Edit tour
Windows
Analysis Report
DOTA2#U89c6#U8ddd#U63d2#U4ef6.exe
Overview
General Information
| Sample name: | DOTA2#U89c6#U8ddd#U63d2#U4ef6.exerenamed because original name is a hash value |
| Original sample name: | DOTA2.exe |
| Analysis ID: | 1581321 |
| MD5: | aac8790eb423fc881ea8798e21a9a811 |
| SHA1: | d3a1f48a44259a5aafdd1468d002cd11481b8bd8 |
| SHA256: | d33620640452895ac17d2105f6f5dc0ff650e75368999d4daabb5601f042c90f |
| Tags: | exeuser-zhuzhu0009 |
| Infos: | |
 | |
Detection
| Score: | 60 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
AI detected suspicious URL
AI detected suspicious sample
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to dynamically determine API calls
Contains functionality to modify clipboard data
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Potential key logger detected (key state polling based)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
DOTA2#U89c6#U8ddd#U63d2#U4ef6.exe (PID: 7356 cmdline: "C:\Users\ user\Deskt op\DOTA2#U 89c6#U8ddd #U63d2#U4e f6.exe" MD5: AAC8790EB423FC881EA8798E21A9A811) 
chrome.exe (PID: 7404 cmdline: "C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// dota2.uuub .net/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7636 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2188 --fi eld-trial- handle=203 6,i,490335 0752664790 11,8216491 8982684706 18,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3384 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t https:// dota2.uuub .net/ MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8040 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2148 --fi eld-trial- handle=171 6,i,388547 3442791813 789,327913 4165156463 863,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | Virustotal: | Perma Link | ||
| Source: | ReversingLabs: | |||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
Phishing | |
|---|
| Source: | Joe Sandbox AI: | ||
| Source: | Static PE information: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Code function: | 0_2_0041C030 | |
| Source: | Code function: | 0_2_00413130 | |
| Source: | Code function: | 0_2_0049327B | |
| Source: | Code function: | 0_2_004245E0 | |
| Source: | Code function: | 0_2_004203C2 | |
| Source: | Code function: | 0_2_004296B1 | |
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | Code function: | 0_2_004016E3 | |
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Code function: | 0_2_00438910 | |
| Source: | Code function: | 0_2_00438910 | |
| Source: | Code function: | 0_2_00438A70 | |
| Source: | Code function: | 0_2_00424790 | |
| Source: | Code function: | 0_2_00497955 | |
| Source: | Code function: | 0_2_0041C640 | |
| Source: | Code function: | 0_2_0044906D | |
| Source: | Code function: | 0_2_004950CF | |
| Source: | Code function: | 0_2_004590B0 | |
| Source: | Code function: | 0_2_00443120 | |
| Source: | Code function: | 0_2_00456210 | |
| Source: | Code function: | 0_2_0041A2D0 | |
| Source: | Code function: | 0_2_00450310 | |
| Source: | Code function: | 0_2_00458440 | |
| Source: | Code function: | 0_2_00433570 | |
| Source: | Code function: | 0_2_004495D2 | |
| Source: | Code function: | 0_2_004535A0 | |
| Source: | Code function: | 0_2_00458670 | |
| Source: | Code function: | 0_2_00446610 | |
| Source: | Code function: | 0_2_0045D720 | |
| Source: | Code function: | 0_2_00469860 | |
| Source: | Code function: | 0_2_00446940 | |
| Source: | Code function: | 0_2_00456A50 | |
| Source: | Code function: | 0_2_00465A20 | |
| Source: | Code function: | 0_2_00453AE0 | |
| Source: | Code function: | 0_2_00426B40 | |
| Source: | Code function: | 0_2_00449B30 | |
| Source: | Code function: | 0_2_0044FBD0 | |
| Source: | Code function: | 0_2_0048AC46 | |
| Source: | Code function: | 0_2_0048ED37 | |
| Source: | Code function: | 0_2_00448D3B | |
| Source: | Code function: | 0_2_00454D90 | |
| Source: | Code function: | 0_2_00424E50 | |
| Source: | Code function: | 0_2_0044FEE0 | |
| Source: | Code function: | 0_2_0044AF40 | |
| Source: | Code function: | 0_2_00457F70 | |
| Source: | Code function: | 0_2_00440FB0 | |
| Source: | Static PE information: | ||
| Source: | Classification label: | ||
| Source: | Code function: | 0_2_004962E4 | |
| Source: | Static PE information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Virustotal: | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Window detected: | ||
| Source: | Static file information: | ||
| Source: | Code function: | 0_2_0041B8C0 | |
| Source: | Code function: | 0_2_00482E5E | |
| Source: | Code function: | 0_2_00484F66 | |
| Source: | Code function: | 0_2_0041A2D0 | |
| Source: | Code function: | 0_2_00481480 | |
| Source: | Code function: | 0_2_0041F740 | |
| Source: | Code function: | 0_2_00423C60 | |
| Source: | Code function: | 0_2_0041FE10 | |
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | API coverage: | ||
| Source: | Code function: | 0_2_0041C030 | |
| Source: | Code function: | 0_2_00413130 | |
| Source: | Code function: | 0_2_0049327B | |
| Source: | Code function: | 0_2_004245E0 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | API call chain: | graph_0-48102 | ||
| Source: | Code function: | 0_2_0041B8C0 | |
| Source: | Code function: | 0_2_004071C8 | |
| Source: | Code function: | 0_2_00407331 | |
| Source: | Code function: | 0_2_00406B22 | |
| Source: | Code function: | 0_2_00406C62 | |
| Source: | Code function: | 0_2_00406ECE | |
| Source: | Code function: | 0_2_00407F0E | |
| Source: | Code function: | 0_2_00441E30 | |
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 0_2_0048495C | |
| Source: | Code function: | 0_2_0048495C | |
| Source: | Code function: | 0_2_004950CF | |
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Native API | 1 Browser Extensions | 11 Process Injection | 11 Process Injection | 1 Input Capture | 2 System Time Discovery | Remote Services | 1 Input Capture | 11 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 11 Security Software Discovery | Remote Desktop Protocol | 1 Archive Collected Data | 4 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 3 Obfuscated Files or Information | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 DLL Side-Loading | NTDS | 1 File and Directory Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | Software Packing | LSA Secrets | 3 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 43% | Virustotal | Browse | ||
| 45% | ReversingLabs | |||
| 100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| dota2.uuub.net | 46.8.127.55 | true | false | unknown | |
| game.gtimg.cn.sched.legopic2.tdnsv6.com | 203.205.137.76 | true | false | high | |
| www.google.com | 172.217.21.36 | true | false | high | |
| www.dota2.com.cn.wscdns.com | 163.171.138.116 | true | false | unknown | |
| www.dota2.com.cn | unknown | unknown | false | unknown | |
| game.gtimg.cn | unknown | unknown | false | high |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false |
| unknown | |
| false | unknown | ||
| false |
| unknown | |
| false |
| unknown | |
| false |
| unknown | |
| false | high | ||
| false |
| unknown | |
| false |
| unknown | |
| false | high | ||
| false |
| unknown | |
| false |
| unknown | |
| false | high | ||
| false |
| unknown | |
| false |
| unknown | |
| false |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 203.205.137.76 | game.gtimg.cn.sched.legopic2.tdnsv6.com | China | 132203 | TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN | false | |
| 46.8.127.55 | dota2.uuub.net | Russian Federation | 56669 | NNGS-ASRU | false | |
| 203.205.136.80 | unknown | China | 132203 | TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN | false | |
| 239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
| 163.171.138.116 | www.dota2.com.cn.wscdns.com | European Union | 54994 | QUANTILNETWORKSUS | false | |
| 172.217.21.36 | www.google.com | United States | 15169 | GOOGLEUS | false |
| IP |
|---|
| 192.168.2.4 |
| Joe Sandbox version: | 41.0.0 Charoite |
| Analysis ID: | 1581321 |
| Start date and time: | 2024-12-27 11:02:06 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 5m 3s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 10 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | DOTA2#U89c6#U8ddd#U63d2#U4ef6.exerenamed because original name is a hash value |
| Original Sample Name: | DOTA2.exe |
| Detection: | MAL |
| Classification: | mal60.winEXE@23/36@16/7 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.21.35, 173.194.220.84, 142.250.181.142, 172.217.17.46, 199.232.214.172, 192.229.221.95, 172.217.17.35, 23.218.208.109, 52.149.20.212, 13.107.246.63
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
⊘No simulations
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | LummaC, Amadey, Credential Flusher, LummaC Stealer, PureLog Stealer, Remcos, Stealc | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | LummaC | Browse | |||
| Get hash | malicious | LummaC | Browse | |||
| Get hash | malicious | LummaC | Browse | |||
| Get hash | malicious | LummaC | Browse | |||
| Get hash | malicious | LummaC, Amadey, AsyncRAT, LummaC Stealer, Stealc, Vidar | Browse | |||
| 203.205.137.76 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| 163.171.138.116 | Get hash | malicious | HTMLPhisher | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Phisher | Browse | |||
| 203.205.136.80 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
⊘No context
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| QUANTILNETWORKSUS | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai, Moobot | Browse |
| ||
| TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Xmrig | Browse |
| ||
| TENCENT-NET-AP-CNTencentBuildingKejizhongyiAvenueCN | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Xmrig | Browse |
| ||
| NNGS-ASRU | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 37f463bf4616ecd445d4a1937da06e19 | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | DanaBot | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
| ||
| Get hash | malicious | Vidar | Browse |
|
⊘No context
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 96373 |
| Entropy (8bit): | 5.238988189054086 |
| Encrypted: | false |
| SSDEEP: | 1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTe:LTX73uTqk |
| MD5: | 7C16CE8F929C4A0F7F478083D7951C42 |
| SHA1: | 5AB533247D18A58033114FBC07757E92D2ECC89A |
| SHA-256: | B8913FD2C05647710EDA277ADF4A6A3B2DAE7974B8C7AE0F42EFB2EDB5F691D9 |
| SHA-512: | D890FD0C52CB7321DAA9E1543EA502E348613B1075E926DFA4141BB288DEA18EBCC1FF4EC6C1BA3E3F8105D50B0DFD8C6B86CB343B408CA08413DAD71F61E550 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://dota2.uuub.net/zb_users/theme/tpure/plugin/swiper/swiper.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 17759 |
| Entropy (8bit): | 5.182487609221809 |
| Encrypted: | false |
| SSDEEP: | 192:bgG0Gpa9CO8jrfg5WHmXgyXyzSHF68DJB0SwD:bgG5qCXfgWHfyXyzSl68Pe |
| MD5: | 1F2ED9C90657CC90E4E746192111B46E |
| SHA1: | 5BCBE47A799F77CE7F00268C9D12CD35ED24AC01 |
| SHA-256: | A6526D390193D04D3902B02553E1C0B18F85CA870CF2B9AB858B4D1472942A6E |
| SHA-512: | DF1F2A314B255EE5502F4C694B65C3DCF30563C725C1066776C0CE004F5C5DF274B392165088F0A7395A5A3865EDA2D232B14CF8CEB7B75DFBA14F782C905D0F |
| Malicious: | false |
| Reputation: | low |
| URL: | https://dota2.uuub.net/zb_users/theme/tpure/plugin/swiper/swiper.min.css |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 10280 |
| Entropy (8bit): | 7.982112199907241 |
| Encrypted: | false |
| SSDEEP: | 192:R5Uwrsgjb8xAgLHHCinPSTHo1PheaTdmd15YWSO8:rUwrcnHhnPqHUPtT0L+WP8 |
| MD5: | D4387EE0FD42079F63F7A75A758374CE |
| SHA1: | ED5C48A7D11EC6ABDEED0972A749B49E496475A4 |
| SHA-256: | 3DBFAC36A9B5D7AAAA966AE7854E3BBB96A430D86BDAC891FBDD658448DC4DF3 |
| SHA-512: | 626B313F4061DA67150922D8C9EE974602D70015B881D7D0A90AE5627BE385C38328C2773303482107F162F1EC5D13B2A7225F467BC068BB06C99239B756AE93 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://dota2.uuub.net/zb_users/theme/tpure/style/fonts/iconfont.woff2 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 79672 |
| Entropy (8bit): | 7.997286275891262 |
| Encrypted: | true |
| SSDEEP: | 1536:fmn3apTV63BeZSxpJvZ6et756akP7igPtKOYbJ8m4bEnWBivmRmYCs2:fms62SxpRset756bx1Kkm4In+Imgv |
| MD5: | 8C11B0D5B2198C9239DE15E8F42D8815 |
| SHA1: | 7C7F236F2186D3140AE4197E767D000323D63DED |
| SHA-256: | FE6CACDA1E5A641B02138579B492BE78549D65158FEA72300E0B230356E6A385 |
| SHA-512: | 78E51F04F597A717C7EBB9D62A1E8588B41EB9CB62BC5EC6B98D75E6EADE245E5F987F22B42ECAE9BE084CA9D7EB2AD80917873147D45366C0C2A3457A326AB2 |
| Malicious: | false |
| Reputation: | low |
| URL: | https://game.gtimg.cn/images/lol/act/img/skin/big_0b95894e-0df2-470e-b282-6c5f5cf41955.jpg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 77026 |
| Entropy (8bit): | 5.054949011532047 |
| Encrypted: | false |
| SSDEEP: | 1536:zERSP5nbaJFlY0+ZpTxYEg1HvXIbpAUrDbTyqT6hDWrPYE4qFKVdE7aiOaO7YSoO:zmm2JFT1Hv3UrDTdbu |
| MD5: | F605DF7B736D1DBD6182B4A98235E2D8 |
| SHA1: | 8E3C8BEA9CB2FCB21DB68BC80326695A4B971520 |
| SHA-256: | DB5F28BA764F357A2FE1AF7484B6485D08D0EB4637D5DE7090776BCABA05202C |
| SHA-512: | 2147F6F3AB94D86F64B3A27C108264BC3024694C08A157FA96FC1825D98A97C9DBDEB3DFA9E8CB3718414EF42064467CC049D0189D8CF025DA4E43AE1EB8B165 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 77026 |
| Entropy (8bit): | 5.054949011532047 |
| Encrypted: | false |
| SSDEEP: | 1536:zERSP5nbaJFlY0+ZpTxYEg1HvXIbpAUrDbTyqT6hDWrPYE4qFKVdE7aiOaO7YSoO:zmm2JFT1Hv3UrDTdbu |
| MD5: | F605DF7B736D1DBD6182B4A98235E2D8 |
| SHA1: | 8E3C8BEA9CB2FCB21DB68BC80326695A4B971520 |
| SHA-256: | DB5F28BA764F357A2FE1AF7484B6485D08D0EB4637D5DE7090776BCABA05202C |
| SHA-512: | 2147F6F3AB94D86F64B3A27C108264BC3024694C08A157FA96FC1825D98A97C9DBDEB3DFA9E8CB3718414EF42064467CC049D0189D8CF025DA4E43AE1EB8B165 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_users/theme/tpure/script/common.js?v=5.0.3 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 84920 |
| Entropy (8bit): | 7.997702140177869 |
| Encrypted: | true |
| SSDEEP: | 1536:dtu9o6tR6iv9fvx6eI19rJ5VssmciFK90B5R3aH9oAHF0gxsvqX/Ap:doHVnweI19r/vmciFK9ESdoAegxsyX/u |
| MD5: | E91FEDBD68181315790EC4FE9479160E |
| SHA1: | 8C5C34DE4D7ED5CBE672CD37CA5E8D70899F5839 |
| SHA-256: | EC8431520A925CB624C9ED988841BFB48B2C5EAC523870561290A8AB926B6C50 |
| SHA-512: | 35D4CE3DC968ADFFAC1E8864B0D659F18B60417164E11393D88DE4F916F57C96AD1F3F9A0D0012EB49B6496E9C0691B50C7DE01C5C35682B7EEAE176107D8CF5 |
| Malicious: | false |
| URL: | https://game.gtimg.cn/images/lol/act/img/skin/big_a2675968-f147-4cbf-b067-d15a6109b34c.jpg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 87462 |
| Entropy (8bit): | 5.262148110388299 |
| Encrypted: | false |
| SSDEEP: | 1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV |
| MD5: | E6C2415C0ACE414E5153670314CE99A9 |
| SHA1: | 5A9EEAC34D86E92E5660E0F4F87204F1ED0C8FF6 |
| SHA-256: | D8F9AFBF492E4C139E9D2BCB9BA6EF7C14921EB509FB703BC7A3F911B774EFF8 |
| SHA-512: | DE027062931EDD07B01842EFF24FC15FDBDCAA1AF245DCD133155FABA9E0C965F0A34DC6144CE3B149BC43B4597073C792CB6DABBFC6168C63095523923BCF77 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 102230 |
| Entropy (8bit): | 7.981707013586996 |
| Encrypted: | false |
| SSDEEP: | 1536:pbenaJXjGQUHVt5zHYEvSSoevSO2fQ9kj1LwPGclHkQCbNWfGEvrpxE1:2aM5z4Evd5hWZwP5HtG8xE1 |
| MD5: | 60529527403B25A6AAEB66E6EACECB7A |
| SHA1: | 2BB1B7177168F84F7F0A494B8392B9461FE5DAFD |
| SHA-256: | AC1EA421F4C8EBD01CF8258CC3EECFA43D5958958BA5DF4FB53016FCE474D872 |
| SHA-512: | 7ABB8853D41F36C22DAA0D532B658555BD09B0091E99C786737E1396A5C5DE607CBBFBFFFD4A90524DF7BF756A2BD895C115C6350E6724A4D5F1D4E459E8F08E |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 104749 |
| Entropy (8bit): | 7.55544605679956 |
| Encrypted: | false |
| SSDEEP: | 1536:YDA+0TM/E+on4s5tCFc8EUbw3Vbw99jMYKYQdFdebcR1xfuQz:sh0TjJ5AFDEhVM99jMYKVrVfN |
| MD5: | BF0D441BDBC4FEC50E357FA4F217B7B0 |
| SHA1: | 5C13E710ABD453C9D9E15CF387385AD607971BF4 |
| SHA-256: | 963683F8B3FA0F8874E9544606BEC33A0FA6F05996F96A53123EC421EA8D50AC |
| SHA-512: | 84F1C371E317F06044B7D61FE52D3664020E39DBB568F00E096A448DF4CE0F982A338AEDEA440FAF6A51D5CF43291EF6B599816EA06AFC5D19DE1D49C0557848 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 90507 |
| Entropy (8bit): | 5.146712496353422 |
| Encrypted: | false |
| SSDEEP: | 768:Htd3QMiXgcmvQnar2JfrpWaa/r1dno3ATqJVl+2:Htd3QMiQzvQnarsYn/hMATkO2 |
| MD5: | 2D6FE29250F5B893CB4C8D4F9CE1579D |
| SHA1: | D2401A0F1AAE59136A72B03F6F540BC5A56F6B00 |
| SHA-256: | E8C53DE2A9AF87D3C90721882A31B5E61059D252B2EBBB41CC0B1697991E1760 |
| SHA-512: | D041AD85823AECF941FD41DE2427353B04E66C1F19801EF9E4563785558935E671488BA7B5DF4400ECBD8572B51CFC72B0C106CD31F218012D7D1C283C3A8FF2 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_users/theme/tpure/style/style.css?v=5.0.3 |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 7204 |
| Entropy (8bit): | 5.01024895787561 |
| Encrypted: | false |
| SSDEEP: | 192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O |
| MD5: | 5E8D86EB2C5ABC94804FD6176A35B281 |
| SHA1: | 921D2CC4615A58A094DDBCC6366437A94508FC5F |
| SHA-256: | 11B10A45B9FC3622B9A8EAF5181E0BD403AF74ECFBBC9541CDCE396A8E47B332 |
| SHA-512: | 6504E48F68D98800228DB18DC63711B216C299DAD8D95E57D0F014C18A24A2FFBC62F6CFE98F5D0152D06DA577EFB550C20BC947C08101EA3C94D659F572EA17 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_system/script/zblogphp.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 8240 |
| Entropy (8bit): | 5.166283987170338 |
| Encrypted: | false |
| SSDEEP: | 96:aM27F+s/JjYDlSZSZSTBFdN0oodNQFNMCVCBv3D5DehUS5HXeCgC0rCGCad3zy:FyYDUIIbdgdKm2cNe53ez51f12 |
| MD5: | E5CEC1A05F888FC001342479B03247A6 |
| SHA1: | 4CA6E5AF548E99DCFC786BCD79FED4544967DA31 |
| SHA-256: | 8E4F521598CE5B097715C415753B6855C76DB5FE52AEEDF6AE228614C5914CF6 |
| SHA-512: | 1F57EF89FAEC252AC6F18241641F03580A2FA097600C4382885E310E8933367633A7D390E6568EFDAFE696469A7861A45AA3228002FFBF7FECADB2128A3DF092 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/ |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 97371 |
| Entropy (8bit): | 7.977796337439275 |
| Encrypted: | false |
| SSDEEP: | 1536:kBZeEHSW1zx3eCtr/gHYrqnbuRCSYdJzgSWom36IEl48WDEGUyz6VcHGK/4z1OJ2:kBJzxeCSS9DYdtgDp36JTUmeHGK/IOc5 |
| MD5: | 9DEB0073FCC0437B2D71D6C06ACFC6D2 |
| SHA1: | 4ED9082E84BBAFDC0E02368DD19D59B520B62BDA |
| SHA-256: | 34CD2DA9A29C17F20E288B19E5AB4E50498466CC1BFB039169ABBF4650D6DF36 |
| SHA-512: | 34F48C35672C9E2798070ED51CB0B42CC0536C9C0CB8384CA05E269D6D406289EDF5CC3C79C6E9C08CCDD42E65E9A3C17CBEC4D509B51444D89CBF52A7076685 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 19744 |
| Entropy (8bit): | 7.972762610852692 |
| Encrypted: | false |
| SSDEEP: | 384:jDQ3wXqvNBD6BmZzg6TrqgjVa0tQ6/hG8rnQlUZAGXqybf7RV7trW:vQ3/PM0BVa0tQWhLVAGRH8 |
| MD5: | B1D3FC192B519E5B5CECD2652339E9CC |
| SHA1: | C89B76026EEBA31B8F946C85311710ECCB11DB38 |
| SHA-256: | 1CCE41259D829AF47F0EBA020C8B9F057B2F5E3DACC821778A3B361E6806E6B7 |
| SHA-512: | EE68B04518A512423FA56F56D2514F3E84AD56C37965EF8B872097C6763AA5EF170AF82407292037D4B28572D40643A00683A8F8DF56380F08F23277F6FA8C24 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 96373 |
| Entropy (8bit): | 5.238988189054086 |
| Encrypted: | false |
| SSDEEP: | 1536:eyOkN3TklR3ZIFDJ+Y7n2L5ydUTq0tSQfCBTe:LTX73uTqk |
| MD5: | 7C16CE8F929C4A0F7F478083D7951C42 |
| SHA1: | 5AB533247D18A58033114FBC07757E92D2ECC89A |
| SHA-256: | B8913FD2C05647710EDA277ADF4A6A3B2DAE7974B8C7AE0F42EFB2EDB5F691D9 |
| SHA-512: | D890FD0C52CB7321DAA9E1543EA502E348613B1075E926DFA4141BB288DEA18EBCC1FF4EC6C1BA3E3F8105D50B0DFD8C6B86CB343B408CA08413DAD71F61E550 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 179656 |
| Entropy (8bit): | 7.942195031274215 |
| Encrypted: | false |
| SSDEEP: | 3072:FNSYdLRMGE/rP6debsdVK2xDwZ6V7moli/seE9EOk5g3HzSODZO8MUgdndliXq:FxdKrPEebsGIUAuGAg3TXDZO8MT5i6 |
| MD5: | FC04CE2F2B53B16C6F238367E79BD40A |
| SHA1: | F0141919B063EAFD34C89980623F59B33BCDD295 |
| SHA-256: | 522A281C47D4D356F84C459EE44509A51C461716B76389AB98A008DBAD273770 |
| SHA-512: | 115E9A6BDEE8F789879191BE4406092C6FF15246FC6F96F2245854612D6AAA983C22BF12481000E4904F18F943E6DCE6CBD1C74CB9D3D36347573BAB687D3116 |
| Malicious: | false |
| URL: | https://www.dota2.com.cn/favicon.ico |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 7204 |
| Entropy (8bit): | 5.01024895787561 |
| Encrypted: | false |
| SSDEEP: | 192:msL4JVH9jIULy46KgHlQGwH0Dx5qjplLO:m/jIUkHlQGwH0Kt9O |
| MD5: | 5E8D86EB2C5ABC94804FD6176A35B281 |
| SHA1: | 921D2CC4615A58A094DDBCC6366437A94508FC5F |
| SHA-256: | 11B10A45B9FC3622B9A8EAF5181E0BD403AF74ECFBBC9541CDCE396A8E47B332 |
| SHA-512: | 6504E48F68D98800228DB18DC63711B216C299DAD8D95E57D0F014C18A24A2FFBC62F6CFE98F5D0152D06DA577EFB550C20BC947C08101EA3C94D659F572EA17 |
| Malicious: | false |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 78300 |
| Entropy (8bit): | 7.997338950113376 |
| Encrypted: | true |
| SSDEEP: | 1536:Pp6KEsCooM7ibOiOnBF2Vu5Ldvl0Ll8T++SX0Ernqfwk43NCFirLtWWKKwRkxPp7:PQKEzM7iSF2V4xWBA++c243sE/tR7 |
| MD5: | 405B0C34536824DBEACB49942D322D9D |
| SHA1: | 3E5102890B1C85E396F0B20E8D96AA3E07261F8A |
| SHA-256: | EF28764C8DE6EB82B96CCBC1B0ECEB3B8F4C14C3FA1E923D054F2BCECA8D994C |
| SHA-512: | E4B5545A63636EE8A6E3796995803353A318DE51601BA554689D33E64F9CF5DFBD06FF4114E6D01AE3E5C5F510767778F74544CC0002910A5165816DB7EAE18A |
| Malicious: | false |
| URL: | https://game.gtimg.cn/images/lol/act/img/skin/big_0bcc9fd8-6b2f-4aea-bc67-c1264b2e2a3c.jpg |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 87462 |
| Entropy (8bit): | 5.262148110388299 |
| Encrypted: | false |
| SSDEEP: | 1536:/KRUXRa8Dgwxcy2jpBNwch96SLk8Ek2BSrBGS1ia/eEk4aV2EXi8SMpQ47GKV:/u1zNwcv9qBy1HOg8SMpQ47GKV |
| MD5: | E6C2415C0ACE414E5153670314CE99A9 |
| SHA1: | 5A9EEAC34D86E92E5660E0F4F87204F1ED0C8FF6 |
| SHA-256: | D8F9AFBF492E4C139E9D2BCB9BA6EF7C14921EB509FB703BC7A3F911B774EFF8 |
| SHA-512: | DE027062931EDD07B01842EFF24FC15FDBDCAA1AF245DCD133155FABA9E0C965F0A34DC6144CE3B149BC43B4597073C792CB6DABBFC6168C63095523923BCF77 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_system/script/jquery-latest.min.js |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 144 |
| Entropy (8bit): | 4.715481280461118 |
| Encrypted: | false |
| SSDEEP: | 3:qVZYJYkRVMWJaxRDIjOkADFqKfaWnRtpRd/0u6o9VNVH5WVLn:qzUYkRyWJzmk1yBRxxZ3NWL |
| MD5: | 206B5A941FA501FE3A063419EDBD0438 |
| SHA1: | FE75C7DB4D9280B61E51AE12D888AC5126763B47 |
| SHA-256: | FFA81A546A01A043EA5A527EBF081FB35EB536E987BD793BF48FAE20C43AB8ED |
| SHA-512: | 746B202046C2EC1FDB171CB73D91E4BED6317AD8E57E1D144F8AFCD5EBD0E038E7E42FB7E1A24B56803D6E299633ACCE9AA00F4DAB6BFC06D1F91FBE95B7E81F |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_system/script/c_html_js_add.php |
| Preview: |
| Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| File Type: | |
| Category: | downloaded |
| Size (bytes): | 19744 |
| Entropy (8bit): | 7.972762610852692 |
| Encrypted: | false |
| SSDEEP: | 384:jDQ3wXqvNBD6BmZzg6TrqgjVa0tQ6/hG8rnQlUZAGXqybf7RV7trW:vQ3/PM0BVa0tQWhLVAGRH8 |
| MD5: | B1D3FC192B519E5B5CECD2652339E9CC |
| SHA1: | C89B76026EEBA31B8F946C85311710ECCB11DB38 |
| SHA-256: | 1CCE41259D829AF47F0EBA020C8B9F057B2F5E3DACC821778A3B361E6806E6B7 |
| SHA-512: | EE68B04518A512423FA56F56D2514F3E84AD56C37965EF8B872097C6763AA5EF170AF82407292037D4B28572D40643A00683A8F8DF56380F08F23277F6FA8C24 |
| Malicious: | false |
| URL: | https://dota2.uuub.net/zb_users/upload/2024/11/logo_4.png |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.76613556190731 |
| TrID: |
|
| File name: | DOTA2#U89c6#U8ddd#U63d2#U4ef6.exe |
| File size: | 1'069'056 bytes |
| MD5: | aac8790eb423fc881ea8798e21a9a811 |
| SHA1: | d3a1f48a44259a5aafdd1468d002cd11481b8bd8 |
| SHA256: | d33620640452895ac17d2105f6f5dc0ff650e75368999d4daabb5601f042c90f |
| SHA512: | 9089bcc126d06ba63c37553a3a2925c8142181cc7e6b433da868cc1f39ac79ab1a2ad19172e7f37838b9fcdfd2606644a46d1a849b329573c8d6bb66109b5d04 |
| SSDEEP: | 12288:e+amrO2HfSLfwzLz3gP7AkRINdz8fT4EAtWsGvoeX6/LAEmrIpjTZO7T5i+W:e+jfSLf6LTgP75RKd3uAeqkhUjTZk |
| TLSH: | 4B35AF61B5C280F2C61E197004B6B736EE75AA464B34CFC393A4DE389E732D1AA3715D |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......(..al`.2l`.2l`.2.|.2G`.2.|.2o`.2:..2@`.2...2y`.2l`.21b.2ZF.2.`.2ZF.2.`.2.@.2m`.2...2 `.2...2w`.2l`.2J`.2.f.2m`.2Richl`.2....... |
 | |
| Icon Hash: | 3d918393e5c9b101 |
| Entrypoint: | 0x481881 |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
| DLL Characteristics: | |
| Time Stamp: | 0x6731E2A3 [Mon Nov 11 10:55:31 2024 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 4 |
| OS Version Minor: | 0 |
| File Version Major: | 4 |
| File Version Minor: | 0 |
| Subsystem Version Major: | 4 |
| Subsystem Version Minor: | 0 |
| Import Hash: | 8befb520aeacc315cdeb3fab6c8f063e |
| Instruction |
|---|
| push ebp |
| mov ebp, esp |
| push FFFFFFFFh |
| push 004ADE68h |
| push 00484884h |
| mov eax, dword ptr fs:[00000000h] |
| push eax |
| mov dword ptr fs:[00000000h], esp |
| sub esp, 58h |
| push ebx |
| push esi |
| push edi |
| mov dword ptr [ebp-18h], esp |
| call dword ptr [004A2350h] |
| xor edx, edx |
| mov dl, ah |
| mov dword ptr [004F1EE0h], edx |
| mov ecx, eax |
| and ecx, 000000FFh |
| mov dword ptr [004F1EDCh], ecx |
| shl ecx, 08h |
| add ecx, edx |
| mov dword ptr [004F1ED8h], ecx |
| shr eax, 10h |
| mov dword ptr [004F1ED4h], eax |
| push 00000001h |
| call 00007F688D42E8B1h |
| pop ecx |
| test eax, eax |
| jne 00007F688D42967Ah |
| push 0000001Ch |
| call 00007F688D429738h |
| pop ecx |
| call 00007F688D42E65Ch |
| test eax, eax |
| jne 00007F688D42967Ah |
| push 00000010h |
| call 00007F688D429727h |
| pop ecx |
| xor esi, esi |
| mov dword ptr [ebp-04h], esi |
| call 00007F688D42E48Ah |
| call dword ptr [004A237Ch] |
| mov dword ptr [004F7024h], eax |
| call 00007F688D42E348h |
| mov dword ptr [004F1E50h], eax |
| call 00007F688D42E0F1h |
| call 00007F688D42E033h |
| call 00007F688D42D2EAh |
| mov dword ptr [ebp-30h], esi |
| lea eax, dword ptr [ebp-5Ch] |
| push eax |
| call dword ptr [004A230Ch] |
| call 00007F688D42DFC4h |
| mov dword ptr [ebp-64h], eax |
| test byte ptr [ebp-30h], 00000001h |
| je 00007F688D429678h |
| movzx eax, word ptr [ebp+00h] |
| Programming Language: |
|
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0xb59f8 | 0x104 | .rdata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xf8000 | 0x34838 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0xa2000 | 0x6fc | .rdata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0xa06ca | 0xa1000 | 576b07dc79ab50c4e543b1c6ceb697cf | False | 0.5250979595302795 | data | 6.591142273026501 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rdata | 0xa2000 | 0x15e7c | 0x16000 | c37b50ef9d62f12ed7f4a7437c4c6983 | False | 0.32518421519886365 | data | 4.598237439961595 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .data | 0xb8000 | 0x3f028 | 0x18000 | de200be67592a66bf990618c8ce5bb78 | False | 0.2971293131510417 | data | 4.983531361109011 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rsrc | 0xf8000 | 0x34838 | 0x35000 | a113326dc8358c47dd14696639a59b59 | False | 0.878441000884434 | data | 7.658744003576022 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| TEXTINCLUDE | 0xf9c50 | 0xb | ASCII text, with no line terminators | Chinese | China | 1.7272727272727273 |
| TEXTINCLUDE | 0xf9c60 | 0x16 | data | Chinese | China | 1.3636363636363635 |
| TEXTINCLUDE | 0xf9c78 | 0x151 | C source, ASCII text, with CRLF line terminators | Chinese | China | 0.6201780415430267 |
| RT_CURSOR | 0xfb530 | 0x134 | data | Chinese | China | 0.5811688311688312 |
| RT_CURSOR | 0xfb680 | 0x134 | Targa image data - Map 64 x 65536 x 1 +32 "\001" | Chinese | China | 0.37662337662337664 |
| RT_CURSOR | 0xfb7d0 | 0x134 | Targa image data - RGB 64 x 65536 x 1 +32 "\001" | Chinese | China | 0.4805194805194805 |
| RT_CURSOR | 0xfb908 | 0xb4 | Targa image data - Map 32 x 65536 x 1 +16 "\001" | Chinese | China | 0.7 |
| RT_BITMAP | 0xf8e00 | 0x248 | Device independent bitmap graphic, 64 x 15 x 4, image size 480 | Chinese | China | 0.3407534246575342 |
| RT_BITMAP | 0xf9048 | 0x144 | Device independent bitmap graphic, 33 x 11 x 4, image size 220 | Chinese | China | 0.4444444444444444 |
| RT_BITMAP | 0xf9190 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240, resolution 3780 x 3780 px/m | Chinese | China | 0.26453488372093026 |
| RT_BITMAP | 0xf92e8 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240, resolution 3780 x 3780 px/m | Chinese | China | 0.2616279069767442 |
| RT_BITMAP | 0xf9440 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240, resolution 3780 x 3780 px/m | Chinese | China | 0.2441860465116279 |
| RT_BITMAP | 0xf9598 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240, resolution 3780 x 3780 px/m | Chinese | China | 0.24709302325581395 |
| RT_BITMAP | 0xf96f0 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240, resolution 3780 x 3780 px/m | Chinese | China | 0.2238372093023256 |
| RT_BITMAP | 0xf9848 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240 | Chinese | China | 0.19476744186046513 |
| RT_BITMAP | 0xf99a0 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240 | Chinese | China | 0.20930232558139536 |
| RT_BITMAP | 0xf9af8 | 0x158 | Device independent bitmap graphic, 20 x 20 x 4, image size 240 | Chinese | China | 0.18895348837209303 |
| RT_BITMAP | 0xfb9e8 | 0x5e4 | Device independent bitmap graphic, 70 x 39 x 4, image size 1404 | Chinese | China | 0.34615384615384615 |
| RT_BITMAP | 0xfc0b8 | 0xb8 | Device independent bitmap graphic, 12 x 10 x 4, image size 80 | Chinese | China | 0.44565217391304346 |
| RT_BITMAP | 0xfc170 | 0x16c | Device independent bitmap graphic, 39 x 13 x 4, image size 260 | Chinese | China | 0.28296703296703296 |
| RT_BITMAP | 0xfc2e0 | 0x144 | Device independent bitmap graphic, 33 x 11 x 4, image size 220 | Chinese | China | 0.37962962962962965 |
| RT_ICON | 0xf9dd0 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640 | Chinese | China | 0.26344086021505375 |
| RT_ICON | 0xfa0d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | Chinese | China | 0.41216216216216217 |
| RT_ICON | 0xfcd20 | 0x7129 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | 1.000448755566295 | ||
| RT_ICON | 0x103e50 | 0x668 | Device independent bitmap graphic, 48 x 96 x 4, image size 1536, 16 important colors | 0.5341463414634147 | ||
| RT_ICON | 0x1044b8 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640, 16 important colors | 0.6155913978494624 | ||
| RT_ICON | 0x1047a0 | 0x1e8 | Device independent bitmap graphic, 24 x 48 x 4, image size 384, 16 important colors | 0.6065573770491803 | ||
| RT_ICON | 0x104988 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192, 16 important colors | 0.652027027027027 | ||
| RT_ICON | 0x104ab0 | 0xefa6 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | 0.9991687041564792 | ||
| RT_ICON | 0x113a58 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 2688, 241 important colors | 0.6948294243070362 | ||
| RT_ICON | 0x114900 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1152, 231 important colors | 0.756768953068592 | ||
| RT_ICON | 0x1151a8 | 0x6c8 | Device independent bitmap graphic, 24 x 48 x 8, image size 672, 231 important colors | 0.7638248847926268 | ||
| RT_ICON | 0x115870 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 320, 190 important colors | 0.6473988439306358 | ||
| RT_ICON | 0x115dd8 | 0x12374 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | 1.0004154827641667 | ||
| RT_ICON | 0x128150 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | 0.4995850622406639 | ||
| RT_ICON | 0x12a6f8 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | 0.599437148217636 | ||
| RT_ICON | 0x12b7a0 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | 0.635655737704918 | ||
| RT_ICON | 0x12c128 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | 0.7562056737588653 | ||
| RT_MENU | 0xfb298 | 0xc | data | Chinese | China | 1.5 |
| RT_MENU | 0xfb2a8 | 0x284 | data | Chinese | China | 0.5 |
| RT_DIALOG | 0xfaf80 | 0x98 | data | Chinese | China | 0.7171052631578947 |
| RT_DIALOG | 0xfb018 | 0x17a | data | Chinese | China | 0.5185185185185185 |
| RT_DIALOG | 0xfb198 | 0xfa | data | Chinese | China | 0.696 |
| RT_DIALOG | 0xfac48 | 0xea | data | Chinese | China | 0.6239316239316239 |
| RT_DIALOG | 0xfa210 | 0x8ae | data | Chinese | China | 0.39603960396039606 |
| RT_DIALOG | 0xfaac0 | 0xb2 | data | Chinese | China | 0.7359550561797753 |
| RT_DIALOG | 0xfab78 | 0xcc | data | Chinese | China | 0.7647058823529411 |
| RT_DIALOG | 0xfad38 | 0xb2 | data | Chinese | China | 0.6629213483146067 |
| RT_DIALOG | 0xfbfd0 | 0xe2 | data | Chinese | China | 0.6637168141592921 |
| RT_DIALOG | 0xfadf0 | 0x18c | data | Chinese | China | 0.5227272727272727 |
| RT_STRING | 0xfc428 | 0x50 | data | Chinese | China | 0.85 |
| RT_STRING | 0xfc478 | 0x2c | data | Chinese | China | 0.5909090909090909 |
| RT_STRING | 0xfc4a8 | 0x78 | data | Chinese | China | 0.925 |
| RT_STRING | 0xfc520 | 0x1c4 | data | Chinese | China | 0.8141592920353983 |
| RT_STRING | 0xfc870 | 0x12a | data | Chinese | China | 0.5201342281879194 |
| RT_STRING | 0xfc728 | 0x146 | data | Chinese | China | 0.6288343558282209 |
| RT_STRING | 0xfc6e8 | 0x40 | data | Chinese | China | 0.65625 |
| RT_STRING | 0xfcc90 | 0x64 | data | Chinese | China | 0.73 |
| RT_STRING | 0xfc9a0 | 0x1d8 | data | Chinese | China | 0.6758474576271186 |
| RT_STRING | 0xfcb78 | 0x114 | data | Chinese | China | 0.6376811594202898 |
| RT_STRING | 0xfccf8 | 0x24 | data | Chinese | China | 0.4444444444444444 |
| RT_GROUP_CURSOR | 0xfb7b8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Chinese | China | 1.25 |
| RT_GROUP_CURSOR | 0xfb668 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Chinese | China | 1.25 |
| RT_GROUP_CURSOR | 0xfb9c0 | 0x22 | Lotus unknown worksheet or configuration, revision 0x2 | Chinese | China | 1.0294117647058822 |
| RT_GROUP_ICON | 0x12c590 | 0xd8 | data | 0.6018518518518519 | ||
| RT_GROUP_ICON | 0xfa0b8 | 0x14 | data | Chinese | China | 1.2 |
| RT_GROUP_ICON | 0xfa1f8 | 0x14 | data | Chinese | China | 1.25 |
| RT_MANIFEST | 0x12c668 | 0x1cd | XML 1.0 document, ASCII text, with very long lines (461), with no line terminators | 0.5878524945770065 |
| DLL | Import |
|---|---|
| KERNEL32.dll | DuplicateHandle, lstrcpynA, SetLastError, FileTimeToLocalFileTime, FileTimeToSystemTime, LocalFree, InterlockedDecrement, SuspendThread, ReleaseMutex, CreateMutexA, TerminateThread, CreateSemaphoreA, ResumeThread, ReleaseSemaphore, EnterCriticalSection, LeaveCriticalSection, GetProfileStringA, SetStdHandle, IsBadCodePtr, IsBadReadPtr, CompareStringW, CompareStringA, SetUnhandledExceptionFilter, GetStringTypeW, GetStringTypeA, IsBadWritePtr, VirtualAlloc, LCMapStringW, LCMapStringA, SetEnvironmentVariableA, VirtualFree, HeapCreate, HeapDestroy, GetEnvironmentVariableA, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetACP, HeapSize, TerminateProcess, RaiseException, GetLocalTime, GetSystemTime, WriteFile, WaitForMultipleObjects, CreateFileA, SetEvent, FindResourceA, LoadResource, LockResource, ReadFile, GetModuleFileNameA, GetCurrentProcessId, GetCurrentThreadId, ExitProcess, GlobalSize, GlobalFree, DeleteCriticalSection, InitializeCriticalSection, lstrcatA, lstrlenA, WinExec, lstrcpyA, FindNextFileA, GlobalReAlloc, HeapFree, HeapReAlloc, GetProcessHeap, HeapAlloc, MultiByteToWideChar, WideCharToMultiByte, GetFullPathNameA, FreeLibrary, LoadLibraryA, GetLastError, GetVersionExA, WritePrivateProfileStringA, CreateThread, CreateEventA, Sleep, GlobalAlloc, GlobalLock, GlobalUnlock, FindFirstFileA, FindClose, GetFileAttributesA, GetTimeZoneInformation, RtlUnwind, GetStartupInfoA, GetOEMCP, GetCPInfo, GetProcessVersion, SetErrorMode, GlobalFlags, GetCurrentThread, GetFileTime, GetFileSize, TlsGetValue, LocalReAlloc, TlsSetValue, TlsFree, GlobalHandle, TlsAlloc, LocalAlloc, lstrcmpA, GetVersion, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, lstrcmpiA, SetCurrentDirectoryA, GetVolumeInformationA, GetModuleHandleA, GetProcAddress, MulDiv, GetCommandLineA, GetTickCount, WaitForSingleObject, CloseHandle, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, GetCurrentProcess, InterlockedIncrement |
| USER32.dll | GetMenuItemID, wsprintfA, CloseClipboard, GetClipboardData, OpenClipboard, SetClipboardData, EmptyClipboard, GetSystemMetrics, GetCursorPos, ReleaseCapture, MessageBoxA, SetWindowPos, SendMessageA, DestroyCursor, SetParent, IsWindow, PostMessageA, GetTopWindow, GetParent, GetFocus, GetClientRect, InvalidateRect, ValidateRect, UpdateWindow, EqualRect, GetWindowRect, SetForegroundWindow, DestroyMenu, IsChild, ReleaseDC, IsRectEmpty, FillRect, GetDC, SetCursor, LoadCursorA, SetCursorPos, SetActiveWindow, GetSysColor, SetWindowLongA, GetWindowLongA, RedrawWindow, EnableWindow, IsWindowVisible, OffsetRect, PtInRect, DestroyIcon, IntersectRect, InflateRect, SetRect, SetScrollPos, SetScrollRange, GetScrollRange, SetCapture, GetCapture, SetTimer, KillTimer, WinHelpA, LoadBitmapA, UnregisterHotKey, RegisterHotKey, CreateWindowExA, CallWindowProcA, LoadIconA, TranslateMessage, DrawFrameControl, DrawEdge, DrawFocusRect, WindowFromPoint, GetMessageA, DispatchMessageA, SetRectEmpty, RegisterClipboardFormatA, CreateIconFromResourceEx, CreateIconFromResource, DrawIconEx, CreatePopupMenu, AppendMenuA, ModifyMenuA, CreateMenu, CreateAcceleratorTableA, GetDlgCtrlID, GetSubMenu, EnableMenuItem, ClientToScreen, EnumDisplaySettingsA, LoadImageA, SystemParametersInfoA, ShowWindow, TranslateAcceleratorA, GetKeyState, CopyAcceleratorTableA, PostQuitMessage, GetWindowThreadProcessId, IsWindowEnabled, EnumWindows, IsZoomed, GetClassInfoA, DefWindowProcA, GetSystemMenu, DeleteMenu, GetMenu, SetMenu, GetWindowTextA, GetWindowTextLengthA, CharUpperA, GetWindowDC, BeginPaint, EndPaint, TabbedTextOutA, DrawTextA, GrayStringA, GetDlgItem, DestroyWindow, CreateDialogIndirectParamA, EndDialog, GetNextDlgTabItem, GetWindowPlacement, RegisterWindowMessageA, GetForegroundWindow, GetLastActivePopup, GetMessageTime, RemovePropA, GetPropA, UnhookWindowsHookEx, SetPropA, GetClassLongA, CallNextHookEx, SetWindowsHookExA, UnregisterClassA, GetMenuItemCount, RegisterClassA, GetScrollPos, AdjustWindowRectEx, MapWindowPoints, SendDlgItemMessageA, ScrollWindowEx, IsDialogMessageA, SetWindowTextA, MoveWindow, CheckMenuItem, SetMenuItemBitmaps, GetMenuState, GetMenuCheckMarkDimensions, GetClassNameA, GetDesktopWindow, LoadStringA, GetSysColorBrush, PeekMessageA, IsIconic, SetFocus, GetActiveWindow, GetWindow, DestroyAcceleratorTable, SetWindowRgn, GetMessagePos, ScreenToClient, ChildWindowFromPointEx, CopyRect |
| GDI32.dll | StretchBlt, SelectPalette, RealizePalette, GetDIBits, GetWindowExtEx, GetViewportOrgEx, GetWindowOrgEx, BeginPath, EndPath, PathToRegion, CreateEllipticRgn, CreateRoundRectRgn, GetTextColor, GetBkMode, GetBkColor, GetROP2, GetStretchBltMode, GetPolyFillMode, CreateCompatibleBitmap, CreateDCA, FillRgn, CreateBitmap, SelectObject, GetObjectA, CreatePen, PatBlt, CreateRectRgn, CombineRgn, CreatePalette, GetStockObject, CreateFontIndirectA, EndPage, EndDoc, DeleteDC, StartDocA, StartPage, BitBlt, CreateCompatibleDC, Ellipse, Rectangle, LPtoDP, DPtoLP, GetCurrentObject, RoundRect, GetTextExtentPoint32A, GetDeviceCaps, SaveDC, RestoreDC, SetBkMode, SetPolyFillMode, SetROP2, SetTextColor, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, GetClipBox, ExcludeClipRect, MoveToEx, LineTo, GetSystemPaletteEntries, CreateDIBitmap, DeleteObject, SelectClipRgn, CreatePolygonRgn, GetClipRgn, SetStretchBltMode, CreateRectRgnIndirect, SetBkColor, CreateFontA, TranslateCharsetInfo, CreateSolidBrush, GetTextMetricsA, Escape, ExtTextOutA, TextOutA, RectVisible, PtVisible, GetViewportExtEx, ExtSelectClipRgn |
| WINMM.dll | midiStreamRestart, midiStreamClose, midiOutReset, midiStreamStop, midiStreamOut, midiOutPrepareHeader, midiStreamProperty, midiStreamOpen, midiOutUnprepareHeader, waveOutOpen, waveOutGetNumDevs, waveOutClose, waveOutReset, waveOutPause, waveOutWrite, waveOutPrepareHeader, waveOutUnprepareHeader, waveOutRestart |
| WINSPOOL.DRV | ClosePrinter, DocumentPropertiesA, OpenPrinterA |
| ADVAPI32.dll | RegCloseKey, RegOpenKeyExA, RegSetValueExA, RegQueryValueA, RegCreateKeyExA |
| SHELL32.dll | ShellExecuteA, Shell_NotifyIconA, DragAcceptFiles, DragQueryFileA, DragFinish |
| ole32.dll | OleInitialize, OleUninitialize, CLSIDFromString |
| OLEAUT32.dll | UnRegisterTypeLib, RegisterTypeLib, LoadTypeLib |
| COMCTL32.dll | ImageList_Destroy, ImageList_Create, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_DragMove, ImageList_DragShowNolock, ImageList_EndDrag, ImageList_Add |
| WS2_32.dll | WSAAsyncSelect, recvfrom, ioctlsocket, recv, closesocket, getpeername, accept, ntohl, inet_ntoa, WSACleanup |
| comdlg32.dll | GetFileTitleA, GetSaveFileNameA, ChooseColorA, GetOpenFileNameA |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| Chinese | China |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Dec 27, 2024 11:03:01.101855040 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:01.101911068 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:01.101977110 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:01.128173113 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:01.128213882 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.336200953 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.336226940 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.336287022 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.336919069 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.336941004 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.893825054 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.893908024 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.947884083 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.947901011 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.948175907 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.948235989 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.952255011 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:02.995353937 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:03.659413099 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:03.659487009 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:03.659584999 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:03.671731949 CET | 49730 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:03.671751022 CET | 443 | 49730 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.017102003 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.017134905 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.017332077 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.017615080 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.017627954 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.084255934 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.090843916 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.090929985 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.092648029 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.092725039 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.094036102 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.094131947 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.094494104 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.094512939 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.143209934 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.654043913 CET | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
| Dec 27, 2024 11:03:04.876818895 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.876887083 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.876907110 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.876925945 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.876965046 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.877043009 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.877084970 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.877130032 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:04.877795935 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.880511999 CET | 49734 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:04.880548000 CET | 443 | 49734 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.165502071 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.165539980 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.165627956 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.166006088 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.166033983 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.166088104 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.166615963 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.166625977 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.166794062 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.166806936 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.167392015 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.167407990 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.167479038 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.167890072 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.167901039 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.710601091 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.718019962 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.718029976 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.719062090 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.719119072 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.719388962 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.719444990 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.719664097 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:05.719669104 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.770493031 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.482741117 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482769966 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482778072 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482819080 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482826948 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.482832909 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482845068 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.482880116 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.482920885 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.484627962 CET | 49738 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.484646082 CET | 443 | 49738 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.518325090 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.518358946 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.518431902 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.519104004 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.519153118 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.519232035 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.519726038 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.519746065 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.520045042 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.523916006 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.523929119 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.524049997 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.524070024 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.524195910 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.524211884 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.524960041 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:06.524991989 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.525089979 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:06.525268078 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:06.525275946 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.828337908 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.828907967 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.828922987 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.830369949 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.830491066 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.831079960 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.831154108 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.831676006 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.831688881 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.832863092 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.833154917 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.833173037 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.834314108 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.839363098 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.839457035 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.839494944 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.867717981 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.868318081 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.868325949 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.868695974 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.869200945 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.869252920 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.869298935 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.881905079 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.881963968 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.881972075 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.913434029 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:06.913446903 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.614975929 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:07.615000010 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.615060091 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:07.617830038 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:07.617837906 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809178114 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809206009 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809216022 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809232950 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809274912 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809287071 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.809287071 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.809307098 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.809370041 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.812828064 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.812902927 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.812910080 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.812923908 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.812985897 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.812985897 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.818150997 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818181992 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818192005 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818207979 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818249941 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.818258047 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818288088 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.818303108 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.818303108 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.818339109 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.837665081 CET | 49742 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.837681055 CET | 443 | 49742 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.837969065 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.837992907 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.838073015 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.838604927 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.838618040 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.863835096 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.863881111 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.863909960 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.863919020 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.863951921 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.863966942 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.864545107 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864567995 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864574909 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864583969 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864609003 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864645004 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.864645004 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.864654064 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.864665985 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.864721060 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.918895006 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.918919086 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.918984890 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.918991089 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.919023991 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:07.919044018 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.042777061 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.042809963 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.042851925 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.042861938 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.042898893 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.042917967 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.079258919 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.079310894 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.079339981 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.079365015 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.079406977 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.079435110 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.097486973 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.097517967 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.097589016 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.097604036 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.097656965 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.119674921 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.119700909 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.119741917 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.119750977 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.119780064 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.119798899 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.137131929 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.137202024 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.137207985 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.137265921 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.137314081 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.137449980 CET | 49741 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.137459040 CET | 443 | 49741 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.139832020 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.139868975 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.139884949 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.139892101 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.139926910 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.139926910 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.140944958 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.140964031 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.141046047 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.141269922 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.141280890 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.176251888 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.176282883 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.176340103 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.176347017 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.176383018 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.176383018 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.181519032 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.181742907 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.181750059 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.182041883 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.182481050 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.182532072 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.182672977 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.212563038 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.212645054 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.212646008 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.212682009 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.212717056 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.212742090 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.212800980 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.213429928 CET | 49740 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.213445902 CET | 443 | 49740 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.223330975 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.234750032 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.234978914 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.234989882 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.238588095 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.238657951 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.239038944 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.239119053 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.239540100 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.239547968 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.265268087 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.265578032 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.265607119 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.266079903 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.266369104 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.266458988 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.266470909 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.288472891 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.307354927 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.318994045 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.323905945 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.324162960 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:08.324188948 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.325830936 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.325908899 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:08.326904058 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:08.326988935 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.366231918 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:08.366240025 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.369967937 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.370007038 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.370110989 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.370287895 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:08.370299101 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.412478924 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:09.014437914 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.014467001 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.014509916 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.014517069 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.014537096 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.014554977 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.014590979 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.016083956 CET | 49745 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.016094923 CET | 443 | 49745 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.022790909 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.022838116 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.023075104 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.023437023 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.023457050 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.039664030 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.039742947 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.039802074 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.041439056 CET | 49744 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.041461945 CET | 443 | 49744 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.042351961 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.042372942 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.042432070 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.042701960 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.042712927 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.169693947 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.169714928 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.169728041 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.169795036 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.169811964 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.169857025 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.214216948 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.214234114 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.214287043 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.214294910 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.214350939 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.331157923 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.331469059 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:09.331482887 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.332345963 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.332411051 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:09.336555958 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:09.336600065 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.337280035 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:09.337285995 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.381318092 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:09.394819021 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.394834995 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.394885063 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.394893885 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.394917011 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.394932032 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.423073053 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.423086882 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.423150063 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.423156023 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.423224926 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.456701040 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.456715107 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.456770897 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.456778049 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.456825018 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.466481924 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.466536045 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.466551065 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.466625929 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.466907024 CET | 49743 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.466916084 CET | 443 | 49743 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.479723930 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.479744911 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.479825020 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.480011940 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.480021000 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.588320017 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.588654995 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.588668108 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.589131117 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.589484930 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.589560986 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.589705944 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.631340981 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.847620010 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.847944975 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.847956896 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.848434925 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.848962069 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.848962069 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:09.848979950 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.849050045 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:09.899740934 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.071737051 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.073200941 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.073209047 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.074281931 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.074352980 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.074836969 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.074887991 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.075773001 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.075778961 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.108593941 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.110059023 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.110079050 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.110158920 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.113081932 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.113091946 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.117135048 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.155220032 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.155230045 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.155241013 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.156616926 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.156629086 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.156641960 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.156734943 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.342411995 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.342421055 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.342467070 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.342499018 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.342503071 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.342521906 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.342592001 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.342592001 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.381787062 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.381803036 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.381907940 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.381913900 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.381993055 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.513314962 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.513329983 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.513426065 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.513432026 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.513525009 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.540863037 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.540875912 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.540968895 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.540973902 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.541052103 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.544866085 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.544929028 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.544955969 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.545186043 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.545248032 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.545248032 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.545257092 CET | 443 | 49748 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.546948910 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.546991110 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.547020912 CET | 49748 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.547343016 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.547488928 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.547503948 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.595910072 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.595942020 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.595959902 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.596054077 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.596054077 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.596065044 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.596333027 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.618479967 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.618562937 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.618608952 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.619334936 CET | 49750 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.619344950 CET | 443 | 49750 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.646143913 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.646173000 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.646203995 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.646214008 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.646265984 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.679296017 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.679595947 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.679631948 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.681085110 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.681138992 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.681478024 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.681556940 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.681721926 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.681730032 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.689712048 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:10.689740896 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.689807892 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:10.690001011 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:10.690013885 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.735886097 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.785588980 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.785852909 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.785871029 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.786226988 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.787178040 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.787247896 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.787477016 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.827157974 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.827189922 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.827255011 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.827270985 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.827299118 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.827316999 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.831336975 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.863188982 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.863215923 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.863276005 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.863291025 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.863334894 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.863334894 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.893225908 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.893254042 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.893270969 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.893322945 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.893328905 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.893341064 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.893383026 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.895512104 CET | 49749 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:10.895526886 CET | 443 | 49749 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.922708988 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.922749996 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.922806978 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.923280001 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:10.923293114 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.028588057 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.028661013 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.028740883 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.029053926 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.029076099 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069385052 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069406986 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069416046 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069428921 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069453001 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069478989 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.069489956 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.069520950 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.069546938 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.117957115 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.117983103 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.118052006 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.118057966 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.118110895 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.180634975 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.180874109 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.180888891 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.181744099 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.181798935 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.182149887 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.182202101 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.182277918 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.214412928 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.214440107 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.214555979 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.214739084 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.214750051 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.225079060 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.225091934 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.273101091 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.294539928 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.294557095 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.294600010 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.294605970 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.294631958 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.294645071 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.331242085 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.331259966 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.331329107 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.331336021 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.331382990 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.365228891 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.365247965 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.365303040 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.365309954 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.365355968 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.365376949 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.399233103 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.399271965 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.399302006 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.399311066 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.399352074 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.399386883 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.399513960 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.399730921 CET | 49751 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.399743080 CET | 443 | 49751 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453233957 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453265905 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453274965 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453334093 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.453367949 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453387976 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.453430891 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.454006910 CET | 49752 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.454024076 CET | 443 | 49752 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.785617113 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.785649061 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.785672903 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.785732031 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.785744905 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.785830021 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.787197113 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.789308071 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.789391994 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.789397955 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.789412022 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.789439917 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.789478064 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.789710999 CET | 49753 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.789716005 CET | 443 | 49753 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.793898106 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.793983936 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.794078112 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.794323921 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:11.794358969 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.810009956 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.810245991 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:11.810262918 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.810744047 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.811125994 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:11.811146975 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:11.811203003 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:11.851572990 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.177974939 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.177994967 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178000927 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178035975 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178055048 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178061962 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178086996 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.178103924 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.178117037 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.178148985 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.223722935 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.223731041 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.223784924 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.223931074 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.223931074 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.223941088 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.227114916 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.247015953 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.247631073 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.247652054 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.247958899 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.251568079 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.251631021 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.251688957 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.295372009 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.402755976 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.402777910 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.403002977 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.403024912 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.403072119 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.437695980 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.440846920 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.440861940 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.440965891 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.440975904 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.443335056 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.464555979 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:12.464565039 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.465527058 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.465599060 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:12.475210905 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.475225925 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.475306988 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.475317955 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.475455046 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.492536068 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.492603064 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.492651939 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.492816925 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.573096037 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.573180914 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.573241949 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.669522047 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.681186914 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:12.681344032 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.685272932 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.685296059 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.686304092 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.686372995 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.688021898 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.688083887 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.691587925 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:12.691612005 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.691766977 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.691776037 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.692542076 CET | 49756 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.692559958 CET | 443 | 49756 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.694684029 CET | 49755 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.694696903 CET | 443 | 49755 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.729372025 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.735596895 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:12.735601902 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:12.772975922 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.827445030 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.827475071 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.827809095 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.833844900 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.833926916 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.834414959 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.879337072 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.910427094 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.960942030 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.960957050 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.961462021 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.963180065 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:12.963255882 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:12.964087009 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.007330894 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.009916067 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.010740995 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.010766029 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.010832071 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.011101961 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.011113882 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.052095890 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.052112103 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.052160978 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.052177906 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.052189112 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.052194118 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.052239895 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.242542028 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.242559910 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.242681980 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.242705107 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.242767096 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.277513981 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.277529955 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.277643919 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.277657032 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.277714014 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.372196913 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.373461008 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.373486042 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.373580933 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.373742104 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.373753071 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.414326906 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.414349079 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.414455891 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.414482117 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.414557934 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.416568041 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.422313929 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422324896 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422367096 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422390938 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.422395945 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422415018 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422427893 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.422436953 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.422446012 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.422455072 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.422472954 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.441848993 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.444416046 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.444470882 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.444544077 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.444752932 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.444771051 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486057043 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486071110 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486104012 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486114025 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486128092 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486195087 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.486215115 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486246109 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.486246109 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.486308098 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.495750904 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.496032953 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.496058941 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.496370077 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.496632099 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.496685028 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.496789932 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.508308887 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.508364916 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.508380890 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.508424997 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.508512974 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.530951977 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.533483028 CET | 49757 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.533500910 CET | 443 | 49757 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.539336920 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616589069 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616600990 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616653919 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.616652012 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616679907 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616689920 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.616700888 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.616715908 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.651262045 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.651287079 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.651395082 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.651411057 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.651473045 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.663846970 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.663863897 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.663948059 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.664140940 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.664150953 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.682928085 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.682940960 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.682975054 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.682986975 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.683027029 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.683046103 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.683068991 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.683105946 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.694993019 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.695017099 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.695024014 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.695087910 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.695096970 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.695111036 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.695154905 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.715728045 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.715738058 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.715771914 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.715784073 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.715825081 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.715837002 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.715868950 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.715892076 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.727560043 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727585077 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727591991 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727600098 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727617979 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727694035 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.727735043 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.727806091 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.731601954 CET | 49761 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.731611013 CET | 443 | 49761 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.780345917 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.780371904 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.780529976 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.780571938 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.780625105 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.798595905 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.798651934 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.798722982 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.798738956 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.798794031 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.798794031 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.821633101 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.821652889 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.821759939 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.821775913 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.821846962 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.848285913 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.848308086 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.848359108 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.848371983 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.848403931 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.848433971 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.855657101 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.855710983 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.855724096 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.855746031 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.855786085 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.855923891 CET | 49758 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.855936050 CET | 443 | 49758 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.864362001 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.864398003 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.864433050 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.864447117 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.864470959 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.864487886 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.946578026 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.946630001 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.946685076 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.946717024 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.946727037 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.947222948 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.947268009 CET | 443 | 49759 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.947334051 CET | 49759 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:13.952672958 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.952693939 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.952771902 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.952788115 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.952828884 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.968648911 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.968664885 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.968739986 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.972361088 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:13.972373009 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.991553068 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.991574049 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.991667032 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:13.991692066 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.991729975 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.013312101 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.013358116 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.013389111 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.013422012 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.013469934 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.013859987 CET | 49760 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.013874054 CET | 443 | 49760 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.492789984 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.492811918 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.492832899 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.492892981 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.492922068 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.492947102 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.492980003 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.496831894 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.496906996 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.496907949 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.496944904 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.497172117 CET | 49762 | 443 | 192.168.2.4 | 46.8.127.55 |
| Dec 27, 2024 11:03:14.497186899 CET | 443 | 49762 | 46.8.127.55 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.705058098 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.705365896 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:14.705382109 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.706234932 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.706290960 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:14.706638098 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:14.706676006 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.706773043 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:14.706777096 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:14.748600960 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.120301008 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.120567083 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.120579004 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.121040106 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.121397972 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.121519089 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.121537924 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.136755943 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.137048960 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.137079954 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.137622118 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.138008118 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.138044119 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.138048887 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.138075113 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.163177967 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.163186073 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.178508997 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.347304106 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:15.347354889 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.347557068 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:15.363195896 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:15.363215923 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.467617989 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.467691898 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.467781067 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.486150026 CET | 49763 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.486167908 CET | 443 | 49763 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.557800055 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.563764095 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.563772917 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.564071894 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.604765892 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.615988016 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.616054058 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.616162062 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.647964954 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.663328886 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.691660881 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.744612932 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.744621992 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.748620987 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.748730898 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.843585968 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.843863010 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.844089031 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.844099045 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.883367062 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.883476973 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.883549929 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.886517048 CET | 49764 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.886529922 CET | 443 | 49764 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.887559891 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:15.900501966 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.900569916 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.900618076 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.901350021 CET | 49765 | 443 | 192.168.2.4 | 203.205.137.76 |
| Dec 27, 2024 11:03:15.901371002 CET | 443 | 49765 | 203.205.137.76 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.441281080 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.442426920 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.442459106 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.442524910 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.443099022 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.443111897 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489384890 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.489573002 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489582062 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489600897 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489615917 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489622116 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489651918 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.489660978 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489732981 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.489738941 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.489804983 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.519668102 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.568921089 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.602144957 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602159977 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602195978 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602212906 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602226973 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.602229118 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602243900 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.602266073 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.602293968 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.676789999 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.676799059 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.676839113 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.676893950 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.676893950 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.676903009 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.678505898 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.713545084 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.713562965 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.713696957 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.713704109 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.713762045 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.785207987 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.785221100 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.785255909 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.785280943 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.785288095 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.785305023 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.785314083 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.785340071 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.818316936 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.818353891 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.818406105 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.818414927 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.818449020 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.818505049 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.846525908 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.846545935 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.846621037 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.846632004 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.846681118 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.888031960 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.888046980 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.888120890 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.888127089 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.888173103 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953401089 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.953433990 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.953490019 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953495026 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.953541994 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953541994 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953548908 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.953599930 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953958988 CET | 49766 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.953980923 CET | 443 | 49766 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.997406006 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.997454882 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.997500896 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.997515917 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:16.997543097 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:16.997559071 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.077048063 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.077095032 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.077127934 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.077142000 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.077173948 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.077181101 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.157780886 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.157828093 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.157891989 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.157908916 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.157943010 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.157954931 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.175493956 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.175559998 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.176023960 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.176105976 CET | 443 | 49769 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.176369905 CET | 49769 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:17.241643906 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.242049932 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.242060900 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.243179083 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.243249893 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.244286060 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.244371891 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.244438887 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.244443893 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.286031961 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.668143988 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.668162107 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.668293953 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.668302059 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.668389082 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.871222019 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.871231079 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.871278048 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.871340036 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.871340036 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.871351957 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.871402979 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.907409906 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.907452106 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.907479048 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.907491922 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.907519102 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.957935095 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.957956076 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.958019972 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.958029032 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.958041906 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:17.990130901 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.990334988 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:17.990391970 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:18.005024910 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.099927902 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.099939108 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.099972010 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.100008011 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.100018978 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.100030899 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.100064993 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.100123882 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.128926992 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.128948927 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.129015923 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.129026890 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.129051924 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.129069090 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.153851986 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.153886080 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.153918982 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.153924942 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.153997898 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.194885969 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.195190907 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.195204973 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.196095943 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.196160078 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.196348906 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.196373940 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.196655989 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.196664095 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.196695089 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.196830988 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.199306965 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.199430943 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.199450970 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.239483118 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.239492893 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.286271095 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.287763119 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.287789106 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.287926912 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.287926912 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.287936926 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.287971973 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.310022116 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.310044050 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.310142040 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.310147047 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.310225010 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.310225010 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.323385000 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.323405027 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.323508978 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.323513985 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.323556900 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.335648060 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.335669994 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.335771084 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.335776091 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.335808992 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.337148905 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.345990896 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.346064091 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.346149921 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.349167109 CET | 49771 | 443 | 192.168.2.4 | 163.171.138.116 |
| Dec 27, 2024 11:03:18.349179983 CET | 443 | 49771 | 163.171.138.116 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.851977110 CET | 49746 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:03:18.851995945 CET | 443 | 49746 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.968055010 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.968120098 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:03:18.968187094 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.968482971 CET | 49772 | 443 | 192.168.2.4 | 203.205.136.80 |
| Dec 27, 2024 11:03:18.968492031 CET | 443 | 49772 | 203.205.136.80 | 192.168.2.4 |
| Dec 27, 2024 11:04:06.431118011 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:06.431233883 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:06.431353092 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:06.431566000 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:06.431605101 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:08.170392036 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:08.170694113 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:08.170761108 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:08.171238899 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:08.171564102 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:08.171655893 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:08.224170923 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:17.873704910 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:17.873799086 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:04:17.873955011 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:18.850910902 CET | 49797 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:04:18.850938082 CET | 443 | 49797 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:05:06.492309093 CET | 49929 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:05:06.492341042 CET | 443 | 49929 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:05:06.492392063 CET | 49929 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:05:06.492666006 CET | 49929 | 443 | 192.168.2.4 | 172.217.21.36 |
| Dec 27, 2024 11:05:06.492680073 CET | 443 | 49929 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:05:08.180599928 CET | 443 | 49929 | 172.217.21.36 | 192.168.2.4 |
| Dec 27, 2024 11:05:08.225753069 CET | 49929 | 443 | 192.168.2.4 | 172.217.21.36 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Dec 27, 2024 11:03:00.814491034 CET | 59285 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:01.095096111 CET | 53 | 59285 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.188771963 CET | 59360 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:02.188990116 CET | 58766 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:02.326280117 CET | 53 | 59360 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.327100992 CET | 53 | 59866 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:02.330558062 CET | 53 | 58766 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:05.221227884 CET | 53 | 63504 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.385938883 CET | 60011 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:06.386228085 CET | 52230 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:06.523067951 CET | 53 | 52230 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.523305893 CET | 63323 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:06.523364067 CET | 53 | 60011 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:06.523531914 CET | 60140 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:07.264564037 CET | 53 | 60140 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.540134907 CET | 53436 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:07.612760067 CET | 53 | 63323 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:07.678212881 CET | 53 | 53436 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.224432945 CET | 57455 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:08.224570036 CET | 57257 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:08.362149954 CET | 53 | 57257 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:08.369405985 CET | 53 | 57455 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.548773050 CET | 49331 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:10.548773050 CET | 57842 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:10.685883045 CET | 53 | 57842 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:10.688915014 CET | 53 | 49331 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:13.954209089 CET | 64002 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:13.954427958 CET | 57502 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:14.976876020 CET | 60118 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:14.977092028 CET | 61981 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 27, 2024 11:03:15.224049091 CET | 53 | 61981 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.224143028 CET | 53 | 57502 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.312536955 CET | 53 | 64002 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:15.312575102 CET | 53 | 60118 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:19.073930979 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
| Dec 27, 2024 11:03:22.178024054 CET | 53 | 55775 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:03:41.159960032 CET | 53 | 53988 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:04:01.919348001 CET | 53 | 54970 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:04:03.834041119 CET | 53 | 64770 | 1.1.1.1 | 192.168.2.4 |
| Dec 27, 2024 11:04:35.096290112 CET | 53 | 61527 | 1.1.1.1 | 192.168.2.4 |
| Timestamp | Source IP | Dest IP | Checksum | Code | Type |
|---|---|---|---|---|---|
| Dec 27, 2024 11:03:07.681107044 CET | 192.168.2.4 | 1.1.1.1 | c270 | (Port unreachable) | Destination Unreachable |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Dec 27, 2024 11:03:00.814491034 CET | 192.168.2.4 | 1.1.1.1 | 0xd356 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:02.188771963 CET | 192.168.2.4 | 1.1.1.1 | 0x7116 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:02.188990116 CET | 192.168.2.4 | 1.1.1.1 | 0xea63 | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:06.385938883 CET | 192.168.2.4 | 1.1.1.1 | 0x8c83 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:06.386228085 CET | 192.168.2.4 | 1.1.1.1 | 0xab8f | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:06.523305893 CET | 192.168.2.4 | 1.1.1.1 | 0x5906 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:06.523531914 CET | 192.168.2.4 | 1.1.1.1 | 0x2680 | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:07.540134907 CET | 192.168.2.4 | 1.1.1.1 | 0x2012 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:08.224432945 CET | 192.168.2.4 | 1.1.1.1 | 0x9f8c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:08.224570036 CET | 192.168.2.4 | 1.1.1.1 | 0x27d4 | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:10.548773050 CET | 192.168.2.4 | 1.1.1.1 | 0xd61a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:10.548773050 CET | 192.168.2.4 | 1.1.1.1 | 0x79a3 | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:13.954209089 CET | 192.168.2.4 | 1.1.1.1 | 0xd6f4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:13.954427958 CET | 192.168.2.4 | 1.1.1.1 | 0x5b51 | Standard query (0) | 65 | IN (0x0001) | false | |
| Dec 27, 2024 11:03:14.976876020 CET | 192.168.2.4 | 1.1.1.1 | 0x6b0f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 27, 2024 11:03:14.977092028 CET | 192.168.2.4 | 1.1.1.1 | 0x5923 | Standard query (0) | 65 | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Dec 27, 2024 11:03:01.095096111 CET | 1.1.1.1 | 192.168.2.4 | 0xd356 | No error (0) | 46.8.127.55 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:02.326280117 CET | 1.1.1.1 | 192.168.2.4 | 0x7116 | No error (0) | 46.8.127.55 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:06.523067951 CET | 1.1.1.1 | 192.168.2.4 | 0xab8f | No error (0) | 65 | IN (0x0001) | false | |||
| Dec 27, 2024 11:03:06.523364067 CET | 1.1.1.1 | 192.168.2.4 | 0x8c83 | No error (0) | 172.217.21.36 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.612760067 CET | 1.1.1.1 | 192.168.2.4 | 0x5906 | No error (0) | game.gtimg.cn.cloud.tc.qq.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.612760067 CET | 1.1.1.1 | 192.168.2.4 | 0x5906 | No error (0) | game.gtimg.cn.sched.legopic2.tdnsv6.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.612760067 CET | 1.1.1.1 | 192.168.2.4 | 0x5906 | No error (0) | 203.205.137.76 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.612760067 CET | 1.1.1.1 | 192.168.2.4 | 0x5906 | No error (0) | 203.205.136.80 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.612760067 CET | 1.1.1.1 | 192.168.2.4 | 0x5906 | No error (0) | 203.205.137.101 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.678212881 CET | 1.1.1.1 | 192.168.2.4 | 0x2012 | No error (0) | game.gtimg.cn.cloud.tc.qq.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.678212881 CET | 1.1.1.1 | 192.168.2.4 | 0x2012 | No error (0) | game.gtimg.cn.sched.legopic2.tdnsv6.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.678212881 CET | 1.1.1.1 | 192.168.2.4 | 0x2012 | No error (0) | 203.205.136.80 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.678212881 CET | 1.1.1.1 | 192.168.2.4 | 0x2012 | No error (0) | 203.205.137.76 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:07.678212881 CET | 1.1.1.1 | 192.168.2.4 | 0x2012 | No error (0) | 203.205.137.101 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:08.369405985 CET | 1.1.1.1 | 192.168.2.4 | 0x9f8c | No error (0) | 46.8.127.55 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:10.688915014 CET | 1.1.1.1 | 192.168.2.4 | 0xd61a | No error (0) | game.gtimg.cn.cloud.tc.qq.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:10.688915014 CET | 1.1.1.1 | 192.168.2.4 | 0xd61a | No error (0) | game.gtimg.cn.sched.legopic2.tdnsv6.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:10.688915014 CET | 1.1.1.1 | 192.168.2.4 | 0xd61a | No error (0) | 203.205.136.80 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:10.688915014 CET | 1.1.1.1 | 192.168.2.4 | 0xd61a | No error (0) | 203.205.137.76 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:10.688915014 CET | 1.1.1.1 | 192.168.2.4 | 0xd61a | No error (0) | 203.205.137.101 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.224049091 CET | 1.1.1.1 | 192.168.2.4 | 0x5923 | No error (0) | www.dota2.com.cn.wscdns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.224143028 CET | 1.1.1.1 | 192.168.2.4 | 0x5b51 | No error (0) | www.dota2.com.cn.wscdns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312536955 CET | 1.1.1.1 | 192.168.2.4 | 0xd6f4 | No error (0) | www.dota2.com.cn.wscdns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312536955 CET | 1.1.1.1 | 192.168.2.4 | 0xd6f4 | No error (0) | 163.171.138.116 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312536955 CET | 1.1.1.1 | 192.168.2.4 | 0xd6f4 | No error (0) | 163.171.138.115 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312536955 CET | 1.1.1.1 | 192.168.2.4 | 0xd6f4 | No error (0) | 163.171.132.42 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312575102 CET | 1.1.1.1 | 192.168.2.4 | 0x6b0f | No error (0) | www.dota2.com.cn.wscdns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312575102 CET | 1.1.1.1 | 192.168.2.4 | 0x6b0f | No error (0) | 163.171.138.116 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312575102 CET | 1.1.1.1 | 192.168.2.4 | 0x6b0f | No error (0) | 163.171.138.115 | A (IP address) | IN (0x0001) | false | ||
| Dec 27, 2024 11:03:15.312575102 CET | 1.1.1.1 | 192.168.2.4 | 0x6b0f | No error (0) | 163.171.132.42 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.4 | 49730 | 46.8.127.55 | 443 | 7356 | C:\Users\user\Desktop\DOTA2#U89c6#U8ddd#U63d2#U4ef6.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:02 UTC | 218 | OUT | |
| 2024-12-27 10:03:03 UTC | 336 | IN | |
| 2024-12-27 10:03:03 UTC | 130 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.4 | 49734 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:04 UTC | 657 | OUT | |
| 2024-12-27 10:03:04 UTC | 401 | IN | |
| 2024-12-27 10:03:04 UTC | 8253 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.4 | 49738 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:05 UTC | 657 | OUT | |
| 2024-12-27 10:03:06 UTC | 401 | IN | |
| 2024-12-27 10:03:06 UTC | 8253 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.4 | 49742 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:06 UTC | 630 | OUT | |
| 2024-12-27 10:03:07 UTC | 366 | IN | |
| 2024-12-27 10:03:07 UTC | 16018 | IN | |
| 2024-12-27 10:03:07 UTC | 1741 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.4 | 49741 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:06 UTC | 625 | OUT | |
| 2024-12-27 10:03:07 UTC | 367 | IN | |
| 2024-12-27 10:03:07 UTC | 16017 | IN | |
| 2024-12-27 10:03:07 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 8954 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.4 | 49740 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:06 UTC | 615 | OUT | |
| 2024-12-27 10:03:07 UTC | 381 | IN | |
| 2024-12-27 10:03:07 UTC | 16003 | IN | |
| 2024-12-27 10:03:07 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 16384 | IN | |
| 2024-12-27 10:03:08 UTC | 14834 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.4 | 49743 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:08 UTC | 604 | OUT | |
| 2024-12-27 10:03:09 UTC | 381 | IN | |
| 2024-12-27 10:03:09 UTC | 16003 | IN | |
| 2024-12-27 10:03:09 UTC | 16384 | IN | |
| 2024-12-27 10:03:09 UTC | 16384 | IN | |
| 2024-12-27 10:03:09 UTC | 16384 | IN | |
| 2024-12-27 10:03:09 UTC | 16384 | IN | |
| 2024-12-27 10:03:09 UTC | 5923 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.4 | 49745 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:08 UTC | 595 | OUT | |
| 2024-12-27 10:03:09 UTC | 379 | IN | |
| 2024-12-27 10:03:09 UTC | 7204 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 8 | 192.168.2.4 | 49744 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:08 UTC | 601 | OUT | |
| 2024-12-27 10:03:09 UTC | 336 | IN | |
| 2024-12-27 10:03:09 UTC | 155 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.4 | 49748 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:09 UTC | 639 | OUT | |
| 2024-12-27 10:03:10 UTC | 513 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 3000 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.4 | 49749 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:09 UTC | 612 | OUT | |
| 2024-12-27 10:03:10 UTC | 381 | IN | |
| 2024-12-27 10:03:10 UTC | 16003 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 16384 | IN | |
| 2024-12-27 10:03:10 UTC | 11871 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.4 | 49750 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:09 UTC | 601 | OUT | |
| 2024-12-27 10:03:10 UTC | 336 | IN | |
| 2024-12-27 10:03:10 UTC | 155 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.4 | 49751 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:10 UTC | 440 | OUT | |
| 2024-12-27 10:03:11 UTC | 381 | IN | |
| 2024-12-27 10:03:11 UTC | 16003 | IN | |
| 2024-12-27 10:03:11 UTC | 16384 | IN | |
| 2024-12-27 10:03:11 UTC | 16384 | IN | |
| 2024-12-27 10:03:11 UTC | 16384 | IN | |
| 2024-12-27 10:03:11 UTC | 16384 | IN | |
| 2024-12-27 10:03:11 UTC | 14834 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.4 | 49752 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:10 UTC | 420 | OUT | |
| 2024-12-27 10:03:11 UTC | 379 | IN | |
| 2024-12-27 10:03:11 UTC | 7204 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.4 | 49753 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:10 UTC | 661 | OUT | |
| 2024-12-27 10:03:11 UTC | 369 | IN | |
| 2024-12-27 10:03:11 UTC | 16015 | IN | |
| 2024-12-27 10:03:11 UTC | 3729 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 15 | 192.168.2.4 | 49755 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:11 UTC | 496 | OUT | |
| 2024-12-27 10:03:12 UTC | 381 | IN | |
| 2024-12-27 10:03:12 UTC | 16003 | IN | |
| 2024-12-27 10:03:12 UTC | 16384 | IN | |
| 2024-12-27 10:03:12 UTC | 16384 | IN | |
| 2024-12-27 10:03:12 UTC | 16384 | IN | |
| 2024-12-27 10:03:12 UTC | 16384 | IN | |
| 2024-12-27 10:03:12 UTC | 5923 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 16 | 192.168.2.4 | 49756 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:11 UTC | 689 | OUT | |
| 2024-12-27 10:03:12 UTC | 422 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 17 | 192.168.2.4 | 49757 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:12 UTC | 639 | OUT | |
| 2024-12-27 10:03:13 UTC | 513 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 12764 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 18 | 192.168.2.4 | 49758 | 203.205.136.80 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:12 UTC | 405 | OUT | |
| 2024-12-27 10:03:13 UTC | 521 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 3926 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 19 | 192.168.2.4 | 49759 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:12 UTC | 639 | OUT | |
| 2024-12-27 10:03:13 UTC | 514 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 14136 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 20 | 192.168.2.4 | 49760 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:12 UTC | 504 | OUT | |
| 2024-12-27 10:03:13 UTC | 381 | IN | |
| 2024-12-27 10:03:13 UTC | 16003 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:13 UTC | 16384 | IN | |
| 2024-12-27 10:03:14 UTC | 11871 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 21 | 192.168.2.4 | 49761 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:12 UTC | 752 | OUT | |
| 2024-12-27 10:03:13 UTC | 275 | IN | |
| 2024-12-27 10:03:13 UTC | 10280 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 22 | 192.168.2.4 | 49762 | 46.8.127.55 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:13 UTC | 493 | OUT | |
| 2024-12-27 10:03:14 UTC | 369 | IN | |
| 2024-12-27 10:03:14 UTC | 16015 | IN | |
| 2024-12-27 10:03:14 UTC | 3729 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 23 | 192.168.2.4 | 49763 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:14 UTC | 689 | OUT | |
| 2024-12-27 10:03:15 UTC | 423 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 24 | 192.168.2.4 | 49764 | 203.205.136.80 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:15 UTC | 455 | OUT | |
| 2024-12-27 10:03:15 UTC | 423 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 25 | 192.168.2.4 | 49765 | 203.205.137.76 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:15 UTC | 689 | OUT | |
| 2024-12-27 10:03:15 UTC | 422 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 26 | 192.168.2.4 | 49766 | 203.205.136.80 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:15 UTC | 405 | OUT | |
| 2024-12-27 10:03:16 UTC | 520 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 15451 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 27 | 192.168.2.4 | 49769 | 203.205.136.80 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:15 UTC | 405 | OUT | |
| 2024-12-27 10:03:16 UTC | 540 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:16 UTC | 16384 | IN | |
| 2024-12-27 10:03:17 UTC | 16384 | IN | |
| 2024-12-27 10:03:17 UTC | 16384 | IN | |
| 2024-12-27 10:03:17 UTC | 6445 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 28 | 192.168.2.4 | 49771 | 163.171.138.116 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:17 UTC | 585 | OUT | |
| 2024-12-27 10:03:17 UTC | 509 | IN | |
| 2024-12-27 10:03:17 UTC | 3766 | IN | |
| 2024-12-27 10:03:17 UTC | 16384 | IN | |
| 2024-12-27 10:03:17 UTC | 12050 | IN | |
| 2024-12-27 10:03:17 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN | |
| 2024-12-27 10:03:18 UTC | 16384 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 29 | 192.168.2.4 | 49772 | 203.205.136.80 | 443 | 7636 | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-27 10:03:18 UTC | 455 | OUT | |
| 2024-12-27 10:03:18 UTC | 423 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
| Target ID: | 0 |
| Start time: | 05:02:59 |
| Start date: | 27/12/2024 |
| Path: | C:\Users\user\Desktop\DOTA2#U89c6#U8ddd#U63d2#U4ef6.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x400000 |
| File size: | 1'069'056 bytes |
| MD5 hash: | AAC8790EB423FC881EA8798E21A9A811 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
| Target ID: | 1 |
| Start time: | 05:02:59 |
| Start date: | 27/12/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff76e190000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 3 |
| Start time: | 05:03:00 |
| Start date: | 27/12/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff76e190000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | false |
| Target ID: | 4 |
| Start time: | 05:03:02 |
| Start date: | 27/12/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff76e190000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 5 |
| Start time: | 05:03:02 |
| Start date: | 27/12/2024 |
| Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff76e190000 |
| File size: | 3'242'272 bytes |
| MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
Execution Graph
| Execution Coverage: | 2.4% |
| Dynamic/Decrypted Code Coverage: | 0% |
| Signature Coverage: | 15.5% |
| Total number of Nodes: | 939 |
| Total number of Limit Nodes: | 35 |
Graph
Function 004016E3 Relevance: 53.9, Strings: 42, Instructions: 1421COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00441E30 Relevance: 21.4, APIs: 7, Strings: 5, Instructions: 370commemorythreadCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041C640 Relevance: 18.3, APIs: 12, Instructions: 273threadwindownetworkCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00494500 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 170stringCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049612F Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 174windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040CEE0 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 267windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041F280 Relevance: 13.8, APIs: 9, Instructions: 289COMMON
Download Yara Rule
Control-flow Graph
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00411DE0 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 207windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040D210 Relevance: 7.6, APIs: 5, Instructions: 134windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041F160 Relevance: 6.1, APIs: 4, Instructions: 94windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00420920 Relevance: 4.6, APIs: 3, Instructions: 100COMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00493F0D Relevance: 3.0, APIs: 2, Instructions: 44COMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049CB8D Relevance: 3.0, APIs: 2, Instructions: 32COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00486B1B Relevance: 3.0, APIs: 2, Instructions: 30memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00425BD0 Relevance: 3.0, APIs: 2, Instructions: 28COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004975A8 Relevance: 3.0, APIs: 2, Instructions: 27threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00494AC1 Relevance: 3.0, APIs: 2, Instructions: 27COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004946F6 Relevance: 3.0, APIs: 2, Instructions: 25threadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00420B50 Relevance: 3.0, APIs: 2, Instructions: 16COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040B570 Relevance: 1.6, APIs: 1, Instructions: 127windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00483175 Relevance: 1.6, APIs: 1, Instructions: 80memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049405D Relevance: 1.6, APIs: 1, Instructions: 73COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00494784 Relevance: 1.6, APIs: 1, Instructions: 72COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00494A74 Relevance: 1.5, APIs: 1, Instructions: 33COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004942D4 Relevance: 1.5, APIs: 1, Instructions: 30COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00496BFC Relevance: 1.5, APIs: 1, Instructions: 12COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00424470 Relevance: 1.5, APIs: 1, Instructions: 9COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00433570 Relevance: 85.5, APIs: 47, Strings: 1, Instructions: 1494windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041A2D0 Relevance: 55.2, APIs: 29, Strings: 2, Instructions: 979windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00446610 Relevance: 32.8, Strings: 26, Instructions: 305COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00423C60 Relevance: 22.8, APIs: 9, Strings: 4, Instructions: 93libraryloaderwindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00438910 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 88clipboardmemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041F740 Relevance: 15.4, APIs: 10, Instructions: 430COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00413130 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 114filewindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044906D Relevance: 10.5, Strings: 8, Instructions: 498COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044AF40 Relevance: 8.0, Strings: 6, Instructions: 536COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00448D3B Relevance: 7.8, Strings: 6, Instructions: 309COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041C030 Relevance: 6.1, APIs: 4, Instructions: 94fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00481480 Relevance: 6.0, APIs: 4, Instructions: 37COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004535A0 Relevance: 5.5, Strings: 4, Instructions: 485COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004495D2 Relevance: 5.2, Strings: 4, Instructions: 245COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048495C Relevance: 4.6, APIs: 3, Instructions: 75timeCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004962E4 Relevance: 4.5, APIs: 3, Instructions: 32COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004950CF Relevance: 3.4, APIs: 2, Instructions: 422COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00454D90 Relevance: 3.3, Strings: 2, Instructions: 788COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041FE10 Relevance: 3.2, APIs: 2, Instructions: 209windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004245E0 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00449B30 Relevance: 2.9, Strings: 2, Instructions: 445COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00407F0E Relevance: 2.7, Strings: 2, Instructions: 195COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00446940 Relevance: 2.6, Strings: 2, Instructions: 115COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00440FB0 Relevance: 2.5, APIs: 1, Instructions: 1006COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0045D720 Relevance: 2.3, Strings: 1, Instructions: 1089COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044FEE0 Relevance: 1.6, Strings: 1, Instructions: 373COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00443120 Relevance: .9, Instructions: 903COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00465A20 Relevance: .5, Instructions: 503COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048ED37 Relevance: .4, Instructions: 417COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00457F70 Relevance: .4, Instructions: 386COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00458670 Relevance: .4, Instructions: 382COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00456A50 Relevance: .4, Instructions: 364COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00453AE0 Relevance: .4, Instructions: 352COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00424E50 Relevance: .3, Instructions: 336COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00469860 Relevance: .3, Instructions: 334COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048AC46 Relevance: .3, Instructions: 259COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00458440 Relevance: .2, Instructions: 209COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00456210 Relevance: .2, Instructions: 178COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004590B0 Relevance: .1, Instructions: 138COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00450310 Relevance: .1, Instructions: 127COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044FBD0 Relevance: .1, Instructions: 109COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00406C62 Relevance: .0, Instructions: 48COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004071C8 Relevance: .0, Instructions: 44COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00407331 Relevance: .0, Instructions: 42COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00406ECE Relevance: .0, Instructions: 42COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004296B1 Relevance: .0, Instructions: 34COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004203C2 Relevance: .0, Instructions: 18COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00406B22 Relevance: .0, Instructions: 6COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043ED50 Relevance: 42.4, APIs: 19, Strings: 5, Instructions: 356windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041B3E0 Relevance: 40.5, APIs: 22, Strings: 1, Instructions: 293windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042B1D0 Relevance: 38.9, APIs: 18, Strings: 4, Instructions: 411windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0046A0E9 Relevance: 36.9, APIs: 20, Strings: 1, Instructions: 108windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042B740 Relevance: 35.4, APIs: 17, Strings: 3, Instructions: 371windowlibraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004115B0 Relevance: 31.9, APIs: 16, Strings: 2, Instructions: 384windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00442B10 Relevance: 31.7, APIs: 21, Instructions: 205COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00428E00 Relevance: 31.7, APIs: 17, Strings: 1, Instructions: 183windowmemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043DBE0 Relevance: 30.0, APIs: 15, Strings: 2, Instructions: 255windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00481352 Relevance: 24.6, APIs: 7, Strings: 7, Instructions: 68libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00490F8B Relevance: 22.9, APIs: 7, Strings: 6, Instructions: 119registryclipboardwindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00442730 Relevance: 21.3, APIs: 8, Strings: 4, Instructions: 331threadCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040D390 Relevance: 19.9, APIs: 13, Instructions: 372COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041C230 Relevance: 19.6, APIs: 9, Strings: 2, Instructions: 310libraryregistryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00413B30 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 130stringprocessCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004211F0 Relevance: 18.4, APIs: 12, Instructions: 354COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00421F20 Relevance: 17.9, APIs: 9, Strings: 1, Instructions: 387windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044DE20 Relevance: 16.8, APIs: 11, Instructions: 258COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048E1FF Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 50libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004267F0 Relevance: 15.2, APIs: 10, Instructions: 179COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043DF90 Relevance: 15.1, APIs: 10, Instructions: 86COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00469D50 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 61windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00496601 Relevance: 14.0, APIs: 6, Strings: 2, Instructions: 42libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00410F70 Relevance: 13.8, APIs: 9, Instructions: 287COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00426590 Relevance: 13.6, APIs: 9, Instructions: 118COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00493903 Relevance: 13.6, APIs: 9, Instructions: 113COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00423D60 Relevance: 13.6, APIs: 9, Instructions: 85windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049AF40 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 140windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00486BB1 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 100fileCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042FAA0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 93networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004814EB Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 61stringCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044B840 Relevance: 12.2, APIs: 8, Instructions: 162COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004865EA Relevance: 12.1, APIs: 8, Instructions: 132COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043D420 Relevance: 12.1, APIs: 8, Instructions: 77COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00413A10 Relevance: 12.1, APIs: 8, Instructions: 55COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048F618 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 241fileCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00423920 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 196windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049AC91 Relevance: 10.6, APIs: 7, Instructions: 94windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049D09A Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 65registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004224A0 Relevance: 9.2, APIs: 6, Instructions: 176windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043E6F0 Relevance: 9.1, APIs: 6, Instructions: 136windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00435030 Relevance: 9.1, APIs: 6, Instructions: 124COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042A460 Relevance: 9.1, APIs: 6, Instructions: 100COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049C132 Relevance: 9.1, APIs: 6, Instructions: 85memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049A439 Relevance: 9.1, APIs: 6, Instructions: 67COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004134D0 Relevance: 9.1, APIs: 6, Instructions: 54windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00437D00 Relevance: 9.1, APIs: 6, Instructions: 54COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00469F25 Relevance: 9.0, APIs: 6, Instructions: 50windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00499E3E Relevance: 9.0, APIs: 6, Instructions: 48windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00499D58 Relevance: 9.0, APIs: 6, Instructions: 46COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0046A292 Relevance: 9.0, APIs: 6, Instructions: 39windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00413D00 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 169windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00494950 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049CBF0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 88stringCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00420D40 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 60windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00429CBE Relevance: 7.9, APIs: 5, Instructions: 426COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004358C0 Relevance: 7.7, APIs: 5, Instructions: 229COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00415650 Relevance: 7.7, APIs: 5, Instructions: 161windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00421A40 Relevance: 7.6, APIs: 5, Instructions: 104windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0041DA30 Relevance: 7.6, APIs: 5, Instructions: 92windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004237B0 Relevance: 7.6, APIs: 5, Instructions: 90COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00490C3E Relevance: 7.6, APIs: 5, Instructions: 88windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040E640 Relevance: 7.6, APIs: 5, Instructions: 86COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00413450 Relevance: 7.6, APIs: 5, Instructions: 56windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048693F Relevance: 7.5, APIs: 5, Instructions: 38threadCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048DC29 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 207timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049C878 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 81windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043E8C0 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 63windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004983F1 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 36memoryCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0046A7B7 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 29stringCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00499CE3 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27stringCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004844FB Relevance: 6.5, APIs: 5, Instructions: 278COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048AF3C Relevance: 6.4, APIs: 5, Instructions: 102memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042E9B0 Relevance: 6.2, APIs: 4, Instructions: 246COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048C9F0 Relevance: 6.2, APIs: 4, Instructions: 170fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0042CAD0 Relevance: 6.2, APIs: 4, Instructions: 169windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004409A0 Relevance: 6.2, APIs: 4, Instructions: 162COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00419E10 Relevance: 6.1, APIs: 4, Instructions: 145COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040E0A0 Relevance: 6.1, APIs: 4, Instructions: 144windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048C800 Relevance: 6.1, APIs: 4, Instructions: 135fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00438750 Relevance: 6.1, APIs: 4, Instructions: 108windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044CAF0 Relevance: 6.1, APIs: 4, Instructions: 100windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049A2C1 Relevance: 6.1, APIs: 4, Instructions: 87windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00415B50 Relevance: 6.1, APIs: 4, Instructions: 84windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00481881 Relevance: 6.1, APIs: 4, Instructions: 81COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0044D390 Relevance: 6.1, APIs: 4, Instructions: 73windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00416470 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040F160 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040C6E0 Relevance: 6.1, APIs: 4, Instructions: 63windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004183A0 Relevance: 6.1, APIs: 4, Instructions: 58windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0046A817 Relevance: 6.1, APIs: 4, Instructions: 55stringCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043D990 Relevance: 6.1, APIs: 4, Instructions: 54windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00492EDA Relevance: 6.1, APIs: 4, Instructions: 52COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004917BD Relevance: 6.0, APIs: 4, Instructions: 50COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040C780 Relevance: 6.0, APIs: 4, Instructions: 49windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00495892 Relevance: 6.0, APIs: 4, Instructions: 49COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049590B Relevance: 6.0, APIs: 4, Instructions: 49windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00495FFA Relevance: 6.0, APIs: 4, Instructions: 43COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049911C Relevance: 6.0, APIs: 4, Instructions: 42COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00499185 Relevance: 6.0, APIs: 4, Instructions: 42COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0043D300 Relevance: 6.0, APIs: 4, Instructions: 38COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00499DCD Relevance: 6.0, APIs: 4, Instructions: 29stringCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0040EAC0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 59windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00424C90 Relevance: 5.1, APIs: 4, Instructions: 97COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049C238 Relevance: 5.1, APIs: 4, Instructions: 62COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0048AA9A Relevance: 5.1, APIs: 4, Instructions: 53memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0049D009 Relevance: 5.0, APIs: 4, Instructions: 36COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 004891BB Relevance: 5.0, APIs: 4, Instructions: 12COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|