0ba1bffc0bafd993c707d01e54385ca83fb3f731521a9298.exe |
Detection: | MAL |
Classification: | mal92.evad.winEXE@3/1@2/2 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded IPs from analysis (whitelisted): 40.126.53.9, 40.126.53.7, 20.231.128.65, 20.190.181.4, 20.231.128.66, 40.126.53.12, 40.126.53.16, 40.126.53.8, 20.190.147.0, 13.107.246.63, 4.245.163.56
- Excluded domains from analysis (whitelisted): client.wns.windows.com, prdv4a.aadg.msidentity.com, slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, www.tm.v4.a.prd.aadg.trafficmanager.net, ctldl.windowsupdate.com, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, login.live.com, ocsp.edge.digicert.com, azureedge-t-prod.trafficmanager.net, www.tm.lg.prod.aadmsa.trafficmanager.net
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- VT rate limit hit for: pPLwX9wSrD.exe
Time | Type | Description |
---|---|---|
11:30:05 | API Interceptor | |
17:30:07 | Autostart | |
17:30:15 | Autostart |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
181.131.217.244 | Get hash | malicious | AsyncRAT, DcRat | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Remcos | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | AsyncRAT, DcRat | Browse | |||
Get hash | malicious | AsyncRAT, DcRat | Browse | |||
Get hash | malicious | Unknown | Browse | |||
185.166.143.50 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | RHADAMANTHYS | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | RHADAMANTHYS | Browse | |||
Get hash | malicious | Remcos, DBatLoader | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | RHADAMANTHYS | Browse | |||
Get hash | malicious | LummaC Stealer | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
navegacionseguracol24vip.org | Get hash | malicious | Unknown | Browse |
| |
s-part-0035.t-0009.t-msedge.net | Get hash | malicious | AsyncRAT, DcRat | Browse |
| |
Get hash | malicious | DarkTortilla, Remcos | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Vidar | Browse |
| ||
Get hash | malicious | Invicta Stealer, XWorm | Browse |
| ||
Get hash | malicious | LummaC Stealer | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
fp2e7a.wpc.phicdn.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AteraAgent | Browse |
| ||
Get hash | malicious | Strela Downloader | Browse |
| ||
Get hash | malicious | RedLine | Browse |
| ||
Get hash | malicious | RedLine | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | DCRat | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
bitbucket.org | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | RHADAMANTHYS | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | RHADAMANTHYS | Browse |
| ||
Get hash | malicious | AsyncRAT, DcRat | Browse |
| ||
Get hash | malicious | Remcos, DBatLoader | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
EPMTelecomunicacionesSAESPCO | Get hash | malicious | AsyncRAT, DcRat | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
AMAZON-02US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Vidar | Browse |
| ||
Get hash | malicious | Invicta Stealer, XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AsyncRAT | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | CAPTCHA Scam ClickFix | Browse |
| ||
Get hash | malicious | CAPTCHA Scam ClickFix | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Invicta Stealer, XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | Abobus Obfuscator, Braodo | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Users\user\Desktop\pPLwX9wSrD.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 979567344 |
Entropy (8bit): | 0.04446253531927003 |
Encrypted: | false |
SSDEEP: | |
MD5: | BFE1D6A6FB7A4B19F7B32D9FA6F529B4 |
SHA1: | D03151ABB594C66390E0EEEA2E512E8D97E9B36E |
SHA-256: | 3B616C5242CCB77FFD37EBE1E229C38D69BA52B5AA3AD244A5A251D88A6169FD |
SHA-512: | C66ED6F768A02028CDC149D104052B544E9B12A14A19DE48EC76D8412D43FA8B3F7BF01F5B50E1BB8DDAE69844C40603AA194C87E3773780443162EF78D3E402 |
Malicious: | false |
Joe Sandbox View: |
|
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 2.523990419172251 |
TrID: |
|
File name: | pPLwX9wSrD.exe |
File size: | 10'485'760 bytes |
MD5: | 1492e1506afedad20933ae244cf658d1 |
SHA1: | db68cd234205c628ebf3a8329246baf3cdc10ead |
SHA256: | 8ee7bb70506574eb0ba1bffc0bafd993c707d01e54385ca83fb3f731521a9298 |
SHA512: | 9fe92f173fa8cb453eeb4bb40abf78164638d15fe6ffcc8aaf8c2f73e22f02b2256d26f50f73fa5f5ef246cdf0d3e3df32576372b20e8fb7ef61d73792ffa80e |
SSDEEP: | 49152:S9BlUVJsBsiK9d3MC+qX+EF+Zx6bwMKexczvm4:S9BlEsWl9d3MChfzbwMKemO4 |
TLSH: | 4DB6AE22B6C0C147EAD25070D296E7F1A1683E39E7412987B3C07E9FB276EC1593B527 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........UR..;...;...;.K.d...;.2."...;...f...;.F.4...;.F.d.q.;.......;...[...;._."...;.K.f...;...:...;.F.[.D.;.F.g...;.$.e...;.F.a...; |
Icon Hash: | f1a58babada68603 |
Entrypoint: | 0x4830cf |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | |
Time Stamp: | 0x56A87A78 [Wed Jan 27 08:06:16 2016 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | e52615253ba93e77e88da2201bcab98a |
Instruction |
---|
push 00000060h |
push 004D5458h |
call 00007F1BAC7F4B06h |
mov edi, 00000094h |
mov eax, edi |
call 00007F1BAC7EF99Eh |
mov dword ptr [ebp-18h], esp |
mov esi, esp |
mov dword ptr [esi], edi |
push esi |
call dword ptr [004C14E8h] |
mov ecx, dword ptr [esi+10h] |
mov dword ptr [004ED0FCh], ecx |
mov eax, dword ptr [esi+04h] |
mov dword ptr [004ED108h], eax |
mov edx, dword ptr [esi+08h] |
mov dword ptr [004ED10Ch], edx |
mov esi, dword ptr [esi+0Ch] |
and esi, 00007FFFh |
mov dword ptr [004ED100h], esi |
cmp ecx, 02h |
je 00007F1BAC7F34BEh |
or esi, 00008000h |
mov dword ptr [004ED100h], esi |
shl eax, 08h |
add eax, edx |
mov dword ptr [004ED104h], eax |
xor esi, esi |
push esi |
mov edi, dword ptr [004C1488h] |
call 00007F1BAC7C348Ch |
dec ebp |
pop edx |
jne 00007F1BAC7F34D1h |
mov ecx, dword ptr [eax+3Ch] |
add ecx, eax |
cmp dword ptr [ecx], 00004550h |
jne 00007F1BAC7F34C4h |
movzx eax, word ptr [ecx+18h] |
cmp eax, 0000010Bh |
je 00007F1BAC7F34D1h |
cmp eax, 0000020Bh |
je 00007F1BAC7F34B7h |
mov dword ptr [ebp-1Ch], esi |
jmp 00007F1BAC7F34D9h |
cmp dword ptr [ecx+00000084h], 0Eh |
jbe 00007F1BAC7F34A4h |
xor eax, eax |
cmp dword ptr [ecx+000000F8h], esi |
jmp 00007F1BAC7F34C0h |
cmp dword ptr [ecx+74h], 0Eh |
jbe 00007F1BAC7F3494h |
xor eax, eax |
cmp dword ptr [ecx+000000E8h], esi |
setne al |
mov dword ptr [ebp-1Ch], eax |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0xe26f0 | 0x18b | .rdata |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xdf4b0 | 0x140 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xef000 | 0x219a18 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xc1a30 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xd9a90 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0xc1000 | 0xa24 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0xdf400 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0xbfd55 | 0xbfe00 | a86b6c827e5e7e0cf5fc9c41a25e4dea | False | 0.4546582349348534 | data | 6.349271524607046 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0xc1000 | 0x2187b | 0x21a00 | 9e4eab11d2823d639daa51b6b83eccfb | False | 0.3397784038104089 | data | 5.912662755924659 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xe3000 | 0xbb14 | 0x2400 | 65699f99584db3dd9db5aacc00e8c82d | False | 0.3504774305555556 | data | 4.5108554971453305 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xef000 | 0x219a18 | 0x219c00 | 14aa7097ae14d9835016ab88acd68716 | unknown | unknown | unknown | unknown | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_CURSOR | 0xefdd0 | 0x134 | Targa image data - RGB 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.4805194805194805 |
RT_CURSOR | 0xefdd0 | 0x134 | Targa image data - RGB 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.4805194805194805 |
RT_CURSOR | 0xeff04 | 0xb4 | Targa image data - Map 32 x 65536 x 1 +16 "\001" | Korean | North Korea | 0.7 |
RT_CURSOR | 0xeff04 | 0xb4 | Targa image data - Map 32 x 65536 x 1 +16 "\001" | Korean | South Korea | 0.7 |
RT_CURSOR | 0xeffb8 | 0x134 | AmigaOS bitmap font "(", fc_YSize 4294967264, 5120 elements, 2nd "\377\360?\377\377\370\177\377\377\374\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rd | Korean | North Korea | 0.36363636363636365 |
RT_CURSOR | 0xeffb8 | 0x134 | AmigaOS bitmap font "(", fc_YSize 4294967264, 5120 elements, 2nd "\377\360?\377\377\370\177\377\377\374\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rd | Korean | South Korea | 0.36363636363636365 |
RT_CURSOR | 0xf00ec | 0x134 | Targa image data - RLE 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.35714285714285715 |
RT_CURSOR | 0xf00ec | 0x134 | Targa image data - RLE 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.35714285714285715 |
RT_CURSOR | 0xf0220 | 0x134 | data | Korean | North Korea | 0.37337662337662336 |
RT_CURSOR | 0xf0220 | 0x134 | data | Korean | South Korea | 0.37337662337662336 |
RT_CURSOR | 0xf0354 | 0x134 | data | Korean | North Korea | 0.37662337662337664 |
RT_CURSOR | 0xf0354 | 0x134 | data | Korean | South Korea | 0.37662337662337664 |
RT_CURSOR | 0xf0488 | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.36688311688311687 |
RT_CURSOR | 0xf0488 | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.36688311688311687 |
RT_CURSOR | 0xf05bc | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.37662337662337664 |
RT_CURSOR | 0xf05bc | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.37662337662337664 |
RT_CURSOR | 0xf06f0 | 0x134 | Targa image data - Mono - RLE 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.36688311688311687 |
RT_CURSOR | 0xf06f0 | 0x134 | Targa image data - Mono - RLE 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.36688311688311687 |
RT_CURSOR | 0xf0824 | 0x134 | Targa image data - RGB - RLE 64 x 65536 x 1 +32 "\001" | Korean | North Korea | 0.38636363636363635 |
RT_CURSOR | 0xf0824 | 0x134 | Targa image data - RGB - RLE 64 x 65536 x 1 +32 "\001" | Korean | South Korea | 0.38636363636363635 |
RT_CURSOR | 0xf0958 | 0x134 | data | Korean | North Korea | 0.44155844155844154 |
RT_CURSOR | 0xf0958 | 0x134 | data | Korean | South Korea | 0.44155844155844154 |
RT_CURSOR | 0xf0a8c | 0x134 | data | Korean | North Korea | 0.4155844155844156 |
RT_CURSOR | 0xf0a8c | 0x134 | data | Korean | South Korea | 0.4155844155844156 |
RT_CURSOR | 0xf0bc0 | 0x134 | AmigaOS bitmap font "(", fc_YSize 4294966847, 3840 elements, 2nd "\377?\374\377\377\300\003\377\377\300\003\377\377\340\007\377\377\360\017\377\377\370\037\377\377\374?\377\377\376\177\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rd | Korean | North Korea | 0.5422077922077922 |
RT_CURSOR | 0xf0bc0 | 0x134 | AmigaOS bitmap font "(", fc_YSize 4294966847, 3840 elements, 2nd "\377?\374\377\377\300\003\377\377\300\003\377\377\340\007\377\377\360\017\377\377\370\037\377\377\374?\377\377\376\177\377\377\377\377\377\377\377\377\377\377\377\377\377", 3rd | Korean | South Korea | 0.5422077922077922 |
RT_CURSOR | 0xf0cf4 | 0x134 | data | Korean | North Korea | 0.2662337662337662 |
RT_CURSOR | 0xf0cf4 | 0x134 | data | Korean | South Korea | 0.2662337662337662 |
RT_CURSOR | 0xf0e28 | 0x134 | data | Korean | North Korea | 0.2824675324675325 |
RT_CURSOR | 0xf0e28 | 0x134 | data | Korean | South Korea | 0.2824675324675325 |
RT_CURSOR | 0xf0f5c | 0x134 | data | Korean | North Korea | 0.3246753246753247 |
RT_CURSOR | 0xf0f5c | 0x134 | data | Korean | South Korea | 0.3246753246753247 |
RT_BITMAP | 0xf1090 | 0x1d4e8 | Device independent bitmap graphic, 200 x 200 x 24, image size 120000, resolution 3780 x 3780 px/m | 0.631939353548817 | ||
RT_BITMAP | 0x10e578 | 0xb8 | Device independent bitmap graphic, 12 x 10 x 4, image size 80 | Korean | North Korea | 0.44565217391304346 |
RT_BITMAP | 0x10e578 | 0xb8 | Device independent bitmap graphic, 12 x 10 x 4, image size 80 | Korean | South Korea | 0.44565217391304346 |
RT_BITMAP | 0x10e630 | 0x144 | Device independent bitmap graphic, 33 x 11 x 4, image size 220 | Korean | North Korea | 0.37962962962962965 |
RT_BITMAP | 0x10e630 | 0x144 | Device independent bitmap graphic, 33 x 11 x 4, image size 220 | Korean | South Korea | 0.37962962962962965 |
RT_ICON | 0x10e774 | 0x44028 | Device independent bitmap graphic, 256 x 512 x 32, image size 262144 | 0.2361111111111111 | ||
RT_ICON | 0x15279c | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 512, 16 important colors | Korean | North Korea | 0.34543010752688175 |
RT_ICON | 0x15279c | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 512, 16 important colors | Korean | South Korea | 0.34543010752688175 |
RT_ICON | 0x152a84 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | Korean | North Korea | 0.543918918918919 |
RT_ICON | 0x152a84 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | Korean | South Korea | 0.543918918918919 |
RT_MENU | 0x152bac | 0x142 | data | Korean | North Korea | 0.6149068322981367 |
RT_MENU | 0x152bac | 0x142 | data | Korean | South Korea | 0.6149068322981367 |
RT_DIALOG | 0x152cf0 | 0xc6 | data | Korean | North Korea | 0.6919191919191919 |
RT_DIALOG | 0x152cf0 | 0xc6 | data | Korean | South Korea | 0.6919191919191919 |
RT_DIALOG | 0x152db8 | 0xda | data | Korean | North Korea | 0.7477064220183486 |
RT_DIALOG | 0x152db8 | 0xda | data | Korean | South Korea | 0.7477064220183486 |
RT_DIALOG | 0x152e94 | 0xf4 | data | Korean | North Korea | 0.6639344262295082 |
RT_DIALOG | 0x152e94 | 0xf4 | data | Korean | South Korea | 0.6639344262295082 |
RT_STRING | 0x152f88 | 0x34 | data | Korean | North Korea | 0.5576923076923077 |
RT_STRING | 0x152f88 | 0x34 | data | Korean | South Korea | 0.5576923076923077 |
RT_STRING | 0x152fbc | 0x66 | data | Korean | North Korea | 0.8627450980392157 |
RT_STRING | 0x152fbc | 0x66 | data | Korean | South Korea | 0.8627450980392157 |
RT_STRING | 0x153024 | 0x2e | data | Korean | North Korea | 0.6086956521739131 |
RT_STRING | 0x153024 | 0x2e | data | Korean | South Korea | 0.6086956521739131 |
RT_STRING | 0x153054 | 0xe8 | data | Korean | North Korea | 0.75 |
RT_STRING | 0x153054 | 0xe8 | data | Korean | South Korea | 0.75 |
RT_STRING | 0x15313c | 0x30c | data | Korean | North Korea | 0.591025641025641 |
RT_STRING | 0x15313c | 0x30c | data | Korean | South Korea | 0.591025641025641 |
RT_STRING | 0x153448 | 0x1a8 | data | Korean | North Korea | 0.4080188679245283 |
RT_STRING | 0x153448 | 0x1a8 | data | Korean | South Korea | 0.4080188679245283 |
RT_STRING | 0x1535f0 | 0x1d2 | data | Korean | North Korea | 0.5815450643776824 |
RT_STRING | 0x1535f0 | 0x1d2 | data | Korean | South Korea | 0.5815450643776824 |
RT_STRING | 0x1537c4 | 0x68 | data | Korean | North Korea | 0.8076923076923077 |
RT_STRING | 0x1537c4 | 0x68 | data | Korean | South Korea | 0.8076923076923077 |
RT_STRING | 0x15382c | 0x6e | data | Korean | North Korea | 0.6272727272727273 |
RT_STRING | 0x15382c | 0x6e | data | Korean | South Korea | 0.6272727272727273 |
RT_STRING | 0x15389c | 0xb0 | data | Korean | North Korea | 0.7102272727272727 |
RT_STRING | 0x15389c | 0xb0 | data | Korean | South Korea | 0.7102272727272727 |
RT_STRING | 0x15394c | 0x322 | AmigaOS bitmap font "X\271", fc_YSize 28844, 9414 elements, 2nd "\030\264\310\305\265\302\310\262\344\262.", 3rd " " | Korean | North Korea | 0.4975062344139651 |
RT_STRING | 0x15394c | 0x322 | AmigaOS bitmap font "X\271", fc_YSize 28844, 9414 elements, 2nd "\030\264\310\305\265\302\310\262\344\262.", 3rd " " | Korean | South Korea | 0.4975062344139651 |
RT_STRING | 0x153c70 | 0x172 | AmigaOS bitmap font "X\271", fc_YSize 29895, 9414 elements, 2nd "\210\307\265\302\310\262\344\262.", 3rd | Korean | North Korea | 0.5675675675675675 |
RT_STRING | 0x153c70 | 0x172 | AmigaOS bitmap font "X\271", fc_YSize 29895, 9414 elements, 2nd "\210\307\265\302\310\262\344\262.", 3rd | Korean | South Korea | 0.5675675675675675 |
RT_STRING | 0x153de4 | 0x24 | data | Korean | North Korea | 0.4722222222222222 |
RT_STRING | 0x153de4 | 0x24 | data | Korean | South Korea | 0.4722222222222222 |
RT_STRING | 0x153e08 | 0x40 | data | Korean | North Korea | 0.671875 |
RT_STRING | 0x153e08 | 0x40 | data | Korean | South Korea | 0.671875 |
RT_RCDATA | 0x153e48 | 0x9c27a | Delphi compiled form 'TdmMain' | 0.18977814605775395 | ||
RT_RCDATA | 0x1f00c4 | 0x7cf06 | Delphi compiled form 'TFilePropertiesForm2' | 0.3699384465070835 | ||
RT_MESSAGETABLE | 0x26cfcc | 0x2840 | data | 0.32278726708074534 | ||
RT_MESSAGETABLE | 0x26f80c | 0x2840 | data | 0.4297360248447205 | ||
RT_MESSAGETABLE | 0x27204c | 0x2840 | data | 0.32754270186335405 | ||
RT_GROUP_CURSOR | 0x27488c | 0x22 | Lotus unknown worksheet or configuration, revision 0x2 | Korean | North Korea | 1.0294117647058822 |
RT_GROUP_CURSOR | 0x27488c | 0x22 | Lotus unknown worksheet or configuration, revision 0x2 | Korean | South Korea | 1.0294117647058822 |
RT_GROUP_CURSOR | 0x2748b0 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748b0 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748c4 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748c4 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748d8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748d8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748ec | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2748ec | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274900 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274900 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274914 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274914 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274928 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274928 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x27493c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x27493c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274950 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274950 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274964 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274964 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x274978 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x274978 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x27498c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x27498c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x2749a0 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2749a0 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_CURSOR | 0x2749b4 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | North Korea | 1.3 |
RT_GROUP_CURSOR | 0x2749b4 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Korean | South Korea | 1.3 |
RT_GROUP_ICON | 0x2749c8 | 0x22 | data | Korean | North Korea | 1.0 |
RT_GROUP_ICON | 0x2749c8 | 0x22 | data | Korean | South Korea | 1.0 |
RT_VERSION | 0x2749ec | 0x2ec | data | Korean | North Korea | 0.48663101604278075 |
RT_VERSION | 0x2749ec | 0x2ec | data | Korean | South Korea | 0.48663101604278075 |
RT_ANIICON | 0x274cd8 | 0x59eeb | PC bitmap, Windows 3.x format, 46643 x 2 x 43, image size 368699, cbSize 368363, bits offset 54 | 0.948387867402535 | ||
RT_ANIICON | 0x2cebc4 | 0x39e54 | PC bitmap, Windows 3.x format, 29965 x 2 x 41, image size 237438, cbSize 237140, bits offset 54 | 0.9939613730285907 |
DLL | Import |
---|---|
WS2_32.dll | inet_addr, closesocket, getsockname, send, recv, connect, WSAStartup, gethostbyname, bind, setsockopt, WSACleanup, socket, WSARecv, WSASend, WSACloseEvent, inet_ntoa, WSASocketA, htons, WSAEventSelect, WSACreateEvent, listen, htonl, WSAGetLastError, WSAResetEvent, accept |
ODBC32.dll | |
KERNEL32.dll | FreeLibrary, GlobalAlloc, GlobalLock, GlobalAddAtomA, InterlockedDecrement, FreeResource, GlobalFree, GlobalUnlock, lstrcmpW, lstrcatA, GlobalFindAtomA, GlobalGetAtomNameA, SetLastError, MulDiv, FindClose, FindNextFileA, FileTimeToSystemTime, FileTimeToLocalFileTime, FindFirstFileA, GetPrivateProfileIntA, WritePrivateProfileStringA, GetPrivateProfileStringA, InterlockedIncrement, GlobalFlags, LocalAlloc, LocalFree, GlobalReAlloc, GlobalDeleteAtom, TlsGetValue, TlsAlloc, TlsSetValue, LocalReAlloc, TlsFree, FormatMessageA, GlobalSize, CopyFileA, MoveFileA, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetFileSize, DuplicateHandle, GetVolumeInformationA, GetFullPathNameA, GetShortPathNameA, GetCPInfo, GetOEMCP, SystemTimeToFileTime, SetErrorMode, LocalFileTimeToFileTime, SetFileTime, SetFileAttributesA, GetFileAttributesA, GetFileTime, LocalUnlock, LocalLock, GetTempFileNameA, GetDiskFreeSpaceA, ExitThread, GetTimeFormatA, GetDateFormatA, VirtualProtect, RtlUnwind, GetDriveTypeA, GetStartupInfoA, GetCommandLineA, SetLocalTime, TerminateProcess, HeapSize, QueryPerformanceCounter, UnhandledExceptionFilter, GetTimeZoneInformation, LCMapStringA, LCMapStringW, FatalAppExitA, GetStdHandle, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, SetConsoleCtrlHandler, GetStringTypeA, GetStringTypeW, SetStdHandle, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, IsBadReadPtr, IsBadCodePtr, GetLocaleInfoW, SetEnvironmentVariableA, GetProcAddress, ConvertDefaultLocale, EnumResourceLanguagesA, LoadLibraryA, CreateThread, UnregisterWaitEx, FlushInstructionCache, GetCurrentDirectoryA, SetCurrentDirectoryA, lstrcpynA, ReleaseMutex, ReleaseSemaphore, CreateSemaphoreA, IsDBCSLeadByte, CreateDirectoryA, SetThreadIdealProcessor, GetQueuedCompletionStatus, WaitForMultipleObjects, PostQueuedCompletionStatus, GetTickCount, SetEvent, SetProcessPriorityBoost, CreateEventA, CreateIoCompletionPort, SwitchToThread, Sleep, HeapReAlloc, VirtualAlloc, HeapValidate, HeapAlloc, VirtualFree, HeapFree, HeapCreate, HeapDestroy, OutputDebugStringA, SuspendThread, ResumeThread, IsDebuggerPresent, DebugBreak, IsBadWritePtr, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentProcessId, WriteFile, SetFilePointer, GetLocalTime, GetCurrentThreadId, VirtualQuery, GetCurrentProcess, GlobalMemoryStatus, CreateFileA, ReadFile, MoveFileExA, DeleteFileA, SetUnhandledExceptionFilter, GetCurrentThread, GetThreadContext, GetSystemInfo, GetModuleHandleA, lstrcmpA, lstrlenA, lstrcmpiA, lstrcmpiW, GetStringTypeExA, GetStringTypeExW, lstrlenW, CompareStringA, CompareStringW, GetEnvironmentVariableA, MultiByteToWideChar, GetEnvironmentVariableW, GetVersion, DeleteTimerQueueTimer, lstrcpyA, LoadResource, LockResource, SizeofResource, FindResourceA, WideCharToMultiByte, GetThreadLocale, GetLocaleInfoA, GetACP, GetVersionExA, InterlockedExchange, RaiseException, WaitForSingleObject, CreateMutexA, GetLastError, CloseHandle, GetModuleFileNameA, ExitProcess, DeleteCriticalSection, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, GlobalHandle |
USER32.dll | BringWindowToTop, SetRectEmpty, CreatePopupMenu, InsertMenuItemA, LoadAcceleratorsA, LoadMenuA, ReuseDDElParam, UnpackDDElParam, IsClipboardFormatAvailable, MessageBeep, SetRect, GetTabbedTextExtentA, IsRectEmpty, UnionRect, GetDCEx, LockWindowUpdate, GetSystemMenu, SetParent, SetMenu, TranslateAcceleratorA, DestroyMenu, GetMenuItemInfoA, InflateRect, GetDialogBaseUnits, DestroyIcon, GetSysColorBrush, GetMenuStringA, AppendMenuA, RemoveMenu, InsertMenuA, DeleteMenu, WaitMessage, GetWindowThreadProcessId, ReleaseCapture, WindowFromPoint, SetCapture, GetWindowDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, FillRect, ScrollWindowEx, IsDialogMessageA, IsDlgButtonChecked, SetDlgItemTextA, SetDlgItemInt, GetDlgItemTextA, GetDlgItemInt, CheckRadioButton, CheckDlgButton, RegisterWindowMessageA, WinHelpA, GetCapture, GetClassLongA, GetClassInfoExA, GetClassNameA, SetPropA, GetPropA, RemovePropA, SendDlgItemMessageA, IsChild, GetWindowTextLengthA, GetForegroundWindow, BeginDeferWindowPos, EndDeferWindowPos, GetTopWindow, GetMessageTime, GetMessagePos, MapWindowPoints, TrackPopupMenuEx, TrackPopupMenu, SetScrollRange, GetScrollRange, SetScrollPos, GetScrollPos, SetForegroundWindow, ShowScrollBar, GetMenu, GetSubMenu, GetMenuItemID, GetMenuItemCount, GetSysColor, AdjustWindowRectEx, ScreenToClient, EqualRect, DeferWindowPos, GetClassInfoA, RegisterClassA, SetWindowPlacement, GetDlgCtrlID, SetWindowPos, OffsetRect, IntersectRect, SystemParametersInfoA, GetWindowPlacement, GetWindowRect, PtInRect, GetWindow, MapVirtualKeyA, GetKeyNameTextA, CopyRect, GetDesktopWindow, SetActiveWindow, CreateDialogIndirectParamA, IsWindow, GetDlgItem, GetNextDlgTabItem, UnhookWindowsHookEx, SetMenuItemBitmaps, GetFocus, ModifyMenuA, GetMenuState, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, LoadBitmapA, SetWindowsHookExA, CallNextHookEx, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, ValidateRect, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, ShowOwnedPopups, SetCursor, MsgWaitForMultipleObjects, wvsprintfA, wsprintfA, GetParent, UnregisterClassA, CharUpperA, CharUpperW, CharLowerA, CharLowerW, EnableWindow, IsIconic, GetSystemMetrics, DrawIcon, EndDialog, GetAsyncKeyState, GetWindowTextA, CallWindowProcA, GetDC, ReleaseDC, GetClientRect, SetScrollInfo, GetScrollInfo, ScrollWindow, BeginPaint, EndPaint, SetWindowLongA, MoveWindow, SetFocus, DialogBoxParamA, PostMessageA, KillTimer, InvalidateRect, SendMessageA, SetTimer, DefWindowProcA, MessageBoxA, DestroyWindow, PostQuitMessage, CreateWindowExA, SetWindowTextA, ShowWindow, UpdateWindow, LoadIconA, LoadCursorA, RegisterClassExA, LoadStringA, GetMessageA, TranslateMessage, DispatchMessageA, GetCursorPos |
GDI32.dll | CopyMetaFileA, CreateDCA, GetTextExtentPoint32A, CreateFontIndirectA, SetRectRgn, CombineRgn, GetMapMode, DPtoLP, CreateCompatibleBitmap, GetCharWidthA, StretchDIBits, CreateFontA, StartPage, EndPage, SetAbortProc, AbortDoc, EndDoc, GetBkColor, CreateHatchBrush, GetObjectType, PlayMetaFileRecord, SelectPalette, GetStockObject, CreateCompatibleDC, CreatePatternBrush, CreateDIBPatternBrushPt, DeleteDC, ExtSelectClipRgn, PolyBezierTo, PolylineTo, PolyDraw, ArcTo, CreateSolidBrush, GetCurrentPositionEx, ExtCreatePen, CreatePen, GetDeviceCaps, ExtTextOutA, RectVisible, PtVisible, StartDocA, GetPixel, BitBlt, GetWindowExtEx, GetViewportExtEx, SelectClipPath, CreateRectRgn, GetClipRgn, SelectClipRgn, DeleteObject, SetColorAdjustment, SetArcDirection, SetMapperFlags, SetTextCharacterExtra, SetTextJustification, SetTextAlign, MoveToEx, LineTo, OffsetClipRgn, IntersectClipRect, ExcludeClipRect, SetMapMode, SetStretchBltMode, SetROP2, SetPolyFillMode, SetBkMode, RestoreDC, ScaleWindowExtEx, SetWindowExtEx, OffsetWindowOrgEx, SetWindowOrgEx, ScaleViewportExtEx, SaveDC, GetObjectA, SetBkColor, GetClipBox, GetDCOrgEx, PatBlt, CreateRectRgnIndirect, CreateBitmap, SetTextColor, TextOutA, EnumMetaFile, GetTextMetricsA, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, PlayMetaFile |
comdlg32.dll | ReplaceTextA, FindTextA, PageSetupDlgA, GetOpenFileNameA, CommDlgExtendedError, GetSaveFileNameA, GetFileTitleA, PrintDlgA |
WINSPOOL.DRV | GetJobA, DocumentPropertiesA, OpenPrinterA, ClosePrinter |
ADVAPI32.dll | StartServiceA, RegCloseKey, RegQueryValueExA, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, RegCreateKeyExA, RegOpenKeyExA, StartServiceCtrlDispatcherA, OpenSCManagerA, CloseServiceHandle, GetFileSecurityA, SetFileSecurityA, RegCreateKeyA, RegSetValueA, RegQueryValueA, RegOpenKeyA, RegEnumKeyA, SetServiceStatus, RegisterServiceCtrlHandlerA, ControlService, GetUserNameA, QueryServiceStatus, QueryServiceConfigA, QueryServiceConfig2A, LockServiceDatabase, ChangeServiceConfigA, ChangeServiceConfig2A, UnlockServiceDatabase, QueryServiceLockStatusA, OpenServiceA, DeleteService, CreateServiceA |
SHELL32.dll | ExtractIconA, SHGetFileInfoA, DragFinish, DragQueryFileA |
COMCTL32.dll | ImageList_Read, ImageList_Write, ImageList_Destroy, ImageList_Create, ImageList_LoadImageA, ImageList_Merge, ImageList_Draw, ImageList_GetImageInfo |
SHLWAPI.dll | HashData, PathFindExtensionA, PathRemoveExtensionA, PathStripToRootA, PathIsUNCA, PathFindFileNameA, PathRemoveFileSpecA |
ole32.dll | WriteFmtUserTypeStg, SetConvertStg, WriteClassStg, OleRegGetUserType, ReadClassStg, StringFromCLSID, CoTreatAsClass, CoTaskMemFree, CreateBindCtx, CoTaskMemAlloc, ReleaseStgMedium, OleDuplicateData, CoDisconnectObject, CoCreateInstance, StringFromGUID2, CLSIDFromString, ReadFmtUserTypeStg |
OLEAUT32.dll | VariantClear, VariantChangeType, VariantInit, SysAllocStringLen, SysStringLen, SysAllocStringByteLen, SysStringByteLen, VarBstrFromDate, VarBstrFromCy, VarCyFromStr, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SysFreeString, SafeArrayGetElemsize, SafeArrayGetDim, SafeArrayCreate, SafeArrayRedim, VariantCopy, SafeArrayAllocData, SafeArrayAllocDescriptor, SafeArrayCopy, SafeArrayGetElement, SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayLock, SafeArrayUnlock, SafeArrayDestroy, SafeArrayDestroyData, SafeArrayDestroyDescriptor, VariantTimeToSystemTime, SystemTimeToVariantTime, SysAllocString, SysReAllocStringLen, VarDateFromStr, VarBstrFromDec, VarDecFromStr, SafeArrayGetLBound |
WSOCK32.dll | getsockopt, shutdown |
Name | Ordinal | Address |
---|---|---|
??0CSingleLock@GeoBase@@QAE@PAVCSyncObject@1@H@Z | 1 | 0x466ff0 |
??1CSingleLock@GeoBase@@QAE@XZ | 2 | 0x401030 |
??4CSingleLock@GeoBase@@QAEAAV01@ABV01@@Z | 3 | 0x401000 |
?IsLocked@CSingleLock@GeoBase@@QAEHXZ | 4 | 0x401050 |
?Lock@CSingleLock@GeoBase@@QAEHK@Z | 5 | 0x467030 |
?Unlock@CSingleLock@GeoBase@@QAEHJPAJ@Z | 6 | 0x4670a0 |
?Unlock@CSingleLock@GeoBase@@QAEHXZ | 7 | 0x467060 |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Korean | North Korea | |
Korean | South Korea |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 12, 2024 17:30:06.364259958 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:06.484396935 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:06.484483957 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:06.527700901 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:06.647680044 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:06.647758007 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:06.767869949 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:08.051817894 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:08.127787113 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:08.287240982 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:08.310127974 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:08.430715084 CET | 30203 | 49780 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:08.430809975 CET | 49780 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:08.607311010 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:08.607376099 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:08.607595921 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:08.811284065 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:08.811333895 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.208400965 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.208487034 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.218580961 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.218610048 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.218921900 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.269433022 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.378515005 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.423336983 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.943872929 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.943942070 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.943967104 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.944000006 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.944014072 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.944106102 CET | 443 | 49788 | 185.166.143.50 | 192.168.2.5 |
Dec 12, 2024 17:30:10.944175959 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:10.971117973 CET | 49788 | 443 | 192.168.2.5 | 185.166.143.50 |
Dec 12, 2024 17:30:11.097798109 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:11.217633963 CET | 30203 | 49794 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:11.217715025 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:11.218486071 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:11.338366032 CET | 30203 | 49794 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:11.338429928 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:11.458343029 CET | 30203 | 49794 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:12.537904978 CET | 30203 | 49794 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:12.538377047 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:12.539586067 CET | 49794 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:12.659357071 CET | 30203 | 49794 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:12.674401045 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:12.794570923 CET | 30203 | 49799 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:12.794830084 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:12.808485031 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:12.928738117 CET | 30203 | 49799 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:12.928849936 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:13.049146891 CET | 30203 | 49799 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:14.974222898 CET | 30203 | 49799 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:14.974304914 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:14.974490881 CET | 49799 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:15.082840919 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:15.094199896 CET | 30203 | 49799 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:15.202864885 CET | 30203 | 49805 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:15.202972889 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:15.203977108 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:15.324045897 CET | 30203 | 49805 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:15.324110031 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:15.443941116 CET | 30203 | 49805 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:17.380295992 CET | 30203 | 49805 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:17.380383015 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.380517960 CET | 49805 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.488461971 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.500303984 CET | 30203 | 49805 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:17.608330011 CET | 30203 | 49811 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:17.609292984 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.609292984 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.729285002 CET | 30203 | 49811 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:17.729798079 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:17.849555969 CET | 30203 | 49811 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:18.922615051 CET | 30203 | 49811 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:18.922688961 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:18.922823906 CET | 49811 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:19.035233974 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:19.044358015 CET | 30203 | 49811 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:19.155091047 CET | 30203 | 49814 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:19.155170918 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:19.155880928 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:19.275577068 CET | 30203 | 49814 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:19.275660038 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:19.395436049 CET | 30203 | 49814 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:20.727884054 CET | 30203 | 49814 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:20.728239059 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:20.728421926 CET | 49814 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:20.832173109 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:20.848225117 CET | 30203 | 49814 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:20.951940060 CET | 30203 | 49820 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:20.952085018 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:20.952781916 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:21.072588921 CET | 30203 | 49820 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:21.076265097 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:21.195940018 CET | 30203 | 49820 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:22.270795107 CET | 30203 | 49820 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:22.270935059 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.271097898 CET | 49820 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.378623962 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.390830994 CET | 30203 | 49820 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:22.498408079 CET | 30203 | 49825 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:22.498507977 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.499378920 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.620183945 CET | 30203 | 49825 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:22.621874094 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:22.741811991 CET | 30203 | 49825 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:23.844517946 CET | 30203 | 49825 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:23.844594002 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:23.844765902 CET | 49825 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:23.960722923 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:23.964559078 CET | 30203 | 49825 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:24.080679893 CET | 30203 | 49831 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:24.080773115 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:24.081669092 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:24.201495886 CET | 30203 | 49831 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:24.201564074 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:24.321517944 CET | 30203 | 49831 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:25.402345896 CET | 30203 | 49831 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:25.402482986 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.402635098 CET | 49831 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.522339106 CET | 30203 | 49831 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:25.525177002 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.645505905 CET | 30203 | 49835 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:25.645611048 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.646758080 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.766493082 CET | 30203 | 49835 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:25.768244028 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:25.888026953 CET | 30203 | 49835 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:27.043762922 CET | 30203 | 49835 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:27.043910027 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.044068098 CET | 49835 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.159967899 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.163753986 CET | 30203 | 49835 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:27.279827118 CET | 30203 | 49841 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:27.279913902 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.280772924 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.400438070 CET | 30203 | 49841 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:27.400491953 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:27.520195007 CET | 30203 | 49841 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:29.133002996 CET | 30203 | 49841 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:29.133554935 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.133733034 CET | 49841 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.238270998 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.253402948 CET | 30203 | 49841 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:29.358155012 CET | 30203 | 49845 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:29.358314037 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.358961105 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.479048967 CET | 30203 | 49845 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:29.480290890 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:29.600039005 CET | 30203 | 49845 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:30.687026024 CET | 30203 | 49845 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:30.687350988 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:30.687351942 CET | 49845 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:30.800611973 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:30.807550907 CET | 30203 | 49845 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:30.920548916 CET | 30203 | 49850 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:30.923434973 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:30.924391031 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:31.044117928 CET | 30203 | 49850 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:31.045664072 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:31.166121960 CET | 30203 | 49850 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:32.245796919 CET | 30203 | 49850 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:32.248270988 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.248598099 CET | 49850 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.363091946 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.368479967 CET | 30203 | 49850 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:32.482924938 CET | 30203 | 49854 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:32.483056068 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.483707905 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.603451967 CET | 30203 | 49854 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:32.604190111 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:32.724054098 CET | 30203 | 49854 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:33.830100060 CET | 30203 | 49854 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:33.830219984 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:33.830725908 CET | 49854 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:33.942089081 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:33.950531960 CET | 30203 | 49854 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:34.061933994 CET | 30203 | 49858 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:34.062694073 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:34.063256979 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:34.182980061 CET | 30203 | 49858 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:34.183119059 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:34.302882910 CET | 30203 | 49858 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:35.385746002 CET | 30203 | 49858 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:35.388299942 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.389183998 CET | 49858 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.505829096 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.508910894 CET | 30203 | 49858 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:35.625797033 CET | 30203 | 49865 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:35.628334045 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.645056963 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.764831066 CET | 30203 | 49865 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:35.768279076 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:35.888246059 CET | 30203 | 49865 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:36.927871943 CET | 30203 | 49865 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:36.927932024 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:36.928112984 CET | 49865 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:37.035072088 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:37.047943115 CET | 30203 | 49865 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:37.305172920 CET | 30203 | 49869 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:37.305313110 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:37.305989027 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:37.425818920 CET | 30203 | 49869 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:37.425869942 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:37.546217918 CET | 30203 | 49869 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:38.650067091 CET | 30203 | 49869 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:38.650532007 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:38.657617092 CET | 49869 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:38.777445078 CET | 30203 | 49869 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:38.815470934 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:38.935723066 CET | 30203 | 49873 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:38.935812950 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:38.956192970 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:39.075963974 CET | 30203 | 49873 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:39.076097965 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:39.196147919 CET | 30203 | 49873 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:40.261878014 CET | 30203 | 49873 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:40.264308929 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.264550924 CET | 49873 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.378952980 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.384238005 CET | 30203 | 49873 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:40.499974012 CET | 30203 | 49878 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:40.500606060 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.501250029 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.621001005 CET | 30203 | 49878 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:40.621174097 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:40.742496967 CET | 30203 | 49878 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:41.934223890 CET | 30203 | 49878 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:41.934926033 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:41.934926033 CET | 49878 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:42.053508997 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:42.057163954 CET | 30203 | 49878 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:42.174376011 CET | 30203 | 49883 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:42.174485922 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:42.175237894 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:42.295279980 CET | 30203 | 49883 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:42.295350075 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:42.416785002 CET | 30203 | 49883 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:43.482398033 CET | 30203 | 49883 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:43.482542038 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.482834101 CET | 49883 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.598104000 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.602559090 CET | 30203 | 49883 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:43.718015909 CET | 30203 | 49889 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:43.718132973 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.719126940 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.839520931 CET | 30203 | 49889 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:43.839617014 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:43.959758997 CET | 30203 | 49889 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:45.078968048 CET | 30203 | 49889 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:45.079108000 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.079238892 CET | 49889 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.191359997 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.200032949 CET | 30203 | 49889 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:45.311440945 CET | 30203 | 49892 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:45.311619997 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.315346003 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.435435057 CET | 30203 | 49892 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:45.435553074 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:45.556977034 CET | 30203 | 49892 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:46.776390076 CET | 30203 | 49892 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:46.776458979 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:46.776671886 CET | 49892 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:46.879338980 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:46.896506071 CET | 30203 | 49892 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:46.999779940 CET | 30203 | 49898 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:46.999893904 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:47.000713110 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:47.120480061 CET | 30203 | 49898 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:47.122221947 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:47.241899014 CET | 30203 | 49898 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:48.310230017 CET | 30203 | 49898 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:48.312479973 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.312587023 CET | 49898 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.425690889 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.435988903 CET | 30203 | 49898 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:48.545485020 CET | 30203 | 49902 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:48.545622110 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.546407938 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.666630030 CET | 30203 | 49902 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:48.666703939 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:48.786802053 CET | 30203 | 49902 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:49.884185076 CET | 30203 | 49902 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:49.884265900 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:49.884422064 CET | 49902 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:49.989347935 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:50.004209995 CET | 30203 | 49902 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:50.109656096 CET | 30203 | 49907 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:50.109963894 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:50.110635996 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:50.231278896 CET | 30203 | 49907 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:50.231522083 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:50.351367950 CET | 30203 | 49907 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:51.458214998 CET | 30203 | 49907 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:51.458363056 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.458607912 CET | 49907 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.566515923 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.579422951 CET | 30203 | 49907 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:51.686429024 CET | 30203 | 49911 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:51.687052965 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.687815905 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.808072090 CET | 30203 | 49911 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:51.808258057 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:51.928437948 CET | 30203 | 49911 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:53.018016100 CET | 30203 | 49911 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:53.018096924 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.018285036 CET | 49911 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.128833055 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.138041973 CET | 30203 | 49911 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:53.249048948 CET | 30203 | 49915 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:53.249161959 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.250124931 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.369811058 CET | 30203 | 49915 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:53.369909048 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:53.489785910 CET | 30203 | 49915 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:54.559950113 CET | 30203 | 49915 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:54.560041904 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:54.560256004 CET | 49915 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:54.676079988 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:54.679877996 CET | 30203 | 49915 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:54.795840025 CET | 30203 | 49919 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:54.795927048 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:54.798229933 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:54.918154955 CET | 30203 | 49919 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:54.918261051 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:55.037962914 CET | 30203 | 49919 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:56.168526888 CET | 30203 | 49919 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:56.168618917 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.168963909 CET | 49919 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.285486937 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.288863897 CET | 30203 | 49919 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:56.405356884 CET | 30203 | 49924 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:56.405437946 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.406138897 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.525875092 CET | 30203 | 49924 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:56.525985003 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:56.645767927 CET | 30203 | 49924 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:57.720830917 CET | 30203 | 49924 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:57.720968008 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:57.721194029 CET | 49924 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:57.833986998 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:57.841192961 CET | 30203 | 49924 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:57.953975916 CET | 30203 | 49928 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:57.954097033 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:57.954904079 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:58.074680090 CET | 30203 | 49928 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:58.074742079 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:58.194670916 CET | 30203 | 49928 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:59.279947996 CET | 30203 | 49928 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:59.280189991 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.280422926 CET | 49928 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.394541979 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.400124073 CET | 30203 | 49928 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:59.514462948 CET | 30203 | 49932 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:59.514617920 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.515542984 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.635277987 CET | 30203 | 49932 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:30:59.635490894 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:30:59.755507946 CET | 30203 | 49932 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:00.820384979 CET | 30203 | 49932 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:00.820519924 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:00.820705891 CET | 49932 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:00.925756931 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:00.940716028 CET | 30203 | 49932 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:01.046047926 CET | 30203 | 49937 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:01.046227932 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:01.046961069 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:01.166951895 CET | 30203 | 49937 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:01.167058945 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:01.287004948 CET | 30203 | 49937 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:02.416325092 CET | 30203 | 49937 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:02.416465044 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.416632891 CET | 49937 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.519470930 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.536529064 CET | 30203 | 49937 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:02.639404058 CET | 30203 | 49942 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:02.639539003 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.640304089 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.760344028 CET | 30203 | 49942 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:02.760730028 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:02.880487919 CET | 30203 | 49942 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:04.007874966 CET | 30203 | 49942 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:04.007946014 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.011332035 CET | 49942 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.113388062 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.131930113 CET | 30203 | 49942 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:04.233635902 CET | 30203 | 49946 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:04.233907938 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.234664917 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.354659081 CET | 30203 | 49946 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:04.355329990 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:04.475909948 CET | 30203 | 49946 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:05.590032101 CET | 30203 | 49946 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:05.590415955 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:05.590415955 CET | 49946 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:05.706998110 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:05.710305929 CET | 30203 | 49946 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:05.826952934 CET | 30203 | 49951 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:05.828339100 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:05.829185009 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:05.951452971 CET | 30203 | 49951 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:05.951684952 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:06.072212934 CET | 30203 | 49951 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:07.274653912 CET | 30203 | 49951 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:07.274732113 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.277483940 CET | 49951 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.395359039 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.397332907 CET | 30203 | 49951 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:07.515098095 CET | 30203 | 49955 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:07.515178919 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.516217947 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.638593912 CET | 30203 | 49955 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:07.638750076 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:07.758522987 CET | 30203 | 49955 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:08.836077929 CET | 30203 | 49955 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:08.836138964 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:08.836292028 CET | 49955 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:08.941220045 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:08.973262072 CET | 30203 | 49955 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:09.075700998 CET | 30203 | 49960 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:09.075872898 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:09.076657057 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:09.196412086 CET | 30203 | 49960 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:09.196506977 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:09.316188097 CET | 30203 | 49960 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:10.381870985 CET | 30203 | 49960 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:10.381983995 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.382175922 CET | 49960 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.488579035 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.502245903 CET | 30203 | 49960 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:10.608447075 CET | 30203 | 49964 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:10.608536959 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.609354973 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.729032993 CET | 30203 | 49964 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:10.729100943 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:10.848964930 CET | 30203 | 49964 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:11.921963930 CET | 30203 | 49964 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:11.922166109 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:11.922297955 CET | 49964 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:12.035074949 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:12.042057037 CET | 30203 | 49964 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:12.154887915 CET | 30203 | 49967 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:12.159107924 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:12.159931898 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:12.279891968 CET | 30203 | 49967 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:12.280301094 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:12.400419950 CET | 30203 | 49967 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:13.475673914 CET | 30203 | 49967 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:13.475745916 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.475933075 CET | 49967 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.581883907 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.596400023 CET | 30203 | 49967 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:13.702244997 CET | 30203 | 49974 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:13.702413082 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.703164101 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.823144913 CET | 30203 | 49974 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:13.823338985 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:13.943320036 CET | 30203 | 49974 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:15.066973925 CET | 30203 | 49974 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:15.067162037 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.067234039 CET | 49974 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.175856113 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.186991930 CET | 30203 | 49974 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:15.296303988 CET | 30203 | 49977 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:15.296457052 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.297203064 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.417078018 CET | 30203 | 49977 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:15.417164087 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:15.536990881 CET | 30203 | 49977 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:16.672655106 CET | 30203 | 49977 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:16.672765970 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:16.672940969 CET | 49977 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:16.785140991 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:16.792579889 CET | 30203 | 49977 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:16.905035973 CET | 30203 | 49982 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:16.905200005 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:16.905967951 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:17.025652885 CET | 30203 | 49982 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:17.025752068 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:17.145550966 CET | 30203 | 49982 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:18.302659988 CET | 30203 | 49982 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:18.302786112 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.302993059 CET | 49982 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.410003901 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.422828913 CET | 30203 | 49982 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:18.530157089 CET | 30203 | 49987 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:18.530263901 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.530987978 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.650893927 CET | 30203 | 49987 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:18.651002884 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:18.770971060 CET | 30203 | 49987 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:20.004303932 CET | 30203 | 49987 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:20.005441904 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.005441904 CET | 49987 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.113282919 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.125274897 CET | 30203 | 49987 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:20.233546019 CET | 30203 | 49992 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:20.233642101 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.234364986 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.354553938 CET | 30203 | 49992 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:20.354661942 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:20.474479914 CET | 30203 | 49992 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:21.670785904 CET | 30203 | 49992 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:21.671653032 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:21.671852112 CET | 49992 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:21.785104990 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:21.791635036 CET | 30203 | 49992 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:21.905013084 CET | 30203 | 49997 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:21.905138016 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:21.905881882 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:22.026041031 CET | 30203 | 49997 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:22.026125908 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:22.145757914 CET | 30203 | 49997 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:23.366547108 CET | 30203 | 49997 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:23.366703987 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.366837025 CET | 49997 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.472631931 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.486608028 CET | 30203 | 49997 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:23.592437029 CET | 30203 | 50002 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:23.592595100 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.593240976 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.713115931 CET | 30203 | 50002 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:23.713181973 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:23.834112883 CET | 30203 | 50002 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:25.094845057 CET | 30203 | 50002 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:25.095204115 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.095417023 CET | 50002 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.206967115 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.215212107 CET | 30203 | 50002 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:25.326878071 CET | 30203 | 50007 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:25.332384109 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.333085060 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.452924967 CET | 30203 | 50007 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:25.453032970 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:25.572948933 CET | 30203 | 50007 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:26.859452009 CET | 30203 | 50007 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:26.859577894 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:26.859780073 CET | 50007 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:26.972857952 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:26.980156898 CET | 30203 | 50007 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:27.094393015 CET | 30203 | 50013 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:27.094475985 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:27.095170021 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:27.215197086 CET | 30203 | 50013 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:27.215303898 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:27.340334892 CET | 30203 | 50013 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:28.567297935 CET | 30203 | 50013 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:28.567368984 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:28.567517996 CET | 50013 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:28.675867081 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:28.687796116 CET | 30203 | 50013 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:28.796668053 CET | 30203 | 50016 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:28.796844006 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:28.797542095 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:28.920023918 CET | 30203 | 50016 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:28.920366049 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:29.040309906 CET | 30203 | 50016 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:30.142260075 CET | 30203 | 50016 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:30.142379999 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.142580032 CET | 50016 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.253921032 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.262444019 CET | 30203 | 50016 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:30.373852015 CET | 30203 | 50021 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:30.373965979 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.374680996 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.494906902 CET | 30203 | 50021 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:30.495038986 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:30.615091085 CET | 30203 | 50021 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:31.699685097 CET | 30203 | 50021 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:31.699754000 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:31.699887991 CET | 50021 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:31.816504002 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:31.819600105 CET | 30203 | 50021 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:31.936372995 CET | 30203 | 50026 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:31.936625957 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:31.937269926 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:32.057009935 CET | 30203 | 50026 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:32.060486078 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:32.180352926 CET | 30203 | 50026 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:33.469799042 CET | 30203 | 50026 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:33.469896078 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.470086098 CET | 50026 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.581985950 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.589863062 CET | 30203 | 50026 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:33.702234030 CET | 30203 | 50032 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:33.702380896 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.703197002 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.823347092 CET | 30203 | 50032 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:33.823477983 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:33.943397045 CET | 30203 | 50032 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:35.021998882 CET | 30203 | 50032 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:35.024368048 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.024559975 CET | 50032 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.128895044 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.144263983 CET | 30203 | 50032 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:35.248732090 CET | 30203 | 50035 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:35.248819113 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.249511003 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.369448900 CET | 30203 | 50035 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:35.369585991 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:35.489567995 CET | 30203 | 50035 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:36.674189091 CET | 30203 | 50035 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:36.674284935 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:36.674576998 CET | 50035 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:36.785134077 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:36.794214964 CET | 30203 | 50035 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:36.904860973 CET | 30203 | 50039 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:36.908396006 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:36.909339905 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:37.029126883 CET | 30203 | 50039 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:37.032334089 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:37.152112007 CET | 30203 | 50039 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:38.367074013 CET | 30203 | 50039 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:38.367243052 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.367363930 CET | 50039 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.479608059 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.487255096 CET | 30203 | 50039 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:38.600281000 CET | 30203 | 50045 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:38.600415945 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.601188898 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.722258091 CET | 30203 | 50045 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:38.722356081 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:38.842341900 CET | 30203 | 50045 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:39.956231117 CET | 30203 | 50045 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:39.956357002 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:39.956505060 CET | 50045 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:40.066839933 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:40.078541040 CET | 30203 | 50045 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:40.186695099 CET | 30203 | 50050 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:40.186839104 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:40.187768936 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:40.309134960 CET | 30203 | 50050 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:40.309252977 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:40.429220915 CET | 30203 | 50050 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:41.600303888 CET | 30203 | 50050 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:41.600543022 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:41.600754976 CET | 50050 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:41.706963062 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:41.720894098 CET | 30203 | 50050 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:41.828227043 CET | 30203 | 50053 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:41.828424931 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:41.829246044 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:41.949147940 CET | 30203 | 50053 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:41.949229956 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:42.069087982 CET | 30203 | 50053 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:43.156250000 CET | 30203 | 50053 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:43.156357050 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.156507969 CET | 50053 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.269299984 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.276357889 CET | 30203 | 50053 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:43.389300108 CET | 30203 | 50056 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:43.389494896 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.390203953 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.510590076 CET | 30203 | 50056 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:43.510746956 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:43.630498886 CET | 30203 | 50056 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:44.846896887 CET | 30203 | 50056 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:44.846996069 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:44.847160101 CET | 50056 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:44.956803083 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:44.967361927 CET | 30203 | 50056 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:45.076680899 CET | 30203 | 50057 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:45.076878071 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:45.077989101 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:45.197726965 CET | 30203 | 50057 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:45.199259043 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:45.321233988 CET | 30203 | 50057 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:46.467596054 CET | 30203 | 50057 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:46.471735954 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.472001076 CET | 50057 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.582004070 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.592505932 CET | 30203 | 50057 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:46.703615904 CET | 30203 | 50058 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:46.704382896 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.705054045 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.826546907 CET | 30203 | 50058 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:46.826713085 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:46.946814060 CET | 30203 | 50058 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:48.040478945 CET | 30203 | 50058 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:48.040533066 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.040720940 CET | 50058 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.144439936 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.160399914 CET | 30203 | 50058 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:48.264846087 CET | 30203 | 50059 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:48.264919043 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.265778065 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.385636091 CET | 30203 | 50059 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:48.385699034 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:48.505698919 CET | 30203 | 50059 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:49.641946077 CET | 30203 | 50059 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:49.642010927 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:49.642205954 CET | 50059 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:49.754076004 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:49.762145042 CET | 30203 | 50059 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:49.874450922 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:49.874530077 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:49.875688076 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:49.995604992 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:49.995657921 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:50.115622044 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:50.396882057 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:50.517230034 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:50.517291069 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:50.637172937 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:51.348035097 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Dec 12, 2024 17:31:51.351552963 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:51.351552963 CET | 50061 | 30203 | 192.168.2.5 | 181.131.217.244 |
Dec 12, 2024 17:31:51.471470118 CET | 30203 | 50061 | 181.131.217.244 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 12, 2024 17:30:06.213426113 CET | 52092 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 12, 2024 17:30:06.361099005 CET | 53 | 52092 | 1.1.1.1 | 192.168.2.5 |
Dec 12, 2024 17:30:08.461299896 CET | 57231 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 12, 2024 17:30:08.600192070 CET | 53 | 57231 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Dec 12, 2024 17:30:06.213426113 CET | 192.168.2.5 | 1.1.1.1 | 0xe762 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Dec 12, 2024 17:30:08.461299896 CET | 192.168.2.5 | 1.1.1.1 | 0x1401 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Dec 12, 2024 17:29:39.372152090 CET | 1.1.1.1 | 192.168.2.5 | 0x4ad7 | No error (0) | s-part-0035.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Dec 12, 2024 17:29:39.372152090 CET | 1.1.1.1 | 192.168.2.5 | 0x4ad7 | No error (0) | 13.107.246.63 | A (IP address) | IN (0x0001) | false | ||
Dec 12, 2024 17:29:41.091023922 CET | 1.1.1.1 | 192.168.2.5 | 0xe204 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Dec 12, 2024 17:29:41.091023922 CET | 1.1.1.1 | 192.168.2.5 | 0xe204 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Dec 12, 2024 17:30:06.361099005 CET | 1.1.1.1 | 192.168.2.5 | 0xe762 | No error (0) | 181.131.217.244 | A (IP address) | IN (0x0001) | false | ||
Dec 12, 2024 17:30:08.600192070 CET | 1.1.1.1 | 192.168.2.5 | 0x1401 | No error (0) | 185.166.143.50 | A (IP address) | IN (0x0001) | false | ||
Dec 12, 2024 17:30:08.600192070 CET | 1.1.1.1 | 192.168.2.5 | 0x1401 | No error (0) | 185.166.143.48 | A (IP address) | IN (0x0001) | false | ||
Dec 12, 2024 17:30:08.600192070 CET | 1.1.1.1 | 192.168.2.5 | 0x1401 | No error (0) | 185.166.143.49 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49788 | 185.166.143.50 | 443 | 2604 | C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-12 16:30:10 UTC | 101 | OUT | |
2024-12-12 16:30:10 UTC | 5950 | IN |